PFSense Solutions

PFSense Packages :

Offers may be set up using the Program Administrator, located beneath System selection. The Program Administrator will show all the available packages along with brief information of their function. To set up a deal, click the "Add" symbol on the far right of the site. A set up conversation will then start and show success. Upon effective realization a deal set up, the new package will show up under the "Installed Packages" tab of the pfSense Program Administrator.

Removing a pfSense package is in the same way easy. From the Installed Offers view, choose the "Remove" symbol from the far right of the site. This will release the package set up schedule, which will show the success of the package elimination.

Packages list given below

Asterisk Asterisk is an open source framework for building communications applications.
Asterisk turns an ordinary computer into a communications server.

anyterm: Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!

Apache with mod_security-dev ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.

Avahi Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.

AutoConfigBackup Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires pfSense Premium Support Portal Subscription from https://portal.pfsense.org

arping Broadcasts a who-has ARP packet on the network and prints answers.

arpwatch Arpwatch monitors ethernet/ip address pairings. It also logs certain changes to syslog.

Backup Tool to Backup and Restore files and directories.

bandwidthd BandwidthD tracks usage of TCP/IP network subnets and builds html files with graphs to display utilization. Charts are built by individual IPs, and by default display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each ip address's utilization can be logged out at intervals of 3.3 minutes, 10 minutes, 1 hour or 12 hours in cdf format, or to a backend database server. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color coded.

blinkled Allows you to use LEDs for network activity on supported platforms (ALIX, WRAP, Soekris, etc)

bacula-client Bacula is a set of Open Source, computer programs that permit you (or the system administrator) to manage backup, recovery, and verification of computer data across a network of computers of different kinds.

Country Block Block countries - This has been replaced by pfblocker. This is a legacy app

Cron The cron utility is used to manage commands on a schedule.

Dansguardian DansGuardian is an award winning Open Source web content filter.
It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering.
It does not purely filter based on a banned list of sites like lesser totally commercial filters.
For all non-commercial it's free, without cost.
For all commercial use visit dansguardian website to get a licence.

dns-server pfSense version of TinyDNS which features failover host support

diag_new_states Paul Taylors version of Diagnostics States which utilizes pftop.

darkstat darkstat is a network statistics gatherer. It's a packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP.

Dashboard Widget: Snort Dashboard widget for Snort.

Dashboard Widget: HAVP Dashboard widget for HAVP alerts.

Dashboard Widget: Antivirus Status Dashboard widget for HAVP status.

Filer Allows you to create and overwrite files from the GUI.

File Manager PHP File Manager

FreeSWITCH FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. It can be used as a simple switching engine, a PBX, a media gateway or a media server to host IVR applications using simple scripts or XML to control the callflow.

FreeSWITCH Dev FreeSWITCH package development version.

freeradius A free implementation of the RADIUS protocol.

freeradius2 A free implementation of the RADIUS protocol.
Support: MySQL, PostgreSQL, LDAP, Kerberos
FreeRADIUS and FreeRADIUS2 settings are not compatible so don't use them together or try to update
On pfSense docs there is a how-to which could help you on porting users.

gwled Allows you to use LEDs for gateway status on supported platforms (ALIX, WRAP, Soekris, etc)

haproxy The Reliable, High Performance HTTP Load Balancer
This package implements HTTP balance features from Haproxy.

haproxy-full The Reliable, High Performance TCP/HTTP Load Balancer
This package implements both TCP and HTTP balance features from Haproxy.

HAVP antivirus Antivirus: HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone. And File Scanner for local files.

IP-Blocklist IP-Blocklist is PeerGuardian2 but on pfsense. This package has been replaced by pfblocker.

Ipguard-dev Ipguard listens network for ARP packets. All permitted MAC-IP pairs listed in config files.
If it recieves one with MAC-IP pair, which is not listed in 'ethers' file, it will send ARP reply with configured fake address.
This will prevent not permitted host to work properly in local ethernet segment.

imspector IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.

imspector-dev IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.

iperf Iperf is a tool for testing network throughput, loss, and jitter.

jail_template Basic template for jails, probably requires pfJailctl to be useful. Includes 'base' and 'manpages' dists.

Lightsquid High perfomance web proxy report (LightSquid). Proxy realtime stat (SQStat). Requires squid HTTP proxy.

