Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Marketplace
app-115003783985.png

PfSense Firewall

PfSense Firewall normalizes PfSense Firewall events and enables you to analyze PfSense Firewall data.

Release Details
Version: 5.1.0
Release date: May 08, 2024
Supported On: Logpoint v7.4.0 or later for log source template
SHA 256: acdb88a66baf7fc8dcdd781d77cf27eaba4ac5a6a535326a9b58e5fa2adb2d73
Download

Package Details

PfSense Firewall components:

  1. Normalization Packages
    • LP_PfSense Firewall 
    • LP_PfSense Firewall Process 
  2. Label Package
    • LP_PfSense Firewall 

 

 

Enhancement

Description Issue ID Reference ID
Added Syslog Collector based PfSense Firewall log source template, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template.

KB-22685

 -

Installation

To install PfSense Firewall:

  1. Download the .pak file from the Download link above. 
  2. Go to Settings >> System Settings from the navigation bar and click Applications.
  3. Click Import.
  4. Browse to the downloaded .pak file.
  5. Click Upload.

Past Release

PfSense Firewall v5.0.1

Release Date: April 06, 2022

Supported On: LogPoint v6.0.0 and later

Download: PfSense_Firewall_5.0.1.pak

SHA256: 14b43e7c7ed62497021d7b680e9c89c38c683e1209340bba0d0b3e8175b46a31

Enhancement

Description

Issue ID

Reference ID

Added new signatures in the LP_PfSense Firewall and LP_PfSense Firewall Process to normalize the PfSense logs.

 KB-13600, KB-15564

57743, 57902, 57905, 61881

Supported Version

PfSense Firewall 

Log Format

Expected Log Format

PfSense Firewall Syslog Format

Log Sample

<134>Sep 9 09:49:03 pf: 934979 rule 78/0(match): pass in on bge0: (tos 0x0, ttl 120, id 2292, offset 0, flags [DF], proto TCP (6), length 52) 1.1.1.1.10560 > 1.1.1.2.443: S, cksum 0xba35 (correct), 3306015017:3306015017(0) win 8192 <mss 1260,nop,wscale 2,nop,nop,sackOK>

<30>1 2021-06-17T04:30:56.380289+02:00 host.xxx unbound 1769 - - [1769:3] info: incoming scrubbed packet: ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: xxxxx.xx.xxx.net. IN A ;; ANSWER SECTION: xxxxxxx.xx.xxxxx.net. 60 IN A xx.111.222.xx ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; MSG SIZE rcvd: 57

<13>Jun 11 05:45:11 check_reload_status[377]: Reloading filter <13>Feb 7 15:03:20 check_reload_status: Reloading filter

Support

If you have any questions or require assistance, create a support ticket.

Comments

Article is closed for comments.

Follow

Related articles

  • Ping Identity
  • Logpoint Agent Collector
  • CheckPoint Firewall
  • LOGbinder
  • Default Lists
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.