snort Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Security http://files.pfsense.org/packages/7/All/ snort-2.8.2.1.tbz http://www.pfsense.com/packages/config/snort/snort.xml 2.8.2.1 1.2 Stable snort.xml spamd http://www.openbsd.org/spamd/ Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later. Services http://www.pfsense.com/packages/config/spamd.xml http://files.pfsense.org/packages/7/All/ spamd-4.1.2.tbz 4.3.7 Stable 1.2.1 sullrich+pfsp@gmail.com spamd.xml spamd spamd.log siproxd http://siproxd.sourceforge.net/ Siproxd is a proxy/masquerading daemon for the SIP protocol. It handles registrations of SIP clients on a private IP network and performs rewriting of the SIP message bodies to make SIP connections possible via a masquerading firewall. It allows SIP clients (like kphone, linphone) to work behind an IP masquerading firewall or router. Services http://www.pfsense.com/packages/config/siproxd.xml http://files.pfsense.org/packages/7/All/ siproxd-0.7.0_1.tbz 0.7.1 ALPHA 1.2.1 siproxd.xml OpenBGPD OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. NET http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml 0.4 ALPHA 1.3 openbgpd.xml http://files.pfsense.org/packages/7/All/ openbgpd-4.0.tbz Lightsquid High perfomance web proxy report. Requires squid. http://lightsquid.sf.net/ Network 1.7.1 dv_serg@mail.ru http://files.pfsense.org/packages/7/All/ lightsquid-1.7.1_1.tbz Beta1 1.2.1 http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml lightsquid.xml dns-server pfSense version of TinyDNS which features failover host support http://cr.yp.to/djbdns.html Services 1.0.3 ALPHA 1.2.1 http://www.pfsense.com/packages/config/tinydns/tinydns.xml tinydns.xml http://files.pfsense.org/packages/7/All/ ucspi-tcp-0.88_2.tbz daemontools-0.76_12.tbz djbdns-1.05_12.tbz arping Broadcasts a who-has ARP packet on the network and prints answers. VERY useful when you are trying to pick an unused IP for a net that you don't yet have routing to. Then again, if you have no idea what I'm talking about then you prolly don't need it. http://www.habets.pp.se/synscan/programs.php?prog=arping Services 2.05 ALPHA 1.0.1 http://www.pfsense.com/packages/config/arping/arping.xml arping.xml http://files.pfsense.org/packages/7/All/ arping-2.06.tbz nmap billm@pfsense.org NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ. Security http://files.pfsense.org/packages/7/All/ nmap-4.62.tbz http://www.pfsense.com/packages/config/nmap/nmap.xml 4.20_1 Stable 1.2.1 nmap.xml imspector IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees. http://www.imspector.org/ Network Management rswagoner@gmail.com 0.4 1.0.1 BETA http://www.pfsense.com/packages/config/imspector/imspector.xml imspector.xml http://files.pfsense.org/packages/7/All/ imspector-0.5.tbz nut Network UPS Tools http://www.networkupstools.org/ Network Management 2.0.4 BETA 1.2.1 rswagoner@gmail.com http://www.pfsense.com/packages/config/nut/nut.xml nut.xml http://files.pfsense.org/packages/7/All/ nut-2.2.2.tbz diag_new_states Paul Taylors version of Diagnostics States which utilizes pftop. http://www.addressplus.net Network Management 0.2 ptaylor@addressplus.net 1.2.1 BETA http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml darkstat http://dmr.ath.cx/net/darkstat/ darkstat is a network statistics gatherer. It's a packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP. Network Management http://files.pfsense.org/packages/7/All/ darkstat-3.0.708.tbz gettext-0.17_1.tbz 3.0.619 Stable 1.2.1 sullrich+pfsp@gmail.com http://www.pfsense.com/packages/config/darkstat/darkstat.xml darkstat.xml pfflowd http://www.mindrot.org/pfflowd.html pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate. Network Management http://www.pfsense.com/packages/config/pfflowd.xml ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/All pfflowd-0.7.tbz 0.7 Stable 1.2.1 pfflowd.xml nick@buraglio.com widentd RFC1413 auth/identd daemon with fixed fake reply http://www.webweaving.org/widentd Services http://files.pfsense.org/packages/7/All/ widentd-1.03_1.tbz 1.03_1 ALPHA 1.2.1 http://www.pfsense.com/packages/config/widentd.xml widentd.xml freeradius