netbirdio
diff --git a/‎README.md‎
Lines changed: 35 additions & 1 deletion b/‎README.md‎
Lines changed: 35 additions & 1 deletion
diff --git a/‎assets/netbird.png‎
194 KB b/‎assets/netbird.png‎
194 KB
diff --git a/‎netbird/Makefile‎
Lines changed: 30 additions & 0 deletions b/‎netbird/Makefile‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎netbird/files/netbird.in‎
Lines changed: 18 additions & 0 deletions b/‎netbird/files/netbird.in‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎netbird/pkg-descr‎
Lines changed: 18 additions & 0 deletions b/‎netbird/pkg-descr‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎netbird/pkg-message‎
Lines changed: 11 additions & 0 deletions b/‎netbird/pkg-message‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎pfSense-pkg-NetBird/files/pkg-deinstall.in‎
Lines changed: 3 additions & 0 deletions b/‎pfSense-pkg-NetBird/files/pkg-deinstall.in‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎pfSense-pkg-NetBird/files/pkg-install.in‎
Lines changed: 7 additions & 0 deletions b/‎pfSense-pkg-NetBird/files/pkg-install.in‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎pfSense-pkg-NetBird/files/usr/local/pkg/netbird.xml‎
Lines changed: 262 additions & 0 deletions b/‎pfSense-pkg-NetBird/files/usr/local/pkg/netbird.xml‎
Lines changed: 262 additions & 0 deletions
@@ -1 +1,35 @@
-# pfsense-netbird
+# NetBird Package for pfSense
+
+![My Logo](assets/netbird.png)
+
+## Build Instructions
+
+Use **FreeBSD 15.0-CURRENT** as your base system for building the package.
+
+### Steps:
+
+```
+git clone [email protected]:netbirdio/pfsense-netbird.git
+cd pfSense-pkg-NetBird/
+make
+make package
+```
+
+The `make package` command will generate a file like:
+
+```
+/work/pkg/pfSense-pkg-NetBird-<version>.pkg
+```
+
+You can then transfer this file to your pfSense system and install it manually.
+
+## Installation on pfSense
+
+To install the package manually on pfSense:
+
+```
+pkg remove pfSense-pkg-NetBird-<version>
+pkg add pfSense-pkg-NetBird-<version>.pkg
+```
+
+Once installed, **NetBird** will appear under the **VPN** menu in the pfSense Web UI.
@@ -0,0 +1,30 @@
+PORTNAME=	netbird
+DISTVERSIONPREFIX=	v
+DISTVERSION=	0.47.0
+CATEGORIES=	security net net-vpn
+
+MAINTAINER=	[email protected]
+COMMENT=	Peer-to-peer VPN that seamlessly connects your devices
+WWW=		https://netbird.io/
+
+LICENSE=	BSD3CLAUSE
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+NOT_FOR_ARCHS=	i386
+NOT_FOR_ARCHS_REASON=	"no 32-bit builds supported"
+
+RUN_DEPENDS=	ca_root_nss>0:security/ca_root_nss
+
+USES=		go:1.23,modules
+USE_RC_SUBR=	netbird
+
+GO_MODULE=	github.com/netbirdio/netbird
+GO_TARGET=	./client:netbird
+GO_BUILDFLAGS=			-tags freebsd -o ${PORTNAME} -ldflags "\
+						-s -w -X github.com/netbirdio/netbird/version.version=${PORTVERSION}"
+
+WRKSRC=		${WRKDIR}/netbird-${PORTVERSION}
+
+PLIST_FILES=	bin/netbird
+
+.include <bsd.port.mk>
@@ -0,0 +1,18 @@
+#!/bin/sh
+#
+# PROVIDE: netbird
+# REQUIRE: SERVERS
+# KEYWORD: shutdown
+#
+
+. /etc/rc.subr
+
+name="netbird"
+netbird_env="IS_DAEMON=1"
+pidfile="/var/run/${name}.pid"
+command="/usr/sbin/daemon"
+daemon_args="-P ${pidfile} -r -t \"${name}: daemon\""
+command_args="${daemon_args} /usr/local/bin/netbird service run --config /var/db/netbird/config.json --log-level info --daemon-addr unix:///var/run/netbird.sock --log-file /var/log/netbird/client.log"
+
+run_rc_command "$1"
+
@@ -0,0 +1,18 @@
+NetBird is an open-source WireGuard-based overlay network combined with
+Zero Trust Network Access, providing secure and reliable connectivity
+to internal resources.
