The SANS Internet Storm Center (ISC) developed the DShield pfSense client in 2017 [1] to support the ingestion of pfSense firewall logs into the DShield project. The pfSense project has also evolved over the years, with some changes in the offerings [2]. With the advent of pfSense Community Edition (CE) 2.7.0 [3, 4] and pfSense Plus 23.01, updates to the DShield client were required to fix unintended issues.

I am pleased to share that the DShield pfSense client has been updated and tested to be working* with pfSense CE 2.7.0 Release Candidate (RC) (just in time before pfSense CE 2.7.0-RELEASE is released on the targeted date of June 29, 2023), pfSense Plus 23.01-RELEASE as well as pfSense CE 2.6.0-RELEASE. To take a look at the DShield pfSense client, please visit the GitHub repository here [5]. If you are a pfSense user and would like to participate in the DShield project, please refer to my previous diary [6] for the steps required to set it up.

[* This release would not have been made possible without the understanding and support of my employers (JT Consultancy & Management Pte. Ltd. and ASSET Research Group) that kindly allowed me to work on this quickly to resolve issues faced by the DShield pfSense users. I would also like to thank my colleagues, Hamilton Chan and Yong Xian Ng, for their kind assistance and support rendered in this release.]

References:
1. https://github.com/jullrich/dshieldpfsense/commit/13a891e5ba4ee86c3a35fea4dcda24cf8107e39b
2. https://www.netgate.com/blog/announcing-pfsense-plus
3. https://www.netgate.com/blog/pfsense-rc-2.7.0-and-23.05.1
4. https://www.netgate.com/blog/pfsense-2.7.0-and-23.05
5. https://github.com/jullrich/dshieldpfsense
6. https://isc.sans.edu/diary/27240

-----------
Yee Ching Tok, Ph.D., ISC Handler
Personal Site
Mastodon
Twitter