"
Logs on both sides would be interesting
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#46
25.1, 25.4 Legacy Series / Re: 25 1.2 - Suddenly problems with AES 256 GCM in OpenVPN
March 06, 2025, 06:14:09 AM #47
German - Deutsch / Re: LDAP Benutzer Import fehlt
March 04, 2025, 08:28:40 AMQuote from: Monviech (Cedrik) on February 27, 2025, 11:43:50 AMDen LDAP import für user gibt es nicht mehr.
Der Benutzer kann einfach manuell angelegt werden mit dem gleichen Namen wie er im CN steht.
Also e.g., "cn=Testuser" einfach als "Testuser" anlegen und den Haken bei "Scrambled Password" setzen.
Aber es kommt auch bald ein CSV import:
https://github.com/opnsense/core/issues/8340
Von uns gesponsert:)
Autocreate bringt nichts wenn du 100 user migrieren musst und das alles vorbereitet wird von einem admin.
#48
General Discussion / Re: Unifi controller ...
March 04, 2025, 08:27:14 AMQuote from: Patrick M. Hausen on March 02, 2025, 07:07:04 PM@mimugmail's package repo is not yet ready for 25.1 - that's why you cannot have both at the moment until that is fixed.
It should be now :)
#49
25.1, 25.4 Legacy Series / Re: [25.1.2] AdGuard Home not starting, UniFi Controller gone
March 04, 2025, 07:07:08 AM
Perfect, thx for testing :)
#50
25.1, 25.4 Legacy Series / Re: [25.1.2] AdGuard Home not starting, UniFi Controller gone
March 03, 2025, 04:48:01 PM
Pushed a new update, can you try if it works now?
#51
25.1, 25.4 Legacy Series / Re: [25.1.2] AdGuard Home not starting, UniFi Controller gone
March 02, 2025, 04:41:10 PM
After 24h still compiling packages ...
#52
General Discussion / Re: OPNsense - SNMP
March 01, 2025, 10:11:02 PM
Observium is superb with OPNsense :)
#53
General Discussion / Re: Azure Linux Agent Install
March 01, 2025, 10:09:21 PM
What about
pkg install azure-agent
The latest package should be already there
https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/MINT/25.1.2/latest/All/
pkg install azure-agent
The latest package should be already there
https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/MINT/25.1.2/latest/All/
#54
German - Deutsch / Re: Unifi controller
March 01, 2025, 02:34:16 PM
Mit dem letzten Update ist das icu kaputt, ich bau grad die Pakete neu, dauert aber noch bisschen.
#55
25.1, 25.4 Legacy Series / Re: CARP unicast synced despite of "No XMLRPC Sync" checked for CARP Virtual IP
March 01, 2025, 02:32:20 PM
If you use unicast carp you shouldnt sync Virtual IPs, only when using Multicast
#56
24.1, 24.4 Legacy Series / Re: Kea dhcp - vendor specific options
January 14, 2025, 09:37:00 AM
I pinged franco, lets see :)
#57
German - Deutsch / Re: Netzwerk, Security & Firewall Usergroup
January 04, 2025, 02:39:58 PM
Ich bin auch Papa und würde genau deswegen eher in der Arbeit um 16 kurz reinschauen, da am WE die Family Priorität hat ;)
#58
24.1, 24.4 Legacy Series / Re: Kea dhcp - vendor specific options
December 29, 2024, 07:10:58 AM
https://github.com/opnsense/core/pull/7361
There is a PR an a branch, I'll try to get it running in Jan next year
There is a PR an a branch, I'll try to get it running in Jan next year
#59
General Discussion / Re: Changes and updates to community repo!
December 28, 2024, 06:07:44 AM
Yes, after holiday season :)
#60
24.7, 24.10 Legacy Series / Re: ISP hacked OPNSense Router
December 17, 2024, 07:25:25 AMQuote from: Patrick M. Hausen on November 28, 2024, 08:10:23 PMQuote from: fbeye on November 28, 2024, 07:32:30 PMBeing new to crowdsec, would there be any recommended settings to change outside the box of installing the plugin and "enabling" it or are defaults safe/legit for home user with basic setup? I went to the config site with all the options and being I know nothing of it, I would have 0 idea of what to change or add or modify.
cscli is your friend. You probably want to whitelist all RFC 1918 networks. To do that:Code Selectcscli parsers install crowdsecurity/whitelists
If you want to not only parse OPNsense pf logs and UI login attempts (if your UI is reachable from WAN at all) but e.g. Caddy access logfiles you can add the matching collection:Code Selectcscli collections install crowdsecurity/caddy
Then add a file named "/usr/local/etc/crowdsec/acquis.d/caddy.yaml":Code Selectfilenames:
- /var/log/caddy/access/*.log
force_inotify: true
poll_without_inotify: true
labels:
type: caddy
You get the idea. There are lots of collections for different scenarios depending on what you use for inbound service - NginX, HAproxy, Caddy, ...
You can find them at https://app.crowdsec.net/hub/collections
In the Crowdsec web console you can subscribe to up to three free blocklists in addition to your own locally generated "decisions" as they call it. I use:
- Firehol cruzit.com list
- Firehol greensnow.co list
- Firehol cybercrime tracker list
HTH,
Patrick
Greensnow is good, cruzit was last updated in 2023 on Firehol. Thx for the cli-fu in crowdsec, wasnt aware of :)