http://www.freeradius.org/ A free implementation of the RADIUS protocol. System 1.1.2_1 BETA 1.2.1 none http://files.pfsense.org/packages/7/All/ freeradius-1.1.7_3.tbz libltdl-1.5.26.tbz http://www.pfsense.org/packages/config/freeradius.xml freeradius.xml bandwidthd http://bandwidthd.sourceforge.net/ BandwidthD tracks usage of TCP/IP network subnets and builds html files with graphs to display utilization. Charts are built by individual IPs, and by default display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each ip address's utilization can be logged out at intervals of 3.3 minutes, 10 minutes, 1 hour or 12 hours in cdf format, or to a backend database server. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color coded. System 2.0.1.2 BETA 1.2.1 http://files.pfsense.org/packages/7/All/ bandwidthd-2.0.1_1.tbz libiconv-1.11_1.tbz http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml bandwidthd.xml stunnel http://www.stunnel.org/ The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote servers. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the program's code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. It calls the underlying crypto libraries, allowing stunnel to support whatever cryptographic algorithms you compiled into your crypto package. Network Management http://files.pfsense.org/packages/7/All/ stunnel-4.25.tbz 4.25 Stable 1.2.1 http://www.pfsense.com/packages/config/stunnel.xml stunnel.xml iperf http://dast.nlanr.net/Projects/Iperf/ Iperf is a tool for measuring maximum TCP and UDP bandwidth, reminiscent of ttcp and nettest. It has been written to overcome the shortcomings of those aging tools. Iperf can also test UDP bandwidth, loss, and jitter. Network Management http://www.pfsense.com/packages/config/iperf.xml http://files.pfsense.org/packages/7/All/ iperf-2.0.4.tbz 2.0.2_1 ALPHA 1.2.1 iperf.xml netio http://freshmeat.net/projects/netio/ This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes. Network Management http://www.pfsense.com/packages/config/netio.xml http://files.pfsense.org/packages/All netio-1.26.tbz 1.26 2.0 ALPHA netio.xml mtr-nox11 billm@pfsense.org Enhanced traceroute replacement http://www.bitwizard.nl/mtr/ Network Management http://files.pfsense.org/packages/7/All/ mtr-nox11-0.73_1.tbz 0.65_2 ALPHA 2.0 http://www.pfsense.com/packages/config/mtr-nox11.xml mtr-nox11.xml squid High performance web proxy cache. http://www.squid-cache.org/ Network 2.6.21_05 Stable 1.2.1 fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com http://files.pfsense.org/packages/7/All/ squid-2.6.21.tbz squid_radius_auth-1.10.tbz openldap-client-2.4.10.tbz http://www.pfsense.org/packages/config/squid/squid.xml squid.xml squid3 EXPERIMANTAL! Not all directives are ported yet! High performance web proxy cache. http://www.squid-cache.org/ Network 3.0.8_04 ALPHA 1.2.1 fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com http://files.pfsense.org/packages/7/All/ squid-3.0.8.tbz squid_radius_auth-1.10.tbz openldap-client-2.4.10.tbz http://www.pfsense.org/packages/config/squid3/squid.xml squid.xml LCDproc LCD display driver http://www.lcdproc.org/ Utility lcdproc-0.5.2_2 BETA 1.2.1 seth.mos@xs4all.nl http://files.pfsense.org/packages/7/All/ lcdproc-0.5.2_2.tbz http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml lcdproc.xml arpwatch Arpwatch monitors ethernet/ip address pairings. It also logs certain changes to syslog. http://www-nrg.ee.lbl.gov/ Security http://files.pfsense.org/packages/7/All/ arpwatch-2.1.a15_4.tbz 2.1.a13 ALPHA 2.0 http://www.pfsense.com/packages/config/arpwatch.xml arpwatch.xml arpwatch arpwatch.log squidGuard High perfomance web proxy filter. Required proxy Squid package. http://www.squidGuard.org/ dv_serg@mail.ru Network Management 1.3 Beta 1.1 http://files.pfsense.org/packages/7/All/ squidGuard-1.3_1.tbz http://www.pfsense.org/packages/config/squidGuard/squidguard.xml squidguard.xml Zabbix Agent Monitoring agent. Services http://www.pfsense.com/packages/config/zabbix-agent.xml 0.22 FINAL 1.2.1 zabbix-agent.xml remco.verhoef@redfive.biz ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/net-mgmt/ zabbix-agent-1.4.5,2.tbz