OPNsense Forum
English Forums => Zenarmor (Sensei) => Topic started by: actionhenkt on July 31, 2021, 05:03:51 pm
-
Hi,
Sensei is using 100% cpu and is capping my throughput, is it possible to exclude an IP in sensei so sensei does not scan the traffic at all ?
Have added the IP to the exempted network/ip list but sensei is still scanning.
-
hi @actionhenkt, exempted networks/ip is the way to go.
Is this new (e.g. started after upgrade to 21.7) or has this been an ongoing situation?
-
Thanks, I already added the IP's but im not sure if this also works to/from external destinations/sources ? When downloading/uploading, with sensei on the max download/upload is around 330/340 mbps, without sensei I get 940mbps.
The issue is not new also had this pre 21.7 just trying to work around it without disabling sensei
-
What happens if you put sensei onto bypass mode? In the bypass mode, sensei will be just forwarding packets back and forth.
-
setting bypass mode did not make a difference
-
Got it. Looks like netmap. Can you send a bug-report? Let's have a look at your ethernet drivers & configuration.
-
I have an APU2 and Sensei is in bridge mode. I have whitelisted:
news.eweka.nl
sslreader.eweka.nl
81.171.92.0/24
But Sensei keeps scanning the connection, using one core of the processor above 90%.
-
When I download the whitelist, it is empty (0 bytes).
-
There is a difference between allow connection, but inspect it and do not inspect at all the connection. I am afraid whitelist does the former rather than the later.