OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: dragon2611 on July 03, 2016, 06:33:20 pm

Title: Proxmox/Virtio IPS
Post by: dragon2611 on July 03, 2016, 06:33:20 pm

It seems that enabling IPS on a VM that's using virtIO drivers is a very bad idea, after about 30s or so all traffic stops flowing

Swap to E1000 virtual NIC's and the problem seems to dissapear.

Title: Re: Proxmox/Virtio IPS
Post by: franco on July 03, 2016, 08:46:26 pm

Thanks for the tip. We've had many reports with problems in IPS mode in FreeBSD that seems to stem from a lack of driver correctness. We hope things will be better with FreeBSD 10.3, but early testers have said it's not gotten much better.

Title: Re: Proxmox/Virtio IPS
Post by: dragon2611 on July 03, 2016, 08:50:12 pm

The IPS module does seem a bit early days at the moment as in you can enable it and set deny but it would be nice to see better intergration to the firewall (I.e might want to use the IPS P2P rules but only for certian devices)

Also I forgot to set the Deny filter when I first loaded a lot of the rules and I can't see any easy way to bulk change it for the trojan ones.etc  :-[