Messages

Hi and thanks for reply.
I took the format from this file I've benn using for a long period with no problem https://www.spamhaus.org/drop/drop.txt

Anyway, I'm attaching the file I would like to use.
Can you exactly tell what is the right path to use? I mean, wich of the ones I used is valid? I mean:
1) file \\127.0.0.1\mkst\lists\ips.txt
2) https://127.0.0.1/mkst/lists/ips.txt
3) https:\\127.0.0.1\mkst\lists\ips.txt

Thanks and cheers,

Michele.

Hello everybody.
I would like to create and mantain a local (or more than one) list of ip addresses to use within alias and then in traffic rules.
I created a txt file and put it in a local folder in Opnsense (/mkst/lists/ip.txt).
I would like to load it and use an alias to do that.
So I created an alias using the URL IP type but I receive error and ip's don't load.
I tried in different ways and these are some errors:
update_tables.py: error fetching alias url \\127.0.0.1\mkst\lists\ips.txt
update_tables.py: error fetching alias url https://127.0.0.1/mkst/lists/ips.txt
update_tables.py: error fetching alias url https:\\127.0.0.1\mkst\lists\ips.txt

What is the right way to load a local list?

Thank you.

Cheers,
Michele.

I posted my "step by step" guide in this thread:
https://forum.opnsense.org/index.php?topic=9510.0

Hope it helps.

Cheers,

Michele.

Here I am.
Below the steps to install, configure and protect Sarg on OPNSense.
I have one installation and I did the installation many months ago.

INSTALL
pkg install sarg

CONFIG
Search for file "sarg.conf" and set thi parameter:
output_dir /usr/local/www/squid-reports

If this parameter remains unset reports will be unaccessible.

PROTECT
To protect access to reports with user and password follow these steps:

Search for file "/usr/local/etc/inc/plugin.inc.d/webgui.inc" and:

1) add string "mod_auth"

## modules to load
server.modules              =   ( "mod_access", "mod_expire", "mod_auth", "mod_compress", "mod_redirect",
  "mod_cgi", "mod_fastcgi","mod_alias", "mod_rewrite"
)

2) Just after those rows add these lines of code:

"auth.backend = "plain"
auth.backend.plain.userfile = "/usr/local/www/squid-reports/.htpasswd"
auth.require = ("/squid-reports" => (
"method" => "digest",
"realm" => "squid-reports",
"require" => "valid-user"
))"


3) Then create file "/usr/local/www/sarg-reports/.htpasswd"
and insert username and password inside (for istance):
admin:admin

Thats all.

Restart firewall to test.

HINT: file "webgui.inc" is being overwritten when OPNSense is updated or upgraded so it must be re-written for the part in point 2)

I hope to have been helpful,

cheers,

Michele.

Hello and sorry for the lat
I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.

Cheers,

Michele.

Hello.
Yes, I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.

Cheers,

Michele.

No one?

Hi guys.
I setup the Insigt reporting feature so that I can monitor traffic from inside my networks.
In Netflow configuration I added my LAN, DMZ and OpenVPN interfaces.
When I go to the Insight function I can see all traffic and graphs for all interfaces except OpenVPN.
I attached screenshot of Netflow configuration and Insigth for OpenVPN interfaces where, you can see, no data is available and I have several OpenVPN connections active (mine too now).

Am I doing anything wrong or missing something?

Thanks and cheers,

Michele.

Updated opnsense to versione 18.1.9 late this morning.
Made several tests. Insight behaviour seems to be regular and correct now.
Thanks to all the team for the good job made.  8)

Cheers,
Michele.

Hello.
I saw that on GitHub tech conversions went on but I can't undestand whether the issue has been solved or not.
Is there any new patch to apply?

Thanks,
Michele.

Ok Franco.
Posted on GitHub as you suggested.

Thanks,
Michele.

[put another IP address (a public one) and NOT the one I chose before]

Hi Franco,
thanks for your usual clear explanations.
I applied the patches and now:

• I see pop-ups when I go on pie chart and select "LAN" or "DMZ" interface. Before the patch I saw pop-ups only when WAN interface was selected. So I guess I can claim that patches solved this issue.
  
• Unfortunately if I go on "Totals" tab and go down to "Top usage ports/sources", select "LAN" or "DMZ" as the interface, choose and click on a IP address (private one) on pie chart (the one on the right), system takes me to the "Details" tab, put "LAN" in the interface filed but on the "src Address" put another IP address (a public one) and NOT the one I chose before. This is the same behaviour as before.
• Everything is working ok on the pie-chart on the left of the page (ports, services) whatever interface I select.

Do I have to report my results on the GitHub portal?

Thanks and cheers,
Michele.

Kapara,
I expecially need to know where to catch and how to apply the patch.
If you can help me in doing that please let me know.
Anyway thanks for your "precious" advise.  ???

Hi Franco and thanks to you for reply.
I'm trying to follow discussion on github but to be sincere I don't understand it in a complete way.
I read some people are talking about a patch but I didn't understand where I can eventually find it and how I can apply it.
Furthermore my OPNSense is in a production environment: do I run any risk to apply such a patch? Or is it just like a OPNSense update?

Please let me know.

Cheers,
Michele.

Thanks, just done.

https://github.com/opnsense/core/issues/2405

Michele.