pfSense
Netify for pfSense
Requirements
Installation
pfSense 2.4.x on AMD64 (x86-64)
Up-to-date Netify packages are maintained in our pfSense repository. To install Netify, run:
curl http://download.netify.ai/netify/pfsense/2.4.x/stable/netify-install.sh | sh
pfSense 2.4.x on AArch64 (Netgate SG-1100 and SG-2100)
pkg add http://download.netify.ai/netify/pfsense/2.4.x/testing/aarch64/netifyd-3.07_1.txz
cp /usr/local/etc/netifyd.conf.sample /usr/local/etc/netifyd.conf
cp /usr/local/etc/netify.d/netify-sink.conf.sample /usr/local/etc/netify.d/netify-sink.conf
service netifyd onerestart
curl http://download.netify.ai/netify/pfsense/2.4.x/testing/aarch64/netify_watchdog.py -o /usr/local/share/netifyd/netify_watchdog.py
chmod 755 /usr/local/share/netifyd/netify_watchdog.py
curl http://download.netify.ai/netify/pfsense/2.4.x/testing/aarch64/netifyd.cron -o /etc/cron.d/netifyd
service cron restart
pfSense 2.4.x on ARM (SG-3100)
pkg add http://download.netify.ai/netify/pfsense/2.4.x/testing/armv6/netifyd-3.07_1.txz
curl http://download.netify.ai/netify/pfsense/2.4.x/testing/armv6/netify_watchdog.py -o /usr/local/share/netifyd/netify_watchdog.py
chmod 755 /usr/local/share/netifyd/netify_watchdog.py
curl http://download.netify.ai/netify/pfsense/2.4.x/testing/armv6/netifyd.cron -o /etc/cron.d/netifyd
service cron restart
pfSense 2.5.x on AMD64 (x86-64)
pfSense 2.5.x is a development release, so please use it with caution. To install Netify, run:
curl http://download.netify.ai/netify/pfsense/2.5.x/stable/netify-install.sh | sh
pfSense 2.5.x on ARM (Netgate SG-1100, SG-2100 and SG-3100 appliances)
Sorry, we do not support other pfSense 2.5.x variants.
pfSense 2.6.x on AMD64 (x86-64)
To install Netify, run:
pkg add https://download.netify.ai/netify/pfsense/2.6.x/stable/netifyd-3.09_1.pkg
Configuration
Netify will automatically detect the network interfaces and roles defined in pfSense.
Start
With the installation and setup completed, you can now start and enable Netify:
netifyd --enable-sink
service netifyd enabled
service netifyd onestart # if not running
Provisioning
With the Netify service installed, configured and running, it is time to provision your unique install. You will first need to fetch the provision code from your Netify Agent install using the following command:
# netifyd -p
Agent UUID: AA-BB-CC-DD
Once you have the provisioning code, you will need to create a Netify account (if you don't have one already) and run through the simple provisioning wizard. Once complete, metadata and analysis will start to be available in under a minute.
Uninstall/Remove Netify
pfSense on AMD64 (x86-64)
To remove Netify from your installation, use the command line. For pfSense 2.4.x and 2.5.x, Netify has a few package dependencies that are installed during installation but are not removed by default as you could inadvertently remove packages that share these requirements. If you absolutely need to remove all packages that were pulled in during the Netify install, a list of packages that Netify requires is listed below:
- libunwind
- google-perftools
- python36
To uninstall Netify on 2.4.x and 2.5.x, run:
pkg remove pfSense-pkg-netify-fwa pfSense-pkg-netify netifyd
To uninstall Netify on 2.6.x, run:
pkg remove netifyd
pfSense on ARM (Netgate SG-1100, SG-2100 and SG-3100 appliances)
To uninstall Netify, run:
pkg remove netifyd
rm /etc/cron.d/netifyd
service cron restart
What is pfSense
pfSense is an open source, FreeBSD-based firewall and routing software solution that can be installed on commodity hardware or found pre-installed on Netgate appliances. The pfSense software provides similar functionality to common commercial firewalls. The solution has successfully replaced numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more.
pfSense features include:
- Web-based Interface
- Firewall
- VPN
- IDS/IPS
- Captive Portal
- Traffic Shaping/QoS
- High Availability
- Load Balancing
- and more