Proxy Server with mod_security http://doc.pfsense.org/index.php/ProxyServerModSecurity_package http://www.modsecurity.org/ ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Network Management 0.1.0 ALPHA-ALPHA-ALPHA 2.0 http://www.pfsense.com/packages/config/apache_mod_security/apache_mod_security.xml http://files.pfsense.org/packages/7/All/ mod_security-2.5.9.tbz apache-2.2.11_7.tbz db42-4.2.52_5.tbz gdbm-1.8.3_3.tbz apr-gdbm-db42-1.3.5.1.3.7_3.tbz apache_mod_security.xml Please visit the ProxyServer settings tab and set the service up so that it may be started. frickin The Frickin PPTP Proxy allows a Point-to-Point Tunneling Protocol (PPTP) client to connect to a PPTP server through Network Address Translation. http://www.placid.tv Services 2.0 ALPHA 1.2.2 http://www.pfsense.com/packages/config/frickin/frickin.xml frickin.xml Please visit the Frickin PPTP settings tab and press save after setting the service up to start. pure-ftpd http://www.pureftpd.org/ *DO NOT RUN THIS ON A FIREWALL. USE A DEDICATED MACHINE!* Pure FTPd Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerabilities, is trivial to set up, and is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more. FTP http://www.pfsense.com/packages/config/pure-ftpd.xml http://files.pfsense.org/packages/7/All/ pure-ftpd-1.0.20_3.tbz 1.0.21 Stable pure-ftpd.xml 2.0 ftp pure-ftpd.log Avahi http://doc.pfsense.org/index.php/Avahi_package http://www.avahi.org/ Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi. Network Management http://files.pfsense.org/packages/7/All/ 0.6.25 ALPHA 1.2.3 http://www.pfsense.com/packages/config/avahi/avahi.xml avahi.xml Please visit the Avahi settings tab and select which interfaces you do not wish Avahi to listen on and click save to start the service. ntop http://www.ntop.org/ ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Network Management http://files.pfsense.org/packages/7/All/ ntop-3.3.8.tbz gdbm-1.8.3_3.tbz perl-5.8.8_1.tbz 3.3.8 BETA 1.2.1 http://www.pfsense.com/packages/config/ntop/ntop.xml ntop.xml Pubkey pfSense release key http://pfsense.org System 1.0 1.0 RELEASE http://doc.pfsense.org/index.php/Pubkey_package http://www.pfsense.org/packages/config/pubkey.xml pubkey.xml The pfSense release key has been updated. Dashboard Adds pfSense dashboard that will be included with 2.0. WARNING! Cannot be deinstalled. System http://www.pfsense.com/packages/config/dashboard/dashboard.xml 0.8.3_1 BETA 1.2 1.9 dashboard.xml FreeSWITCH http://www.freeswitch.org/ FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. It can be used as a simple switching engine, a PBX, a media gateway or a media server to host IVR applications using simple scripts or XML to control the callflow. pfSense 1.2.3 or higher is recommended. Services http://doc.pfsense.org/index.php/FreeSWITCH http://www.pfsense.com/packages/config/freeswitch/freeswitch.xml http://files.pfsense.org/packages/7/All/ 0.9.3 Beta 1.2.1 markjcrane@gmail.com freeswitch.xml Notes Track things you want to note for this system. Status http://www.pfsense.com/packages/config/notes/notes.xml http://files.pfsense.org/packages/7/All/ 0.2.4 Stable 1.2.1 markjcrane@gmail.com notes.xml TFTP Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more. Services http://www.pfsense.com/packages/config/tftp/tftp.xml http://files.pfsense.org/packages/7/All/ 1.0.6 Stable 1.2.1 markjcrane@gmail.com tftp.xml PHPService PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog. Services http://doc.pfsense.org/index.php/PHPService http://www.pfsense.com/packages/config/phpservice/phpservice.xml http://files.pfsense.org/packages/7/All/ 0.4.1 Beta 1.2.1 markjcrane@gmail.com phpservice.xml Backup Tool to Backup and Restore files and directories. System http://www.pfsense.com/packages/config/backup/backup.xml http://files.pfsense.org/packages/7/All/ 0.1.6 Stable 1.2 markjcrane@gmail.com backup.xml Cron The cron utility is used to manage commands on a schedule. Services http://www.pfsense.com/packages/config/cron/cron.xml http://files.pfsense.org/packages/7/All/ 0.2 Beta 1.2 markjcrane@gmail.com cron.xml Shellcmd The shellcmd utility is used to manage commands on system startup. Services http://www.pfsense.com/packages/config/shellcmd/shellcmd.xml http://files.pfsense.org/packages/7/All/ 