+
+Key features:
+- Zero-config VPN: Easily create secure connections between devices without
+manual network setup.
+- Built on WireGuard: Leverages WireGuard's high-performance encryption for
+fast and secure communication.
+- Self-hosted or Cloud-managed: Users can deploy their own NetBird management
+server or use NetBird Cloud for centralized control.
+- Access Control & Routing: Fine-grained access control policies and automatic
+network routing simplify connectivity.
+- This FreeBSD port provides the NetBird client daemon and CLI tools, allowing
+FreeBSD systems to join a NetBird mesh network and securely communicate with
+other peers.
+
+For more details, visit: https://netbird.io
@@ -0,0 +1,11 @@
+[
+{ type: install
+  message: <<EOM
+At this time this code is new, unvetted, possibly buggy, and should be
+considered "experimental". It might contain security issues. We gladly
+welcome your testing and bug reports, but do keep in mind that this code
+is new, so some caution should be exercised at the moment for using it
+in mission critical environments.
+EOM
+}
+]
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/usr/local/bin/php -f /etc/rc.packages %%PORTNAME%% ${2}
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ "${2}" != "POST-INSTALL" ]; then
+	exit 0
+fi
+
+${PKG_ROOTDIR}/usr/local/bin/php -f ${PKG_ROOTDIR}/etc/rc.packages %%PORTNAME%% ${2}
@@ -0,0 +1,262 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+    <copyright>
+        <![CDATA[
+/*
+ * netbird.xml
+ *
+ * part of pfSense (https://www.pfsense.org)
+ * Copyright (c) 2022-2025 Rubicon Communications, LLC (Netgate)
+ * All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+	]]>
+    </copyright>
+    <name>netbird</name>
+    <version>%%PKGVERSION%%</version>
+    <title>VPN/NetBird</title>
+    <include_file>/usr/local/pkg/netbird/netbird.inc</include_file>
+    <aftersaveredirect>/pkg_edit.php?xml=netbird.xml</aftersaveredirect>
+    <menu>
+        <name>NetBird</name>
+        <section>VPN</section>
+        <configfile>netbird.xml</configfile>
+        <url>/pkg_edit.php?xml=netbird/netbird_auth.xml</url>
+    </menu>
+    <menu>
+        <name>NetBird</name>
+        <section>Status</section>
+        <configfile>netbird.xml</configfile>
+        <url>/netbird_status.php</url>
+    </menu>
+    <tabs>
+        <tab>
+            <text>Authentication</text>
+            <url>pkg_edit.php?xml=netbird/netbird_auth.xml</url>
+        </tab>
+        <tab>
+            <text>Settings</text>
+            <url>pkg_edit.php?xml=netbird.xml</url>
+            <active/>
+        </tab>
+        <tab>
+            <text>Status</text>
+            <url>netbird_status.php</url>
+        </tab>
+    </tabs>
+    <fields>
+        <field>
+            <name>General</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>WireGuard Port</fielddescr>
+            <fieldname>wireguardport</fieldname>
+            <description>
+                <![CDATA[
+                Wireguard interface listening port
+                ]]>
+            </description>
+            <type>input</type>
+            <default_value>51820</default_value>
+            <required/>
+        </field>
+
+        <field>
+            <name>Firewall</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Allow Configuration</fielddescr>
+            <fieldname>allowfirewallconfig</fieldname>
+            <description>
+                <![CDATA[
+                Allow the client to manage and enforce firewall rules
+                ]]>
+            </description>
+            <sethelp>
+                <![CDATA[
+                If disabled the client won't modify firewall rules
+                ]]>
+            </sethelp>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+        <field>
+            <fielddescr>Block Inbound Connection</fielddescr>
+            <fieldname>blockinboundconn</fieldname>
+            <description>
+                <![CDATA[
+                Block all inbound connections to the local machine and any routed networks
+                ]]>
+            </description>
+            <sethelp>
+                <![CDATA[
+                This overrides any policies received from the management service
+                ]]>
+            </sethelp>
+            <type>checkbox</type>
+        </field>
+
+        <field>
+            <name>SSH</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Enable</fielddescr>
+            <fieldname>enablessh</fieldname>
