Messages

Hi, I took some time to test the problem again.
I just installed a test PC with the OPNsense 17.1.5-i386
Set system/settings/notification as below:

server: smtp.gmail.com
port: 587
check Enable STARTTLS
sender: cyberwatchbr@gmail.com
destination: pcborges@yahoo.com
Email auth username: cyberwatchbr@gmail.com
Email auth pass: *****

This setup used to work well.
Now, when I click TEST SMTP I get no mail and the following log entry:

OPNsense opnsense: /system_advanced_notifications.php: Could not send the message to pcborges@yahoo.com -- Error: 534-5.7.14 EX4zifEE_WoNFn8Jfrfj4sQVPTi8TBcSEWDvtyxfFcF4w78dqVm8sCYWvDGxYvuxu4BkQW

Thanks
Paulo Borges

Hi, What do I have to do?
Do I change something on the src/etc/inc/notices.smtp.inc?
Do I have to replace the entire file?
Thanks

Just tested, works GREAT!
Thanks!

Hi,

Just to complement, I followed jstrebel sugestion on OpenDNS and I got it to work.
It is EXCELENT and does everything I need, blocking specific content and even more.

opnsence integrates perfectly with openDNS.

I sugest those interested to check OpenDNS.com web site for clarifications and https://www.kirkg.us/posts/using-opendns-with-opnsense/ for instructions on how to setup openDNS on opnsense.

I just did not find it necessary that DHCP is set for OpenDNS's DNS addresses once opnsense primary and secondary DNSs are properly set at System/settings/general.

Regards
Paulo

Hi, just found the wan ip on my router is not the one registered at opendns.
My router wan ip is 172.16.18.27, our ISP must be putting us behind a NAT gateway.
May be opendns will just not work under these circumstances.

Regards
Paulo

HI, thanks again for your help.

To start from simple, no opnsense gateway.
I did change my Dlink router DNSs as follows: 208.67.222.222 and 208.67.220.220
So when dns resolution is put to the Dlink router it will use 208.67.222.222 or 208.67.220.220 to name resolution.

Disconected and reconected to my WIFI, ipconfig/all shown DNS IP is the same as Gateway which is the DLink router

I created an account at openDNS and I signed in.
The IP assigned to my router WAN port is registered at openDNS as my home network.

When I navigate to www.internetbadguys.com it is shown it is a demonstration page etc...
OpenDNS statistics show nothing.

Then I changed my Win10 DNS (for the WIFI interface I use) to 208.67.222.222 and 208.67.220.220

From Power Shell I call nslookup.

PS C:\Users\Paulo> nslookup
Servidor Padrão:  resolver1.opendns.com
Address:  208.67.222.222

> www.internetbadguys.com
Servidor:  resolver1.opendns.com
Address:  208.67.222.222

Não é resposta autoritativa:
Nome:    www.internetbadguys.com
Address:  67.215.92.210

Even after that there is no activity on openDNS Total Requests for Home or any other activity

What do you think is wrong?
What I am missing?

Regards
Paulo

Hi, thanks for your support.
openDNS seems to be the perfect solution for my problem.

I followed the instructions on https://www.kirkg.us/posts/using-opendns-with-opnsense/ but opnsense does not block a thing.

Have you got it to work, to actually block something?

Thanks
Paulo

Hi, I just found that if instead of pasting the entire URLs list I paste just a piece of it (I did paste the first 10 lines) it starts blocking the (now quite shorter list of) URLs.

Is there anything I am missing?

Thanks
Paulo

Hi Bart,

Thanks for the support.

I compiled a adults content list (sorted.txt attached) and, as you indicated, imported as host aliases.
Named the alias as Adult

I have an WIFI usb adapter and from that I created an accesspoint that is working ok.

What I am trying to achieve is apply content filter only on users connecting to accesspoint net
So, I created a rule at the firewall to block any protocol from accesspoint address and destination Adult.
Moved this rule to the top of the list and applied the rule.

I am doing all this while connected to the accesspoint WIFI interface.

But none of these urls are actualy blocked.

I am always connected to opnsense box from the accesspoint wifi interface.

Thanks
Paulo Borges

Hy, I am trying to put some content filter on my opnsense box but after reading about Transparent Proxy and Proxy cache I see it is a lot more than what I need, all I need is opnsense to block content bases on url.
The list of banned sites on UT1 "web categorization list" looks great.

All I want is to block sites on that list.

Thanks
Paulo

Hi, the IP range of my GuestNet is 10.10.10.0/24 and the OpnSense machine is on 10.10.10.1
Sometimes I do have to browse to 10.10.10.1:8000 to force the load of Captive Portal login screen.

Hope it helps
Paulo

Hi,

I am using Captive Portal and I am installing it in a customer that asked for tickets with 30 days authorization window.

It is possible to have such extended window in a single voucher?

By the way, I learnt that the authorization windows starts counting from the first login and runs straight to the end, either the customer use it or not.

Is there a way to have a voucher with, say, 10 hours, but that counts utilization time?
I mean, if the customer uses one hour he still has 9 hours left independently of the intervals between logins?

Thanks
Paulo

Excuse-me, found solution.
I would like to delete this post but found no way to do that.

Thanks
Paulo

Hi, I am running OPNSense for about a week now and followed most manual indications for the setup.

OPNsense is working and performing well that far.

I have activated Intrusion Detection according to manual but the manual only instructs to activate the abuse group of rules.

Below on the settings page there are plenty of rules left unchecked and I just cannot find documentation on what to do with them.

What is the criteria to decide if I do need to activate these rule sets?

Thanks
Paulo Borges

[smtp.gmail.com]

Hi, thanks.

I just tried and got it to work with the following setup:

smtp server: smtp.gmail.com
Secure SMTP Connection:
   Enable STARTTLS with ports 587 
From e-mail address: cyberwatchbr@gmail.com
E-Mail address (destination): pcborges@yahoo.com
E-Mail auth username: cyberwatchbr@gmail.com
E-Mail auth password: *****

Thanks again for your valuable suppor.

Regards
Paulo Borges