0.4 Beta 1.2 markjcrane@gmail.com shellcmd.xml snort Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Security http://files.pfsense.org/packages/70/All/ libdnet-1.11_3.tbz pcre-7.9.tbz mysql-client-5.1.34.tbz snort-2.8.4.1.tbz http://www.pfsense.com/packages/config/snort/snort.xml 2.8.4.1 1.2.2 Stable snort.xml Please visit the Snort settings tab and enter your oinkid code. Afterwards visit the update rules tab to download the snort rules. spamd http://www.openbsd.org/spamd/ Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later. Services http://www.pfsense.com/packages/config/spamd.xml http://files.pfsense.org/packages/7/All/ spamd-4.1.2.tbz 4.3.7 Stable 1.2.1 spamd.xml spamd spamd.log siproxd http://siproxd.sourceforge.net/ Proxy for handling NAT of multiple SIP devices to a single public IP. Services http://www.pfsense.com/packages/config/siproxd.xml http://files.pfsense.org/packages/7/All/ siproxd-0.7.0_1.tbz http://doc.pfsense.org/index.php/Siproxd_package 0.7.2 Beta 1.2.1 siproxd.xml OpenBGPD OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. NET http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml 0.4 STABLE 1.3 openbgpd.xml http://files.pfsense.org/packages/7/All/ openbgpd-4.0.tbz Lightsquid High perfomance web proxy report. Requires squid. http://lightsquid.sf.net/ Network 1.7.1 dv_serg@mail.ru http://files.pfsense.org/packages/7/All/ lightsquid-1.7.1_1.tbz Beta1 1.2.1 http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml lightsquid.xml vnstat http://humdi.net/vnstat/ A console-based network traffic monitor + vnstat PHP frontend Network Management http://www.pfsense.com/packages/config/vnstat/bin/ vnstat-1.6_3.tbz 1.6.3 Stable 1.2.3 crazypark2@yahoo.dk http://www.pfsense.com/packages/config/vnstat/vnstat.xml vnstat.xml phpSysInfo http://phpsysinfo.sourceforge.net/ PHPSysInfo is a customizable PHP Script that parses /proc, and formats information nicely. It will display information about system facts like Uptime, CPU, Memory, PCI devices, SCSI devices, IDE devices, Network adapters, Disk usage, and more. System 2.5.4 Beta 1.0 http://www.pfsense.com/packages/config/phpsysinfo/bin/ mbmon-205_4.tbz http://www.pfsense.com/packages/config/phpsysinfo/phpsysinfo.xml phpsysinfo.xml Fit123 http://pfsense.comuf.com With Fit123 a small set of features can be added to pfSense 1.2.3 (Date)Adds current date to front page (LTSP)Adds 3th network boot option (After Filter Change) Clear states after filter reload (DNS Servers)Adds option for a 3th and 4th DNS Server (DDNS)A more customize way to update dynamic dns (Themes)On install Code-red and the pfsense ng theme are added to the list of avalible themes. System 0.0.5 ALPHA 1.2.3 crazypark2@yahoo.dk http://www.pfsense.com/packages/config/Fit123/fit123.xml fit123.xml dns-server pfSense version of TinyDNS which features failover host support http://cr.yp.to/djbdns.html Services 1.0.6.3 Beta http://doc.pfsense.org/index.php/Tinydns_package 1.2 http://www.pfsense.com/packages/config/tinydns/tinydns.xml tinydns.xml http://files.pfsense.org/packages/7/All/ ucspi-tcp-0.88_2.tbz daemontools-0.76_12.tbz djbdns-1.05_12.tbz Open-VM-Tools VMware Tools http://open-vm-tools.sourceforge.net/ Services 102166_7_1 Stable http://doc.pfsense.org/index.php/Open_VM_Tools_package 1.2.1 http://www.pfsense.org/packages/config/open-vm-tools/open-vm-tools.xml open-vm-tools.xml http://files.pfsense.org/packages/7/All/ open-vm-tools-nox11-102166_7.tbz libtool-1.5.26.tbz libiconv-1.11_1.tbz libdnet-1.11_2.tbz icu-3.8.1_1.tbz gmake-3.81_3.tbz gettext-0.17_1.tbz AutoConfigBackup portal@bsdperimeter.com Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires pfSense Premium Support Portal Subscription from https://portal.pfsense.org https://portal.pfsense.org Services 1.15 BETA 1.2 http://doc.pfsense.org/index.php/AutoConfigBackup http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.xml autoconfigbackup.xml arping Broadcasts a who-has ARP packet on the network and prints answers. http://www.habets.pp.se/synscan/programs.php?prog=arping Services 2.06 Beta http://doc.pfsense.org/index.php/Arping_package 1.0.1 http://www.pfsense.com/packages/config/arping/arping.xml arping.xml http://files.pfsense.org/packages/7/All/ arping-2.06.tbz nmap billm@pfsense.org NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ. Security http://files.pfsense.org/packages/7/All/ nmap-4.76.tbz http://www.pfsense.com/packages/config/nmap/nmap.xml 4.76 Stable http://doc.pfsense.org/index.php/Nmap_package 1.2.1 nmap.xml imspector IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees. http://www.imspector.org/ Network Management billm@pfsense.org 0.8-9 1.2.1 BETA http://doc.pfsense.org/index.php/IMSpector_package http://www.pfsense.com/packages/config/imspector/imspector.xml imspector.xml http://files.pfsense.org/packages/7/All/ imspector-0.8.tbz libiconv-1.11_1.tbz mysql-client-5.0.77.tbz sqlite3-3.6.10.tbz nut Network UPS Tools http://www.networkupstools.org/ Network Management 2.0.4_1 BETA 1.2.1 rswagoner@gmail.com http://www.pfsense.com/packages/config/nut/nut.xml nut.xml http://files.pfsense.org/packages/7/All/ nut-2.2.2.tbz diag_new_states Paul Taylors version of Diagnostics States which utilizes pftop. http://www.addressplus.net Network Management 0.2 ptaylor@addressplus.net 1.2.1 BETA http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml darkstat http://dmr.ath.cx/net/darkstat/ darkstat is a network statistics gatherer. It's a packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP. Network Management http://www.pfsense.com/packages/config/darkstat/bin/ darkstat-3.0.712.tbz gettext-0.17_1.tbz 3.0.712 Stable 1.2.1 sullrich+pfsp@gmail.com http://www.pfsense.com/packages/config/darkstat/darkstat.xml darkstat.xml pfflowd http://www.mindrot.org/pfflowd.html pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate. Network Management http://www.pfsense.com/packages/config/pfflowd.xml ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/All pfflowd-0.7.tbz 0.7 Stable 1.2.1 pfflowd.xml nick@buraglio.com widentd RFC1413 auth/identd daemon with fixed fake reply http://www.webweaving.org/widentd Services http://files.pfsense.org/packages/7/All/ widentd-1.03_1.tbz 1.03_1 Stable http://doc.pfsense.org/index.php/Widentd_package 1.2.1 http://www.pfsense.com/packages/config/widentd.xml widentd.xml freeradius http://www.freeradius.org/ A free implementation of the RADIUS protocol. System 1.1.2_1 BETA 1.2.1 none http://files.pfsense.org/packages/7/All/ freeradius-1.1.7_3.tbz libltdl-1.5.26.tbz http://www.pfsense.org/packages/config/freeradius.xml freeradius.xml bandwidthd http://bandwidthd.sourceforge.net/ BandwidthD tracks usage of TCP/IP network subnets and builds html files with graphs to display utilization. Charts are built by individual IPs, and by default display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each ip address's utilization can be logged out at intervals of 3.3 minutes, 10 minutes, 1 hour or 12 hours in cdf format, or to a backend database server. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color coded. System 2.0.1.2 BETA 1.2.1 http://files.pfsense.org/packages/7/All/ bandwidthd-2.0.1_1.tbz libiconv-1.11_1.tbz http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml bandwidthd.xml stunnel http://www.stunnel.org/ An SSL encryption wrapper between remote client and local or remote servers. Network Management http://files.pfsense.org/packages/7/All/ stunnel-4.25.tbz 4.30.1 Stable http://doc.pfsense.org/index.php/Stunnel_package 1.2.1 http://www.pfsense.com/packages/config/stunnel.xml stunnel.xml iperf http://dast.nlanr.net/Projects/Iperf/ Iperf is a tool for testing network throughput, loss, and jitter. Network Management http://www.pfsense.com/packages/config/iperf.xml http://files.pfsense.org/packages/7/All/ iperf-2.0.4.tbz 2.0.2_1 Beta http://doc.pfsense.org/index.php/Iperf_package 1.2.1 iperf.xml netio http://freshmeat.net/projects/netio/ This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes. Network Management http://www.pfsense.com/packages/config/netio.xml http://files.pfsense.org/packages/All netio-1.26.tbz 1.26 2.0 ALPHA netio.xml mtr-nox11 billm@pfsense.org Enhanced traceroute replacement http://www.bitwizard.nl/mtr/ Network Management http://files.pfsense.org/packages/7/All/ mtr-nox11-0.73_1.tbz 0.65_2 Stable 2.0 http://www.pfsense.com/packages/config/mtr-nox11.xml mtr-nox11.xml squid High performance web proxy cache. http://www.squid-cache.org/ Network 2.6.21_10 Stable 1.2.1 fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com