LCDproc LCD display driver

LCDproc-dev LCD display driver - Development version

mailscanner-dev MailScanner is an e-mail security and anti-spam package for e-mail gateway systems.
This is a level3 mail scanning tool with high CPU load.

mtr-nox11 Enhanced traceroute replacement

mailreport Allows you to setup periodic e-mail reports containing RRD graphs.

Notes Track things you want to note for this system.

nmap NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.

nut Network UPS Tools

netio This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes.

NRPE v2 NRPE is an addon for Nagios that allows you to execute plugins on remote Linux/Unix hosts. This is useful if you need to monitor local resources/attributes like disk usage, CPU load, memory usage, etc. on a remote host.

OpenBGPD OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol.

OpenOSPFD This package is now considered deprecated. Please use the Quagga OSPF instead. -- WARNING! Installs files to the same place as Quagga OSPF. Installing both will result in a broken state, remove this package before installing Quagga OSPF.

Open-VM-Tools VMware Tools

Open-VM-Tools-8.8.1 VMware Tools

OpenVPN Client Export Utility Allows a pre-configured OpenVPN Windows Client or or Mac OSX's Viscosity configuration bundle to be exported directly from pfSense.

OpenVPN tap Bridging Fix Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled.

pfBlocker Introduce Enhanced Aliastable Feature to pfsense.
Assign many IP urls lists from sites like I-blocklist to a single alias and then choose rule action to take.
This package also Block countries and IP ranges.
pfBlocker replaces Countryblock and IPblocklist.

Proxy Server with mod_security ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.

PHPService PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog.

Postfix Forwarder Postfix mail forwarder acts as a relay server for your domain.
It can do first and second line antispam combat before sending incoming mail to local mail servers.
Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution.

phpSysInfo PHPSysInfo is a customizable PHP Script that parses /proc, and formats information nicely. It will display information about system facts like Uptime, CPU, Memory, PCI devices, SCSI devices, IDE devices, Network adapters, Disk usage, and more.

pfflowd pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate.

pfJailctl pfSense wrapper for jailctl - a jail management tool. Allows you to run jails on pfSense.

Quagga OSPF OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD. Installing both will break things.

RRD Summary RRD Summary Page, which will give a total amount of traffic passed In/Out during this and the previous month.

Strikeback Detect port scans with iplog and strikeback

snort Snort is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection.

snort-dev Snort-dev is a development branch.

spamd Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later.

siproxd Proxy for handling NAT of multiple SIP devices to a single public IP.

Sarg Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.
Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...

stunnel An SSL encryption wrapper between remote client and local or remote servers.

squid3 High performance web proxy cache.
It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.
It includes an Exchange-Web-Access (OWA) Assistant.

Shellcmd The shellcmd utility is used to manage commands on system startup.

SSHDCond Allows to define SSH overrides for users,groups,hosts and addresses using Match in a convenient way.
This package acts as an access list frontend for ssh connections

System Patches A package to apply and maintain custom system patches.

TFTP Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more.

Unbound Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.

vHosts It is a web server package that can host HTML, Javascript, CSS, and PHP. It uses the lighttpd web server that is already installed. It uses PHP5 in FastCGI mode and has access to PHP Data Ojbects and PDO SQLite.

Varnish Varnish is a state-of-the-art, high-performance HTTP accelerator.
It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.

Varnish3 Varnish is a state-of-the-art, high-performance HTTP accelerator.
It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.
Version 3.0.2 includes streaming support

vnstat2 Vnstat is a console-based network traffic monitor
The vnstat PHP frontend and vnstati adds a more user friendly way of displaying traffic usage.

widentd RFC1413 auth/identd daemon with fixed fake reply

widescreen The package makes pfSense adapt to browser's current width. It is particularly convenient for Status->Dashboard page that allocates columns for widgets according to browser's current width. ATTENTION: the package heavily modifies pfsense_ng theme and affects other's themes appearance. Please REFRESH your browser's window after installing/uninstalling this package.

Zabbix Agent Monitoring agent.

Zabbix Proxy Monitoring agent proxy.

zebedee Zebedee is a simple program to establish an encrypted, compressed "tunnel" for TCP/IP or UDP data transfer between two systems.
This allows traffic such as telnet, ftp and X to be protected from snooping as well as potentially gaining performance over low-bandwidth networks from compression.