+            <description>
+                <![CDATA[
+                Allows incoming SSH connections
+                ]]>
+            </description>
+            <type>checkbox</type>
+        </field>
+
+        <field>
+            <name>DNS</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Enable</fielddescr>
+            <fieldname>enabledns</fieldname>
+            <description>
+                <![CDATA[
+                Allows the client to configure DNS settings
+                ]]>
+            </description>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+
+        <field>
+            <name>Routing</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Access LAN</fielddescr>
+            <fieldname>accesslan</fieldname>
+            <description>
+                <![CDATA[
+                Allow access to local networks (LAN) when using this peer as a router or exit node
+                ]]>
+            </description>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+        <field>
+            <fielddescr>Accept Client Routes</fielddescr>
+            <fieldname>allowclientroutes</fieldname>
+            <description>
+                <![CDATA[
+                Accept and process client routes received from the management
+                ]]>
+            </description>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+        <field>
+            <fielddescr>Allow Server Routes</fielddescr>
+            <fieldname>allowserverroutes</fieldname>
+            <description>
+                <![CDATA[
+                Enable this peer to act as a router for server routes received from the management
+                ]]>
+            </description>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+
+        <field>
+            <name>Post-Quantum</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Enable Rosenpass</fielddescr>
+            <fieldname>enablerosenpass</fieldname>
+            <description>
+                <![CDATA[
+                Enable the Rosenpass to provide post-quantum secure connections
+                ]]>
+            </description>
+            <sethelp>
+                <![CDATA[
+                Experimental
+                ]]>
+            </sethelp>
+            <type>checkbox</type>
+        </field>
+        <field>
+            <fielddescr>Rosenpass Permissive Mode</fielddescr>
+            <fieldname>rosenpasspermissive</fieldname>
+            <description>
+                <![CDATA[
+                Enable this peer to accept WireGuard connections from peers that do not have Rosenpass enabled
+                ]]>
+            </description>
+            <sethelp>
+                <![CDATA[
+                Experimental
+                ]]>
+            </sethelp>
+            <type>checkbox</type>
+        </field>
+
+        <field>
+            <name>Logging</name>
+            <type>listtopic</type>
+        </field>
+        <field>
+            <fielddescr>Syslog Logging</fielddescr>
+            <fieldname>syslogenable</fieldname>
+            <description>
+                <![CDATA[
+				Enable syslog output
+				]]>
+            </description>
+            <type>checkbox</type>
+            <default_value>on</default_value>
+        </field>
+        <field>
+            <fielddescr>Syslog Settings</fielddescr>
+            <fieldname>loglevel</fieldname>
+            <description>Set the syslog logging level</description>
+            <type>select</type>
+            <default_value>info</default_value>
+            <options>
+                <option><name>INFO</name><value>info</value></option>
+                <option><name>DEBUG</name><value>debug</value></option>
+            </options>
+            <required/>
+        </field>
+
+    </fields>
+    <note>
+        <![CDATA[
+		Changes to these settings may temporarily disrupt connections and access to NetBird.
+		]]>
+    </note>
+
+    <custom_php_after_head_command>
+        <![CDATA[netbird_display_connection_info();]]>
+    </custom_php_after_head_command>
+    <custom_php_validation_command>
+        <![CDATA[netbird_validate_input($_POST, $input_errors);]]>
+    </custom_php_validation_command>
+    <custom_php_resync_config_command>
+        <![CDATA[netbird_resync_config();]]>
+    </custom_php_resync_config_command>
+</packagegui>
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#!/bin/sh`
	`2`	`+`
	`3`	`+/usr/local/bin/php -f /etc/rc.packages %%PORTNAME%% ${2}`