http://files.pfsense.org/packages/7/All/ squid-2.6.21.tbz squid_radius_auth-1.10.tbz openldap-client-2.4.10.tbz http://www.pfsense.org/packages/config/squid/squid.xml squid.xml squid3 EXPERIMENTAL! Not all directives are ported yet! High performance web proxy cache. http://www.squid-cache.org/ Network 3.0.8_08 ALPHA 1.2.1 fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com http://files.pfsense.org/packages/7/All/ squid-3.0.8.tbz squid_radius_auth-1.10.tbz openldap-client-2.4.10.tbz http://www.pfsense.org/packages/config/squid3/squid.xml squid.xml LCDproc LCD display driver http://www.lcdproc.org/ Utility lcdproc-0.5.2_3 BETA 1.2.1 seth.mos@xs4all.nl http://files.pfsense.org/packages/7/All/ lcdproc-0.5.2_2.tbz http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml lcdproc.xml arpwatch Arpwatch monitors ethernet/ip address pairings. It also logs certain changes to syslog. http://www-nrg.ee.lbl.gov/ Security http://files.pfsense.org/packages/7/All/ arpwatch-2.1.a15_4.tbz 2.1.a13 ALPHA 2.0 http://www.pfsense.com/packages/config/arpwatch.xml arpwatch.xml arpwatch arpwatch.log squidGuard High perfomance web proxy URL filter. Required proxy Squid package. http://www.squidGuard.org/ dv_serg@mail.ru Network Management 1.3-2 Beta 1.1 http://files.pfsense.org/packages/7/All/ squidGuard-1.3_1.tbz http://www.pfsense.org/packages/config/squidGuard/squidguard.xml squidguard.xml Zabbix Agent Monitoring agent. Services http://www.pfsense.com/packages/config/zabbix-agent/zabbix-agent.xml 0.22 FINAL 1.2.3 zabbix-agent.xml remco.verhoef@redfive.biz http://www.pfsense.com/packages/config/zabbix-agent/bin/ zabbix-agent-1.4.5,2.tbz OpenVPN Client Export Utility Allows a pre-configured OpenVPN Windows Client to be exported directly from pfSense. Security http://files.pfsense.org/packages/7/All/ p7zip-4.58.tbz 0.1 BETA 2.0 http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml openvpn-client-export.xml HAVP antivirus http://www.server-side.de/ Antivirus: HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone. And File Scanner for local files. Network Management http://files.pfsense.org/packages/7/All/ havp-0.88.tbz 0.88_05 ALPHA 1.2.2 http://www.pfsense.com/packages/config/havp/havp.xml havp.xml dv_serg@mail.ru Please check the HAVP settings. onatproto Patch to add Protocol options to Manual Outbound NAT. WARNING! Cannot be uninstalled. System http://www.pfsense.com/packages/config/onatproto/onatproto.xml 0.1 BETA 1.2.1 1.2.3 pfJailctl pfSense wrapper for jailctl - a jail management tool. Allows you to run jails on pfSense. http://anduin.net/jailctl/ System 0.51 1.2.3 BETA http://doc.pfsense.org/index.php/PfJailctl_package http://www.pfsense.com/packages/config/jailctl.xml jailctl.xml ltning-jailctl@anduin.net jail_template Basic template for jails, probably requires pfJailctl to be useful. Includes 'base' and 'manpages' dists. http://anduin.net/jailctl/ System 0.2 1.2.3 BETA http://doc.pfsense.org/index.php/PfJailctl_package http://www.pfsense.com/packages/config/jail_template.xml jail_template.xml ltning-jailctl@anduin.net IGMPproxy An IGMP proxy for multicast traffic. Network 0.1 1.2.2 BETA http://doc.pfsense.org/index.php/IGMPproxy http://www.pfsense.com/packages/config/igmpproxy/igmpproxy.xml igmpproxy.xml eri@pfsense.org NRPE v2 http://example.org NRPE is an addon for Nagios that allows you to execute plugins on remote Linux/Unix hosts. This is useful if you need to monitor local resources/attributes like disk usage, CPU load, memory usage, etc. on a remote host. Services http://www.pfsense.com/packages/config/nrpe2/bin/ nrpe-2.12_1.tbz nagios-plugins-1.4.13,1.tbz http://www.pfsense.com/packages/config/nrpe2/nrpe2.xml 2.11 Beta 1.2 erik@erikkristensen.com nrpe2.xml OpenVPN-Enhancements mfuchs77@googlemail.com http://pfsense.trendchiller.com Enhance OpenVPN with TLS-auth and client/server-options. WARNING! Cannot be uninstalled. Security 1.0 STABLE 1.2 1.2.9 http://www.pfsense.com/packages/config/ovpnenhance/ovpnenhance.xml ovpnenhance.xml rate This package adds a table of realtime bandwidth usage by IP address to Status -> Traffic Graphs Network Management 0.9 BETA jimp@pfsense.org 1.2.2 http://files.pfsense.com/packages/7/All/ rate-0.9.tbz http://www.pfsense.org/packages/config/rate/rate.xml rate.xml