Netgate SG-1000 microFirewall

Author Topic: Packages wishlist?  (Read 276560 times)

0 Members and 1 Guest are viewing this topic.

Offline hescominsoon

  • Newbie
  • *
  • Posts: 21
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #615 on: August 31, 2017, 08:39:34 pm »
How about the latest ntopng package?..:)

Offline JohnPFsense

  • Newbie
  • *
  • Posts: 12
  • Karma: +1/-0
    • View Profile
Re: Packages wishlist?
« Reply #616 on: September 15, 2017, 06:24:17 am »
PassiveDNS

Something like this: https://github.com/gamelinux/passivedns

I find the idea so simple, the potential quite big.


Offline Music Wizard

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +1/-0
    • View Profile
Re: Packages wishlist?
« Reply #617 on: October 21, 2017, 02:21:53 pm »
ZNC for  2.4.X

Offline Gil

  • Full Member
  • ***
  • Posts: 106
  • Karma: +3/-0
    • View Profile
Re: Packages wishlist?
« Reply #618 on: October 30, 2017, 10:21:21 pm »
Been mentioned before - some time ago I believe - Webdav package. - Great for IoT devices.

11 cheers for binary

Offline Uranus

  • Jr. Member
  • **
  • Posts: 30
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #619 on: November 07, 2017, 10:22:11 pm »
Package for CUDA installation and compile Suricata with support CUDA.
This will allow even an inexpensive video card to increase the performance without increasing processor power

BlueKobold

  • Guest
Re: Packages wishlist?
« Reply #620 on: November 08, 2017, 05:31:40 am »
Quote
- bacula client
- icinga2 client (yes I know there is nrpe)
Bacula / If you install a soft mirror of two SSDs as RAID1 and one disk is failing you could easy swap it over
and rebuild the system, and during that phasis the second or slave unit from your pfSense HA cluster will do
the entire job within.

Incinga2/ Is a monitoring software and works great together with MySQL on FreeBSD and yes Netgate is
also offering little small computer units such the MinnowTrurbot that you are able to run it there with ease!
Alternately I can say a small unit with CACTI & MRTG will do this job well too! Or did you hear about ELK?
ELK, ElasticSearch, Logstash & Kibana It is more to you to write code to get flavor working sensors on
your Incinga2 platform then a packet in pfSense.

Quote
it would be great to get Ufdbguard as a package for Pfsense.
Is there a way I can contribute / facilate with that request?
Please have a look at their pricing list and ask them to do this job it self, based on the commercial
concern it should be in their interest first! Price list

Quote
PassiveDNS
Would be nice to see how it works on a firewall.

Quote
ZNC for  2.4.X
This is not an IRC bouncer or?

Quote
Been mentioned before - some time ago I believe - Webdav package. - Great for IoT devices.
Is this not more for NAS devices available as a packet?

Quote
Package for CUDA installation and compile Suricata with support CUDA.
Would be Intel Xeon Phi, Intels QuickAssist or DPDK matching better to snort or suricata?
Or a small miniPCIe or PCIe card with an ASIC or FPGA likes the Xilinx Spartan 6 on it?


Offline bsu3338

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #621 on: November 10, 2017, 11:56:32 am »
I have seen some post about Samba and NTLM for Squid, but I would also like to see Samba included for ntlm_auth in FreeRADIUS 3.x for PEAP authentication against Active Directory.

http://wiki.freeradius.org/guide/freeradius-active-directory-integration-howto


Offline Deadpool

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #622 on: December 13, 2017, 04:44:02 am »
+1 for privoxy

Offline sektor

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #623 on: January 02, 2018, 10:55:13 pm »
My wish is very simple . . .  fail2ban or equivalent.  Where I could setup arguments to scan the logs and modify firewall rules based off those.

Currently running fail2ban on many downstream devices paired with IPtables and it works great.  It would be nice to have the package scan remote logs as well; for instance, scan Apache logs and make changes at the firewall when an attack is happening.

+1 for this as well I think this is a really good idea.

Offline sektor

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #624 on: January 02, 2018, 10:57:08 pm »

Offline sektor

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #625 on: January 02, 2018, 11:00:42 pm »
An updated postfix package isn't going to happen.  That was announced on GitHub.

What I resorted to was creating a new FreeBSD VM and installing postfix on that - as suggested in the postfix thread. 

When that was working I put fail2ban on there as well.  I'd often thought about using those two together.  fail2ban updated a local pf table to block the spammers but I wasn't happy with the spammers getting past pfSense to the postfix/fail2ban server.

Then I found that I could have fail2ban call OpenBGPD to update an alias table on pfSense.  A feedback loop.  Who knows why the authors of OpenBGPD put that feature in but I'm sure glad they did.

In the end it's a better solution than postfix on pfSense but it was far from a trivial exercise for me  ;)

Could you share how you did this because I currently run fail2ban on my sme server, but am interested in setting up a backup mx and thought I could do it with pfsense, but your way doesn't seem too bad especially being you are passing the rules to pfsense.

Offline pwilliz

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Packages wishlist?
« Reply #626 on: January 12, 2018, 01:38:14 pm »
I would like to see an MQTT broker like https://mosquitto.org/ (sonething that handles local MQTT) available in pfSense.

Reason is that there are many scenarios where IOT devices need to be run locally and not in the cloud.

I am currently working on such a product.

Currently we need the consumer to buy a Micro Appliance device running pfSense and then a separate hub to manage MQTT. But MQTT is all about packets, security and network management so putting this on the pfSense device means one less device to manage and better packaging and safety for the consumer.