"This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#16
24.1, 24.4 Legacy Series / Re: Suricata - NUMA nodes
February 22, 2024, 10:16:35 AM #17
24.1, 24.4 Legacy Series / Re: Suricata - NUMA nodes
February 21, 2024, 09:21:45 AMQuote from: franco on February 21, 2024, 08:15:47 AM
It's an upstream issue with Suricata 7.0.3, but it shouldn't matter much. https://github.com/opnsense/core/issues/7260
ok, thank you.
#18
24.1, 24.4 Legacy Series / Suricata - NUMA nodes
February 21, 2024, 07:56:56 AM
Hi,
After the update to 24.1.2 I noticed these entries in the suricata logs. Is it a misconfiguration from my side, do I need to do any thing about these errors.
OPNSense is running on a dedicated Intel hardware.
After the update to 24.1.2 I noticed these entries in the suricata logs. Is it a misconfiguration from my side, do I need to do any thing about these errors.
Code Select
2024-02-20T22:01:12 Error suricata [100315] <Error> -- failed to obtain number of NUMA nodes in the system
2024-02-20T22:01:12 Error suricata [100315] <Error> -- unable to open /sys/devices/system/node/OPNSense is running on a dedicated Intel hardware.
#19
24.1, 24.4 Legacy Series / Re: 24.1 IDS breaks internet
January 31, 2024, 09:23:13 AM
I have two boxes running nearly the same config. IPS is enabled on both boxes.
One are suffering from this issue and the other one is running fine. Both are based on Intel.
One are suffering from this issue and the other one is running fine. Both are based on Intel.
#20
24.1, 24.4 Legacy Series / Re: 24.1 IDS breaks internet
January 30, 2024, 07:07:32 PM
Same issue here.
Running IPS on the LAN side.
Web-gui get unresponsive after a few minutes and the network works as crap.
Igb interfaces.
Running IPS on the LAN side.
Web-gui get unresponsive after a few minutes and the network works as crap.
Igb interfaces.
#21
General Discussion / Re: Lan net or Lan address?
January 19, 2024, 12:03:23 PM
ok, thank you.
I read this and it helped me clear up my confusion.
https://docs.opnsense.org/manual/firewall_generic.html#address-types
I read this and it helped me clear up my confusion.
https://docs.opnsense.org/manual/firewall_generic.html#address-types
#22
General Discussion / Re: Lan net or Lan address?
January 17, 2024, 04:12:37 PM
So if I want to block all traffic from 192.168.11.0/24 (IoT net) to 192.168.2.0/24 (Default net) I should use (see below)?
Firewall/Rules/IOT
Action: Block
Interface: IOT
Direction: IN
Source: any
Destination: Default address
Firewall/Rules/IOT
Action: Block
Interface: IOT
Direction: IN
Source: any
Destination: Default address
#23
General Discussion / Lan net or Lan address?
January 17, 2024, 03:07:05 PM
Hi,
When I look into my firewall rules I see "Lan net" and "Lan address". Whats the difference between these two types and in which cases should they be used?
When I look into my firewall rules I see "Lan net" and "Lan address". Whats the difference between these two types and in which cases should they be used?
#24
23.7 Legacy Series / Re: Github Issues
January 14, 2024, 10:28:30 PM
I know that firehol lvl 3 have a bad habbit of blacklisting some of githubs ips...
http://iplists.firehol.org/?ipset=firehol_level3
http://iplists.firehol.org/?ipset=firehol_level3
#25
23.7 Legacy Series / Re: Will IPSec-MB be integrated at some point?
December 29, 2023, 04:35:09 PM
Hi,
Do I need to add any tunables or settings to make use of IIMB?
Do I need to add any tunables or settings to make use of IIMB?
#26
Virtual private networks / Help selecting algorithms (S2S Ipsec)
December 19, 2023, 02:02:59 PM
Hi,
I'm trying to migrate my current Ipsec S2S connection (Tunnel Settings) to the new "Connections" but I'm not sure which algorithms etc to select. Could any of you help me choose a secure and fast algorithms?
My current settings are (I ended up with these after some reading but I'm not sure that they are perfect...)
Phase 1
Encryption algorithm: 256 bit AES-GCM with 128 bit ICV
Hash algorithm: SHA512
DH key group: 21 (NIST EC 521)
Phase 2
Protocol: ESP
Encryption algorithms: aes256gcm16
Hash algorithms: none
PFS: 21 (NIST EC 521 bits)
I'm trying to migrate my current Ipsec S2S connection (Tunnel Settings) to the new "Connections" but I'm not sure which algorithms etc to select. Could any of you help me choose a secure and fast algorithms?
My current settings are (I ended up with these after some reading but I'm not sure that they are perfect...)
Phase 1
Encryption algorithm: 256 bit AES-GCM with 128 bit ICV
Hash algorithm: SHA512
DH key group: 21 (NIST EC 521)
Phase 2
Protocol: ESP
Encryption algorithms: aes256gcm16
Hash algorithms: none
PFS: 21 (NIST EC 521 bits)
#27
Intrusion Detection and Prevention / feodotracker.abuse.ch down?
December 13, 2023, 09:05:42 PM
Hi,
I see these errors in my logs. Do any of you know anything about why the site are unavailable?
I see these errors in my logs. Do any of you know anything about why the site are unavailable?
Code Select
download failed for https://feodotracker.abuse.ch/downloads/feodotracker.rules (HTTPSConnectionPool(host='feodotracker.abuse.ch', port=443): Max retries exceeded with url: /downloads/feodotracker.rules (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1134)'))))
#28
Hardware and Performance / Re: how to see if TRIM is supported?
September 12, 2023, 09:25:07 PM
Thank you!
It worked and I'm using the predefined cronjob.
It worked and I'm using the predefined cronjob.
#29
Hardware and Performance / how to see if TRIM is supported?
September 12, 2023, 08:50:28 PM
Hi,
Do any of you know how to see if the drive supports TRIM?
I have tried hdparm and lsblk but they are not found.
Do any of you know how to see if the drive supports TRIM?
I have tried hdparm and lsblk but they are not found.
