Messages

Ok, no problem

Hi franco,

I am mirror admin of Nantou County Education Network Center, How to add mirror for firmware updates in the GUI. :)

hi

Can add Taiwan:Nantou County Education Network Center to Firmware setting

Because others Taiwan site Dept. of CSE, Yuan Ze University cant's use for long time

Thx.

hi

How to become OPNsense mirror site?

Taiwan

Nantou County Education Network Center

hi.

https://rules.emergingthreats.net/open/suricata-5.0/rules/

https://rules.emergingthreats.net/open/suricata-4.0/rules/

#suricata -V

This is Suricata version 5.0.5 RELEASE

I see ET open/emerging-trojan, this rules is removed at suricata 5.0

confuse  :-\ ??

one-to-one setting

hi Michael,

I follow your step, now it's only one 1:1 rules, but rdr show many rules

Code Select Expand

binat on igb0 from 192.168.170.96 to any -> 163.22.170.96
rdr on ixl0 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl1 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on lo0 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl3 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl2 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
nat on ixl0 inet from (ixl0:network) to {192.168.170.96} -> (ixl0) port 1024:65535
nat on ixl1 inet from (ixl1:network) to {192.168.170.96} -> (ixl1) port 1024:65535
nat on lo0 inet from (lo0:network) to {192.168.170.96} -> (lo0) port 1024:65535
nat on ixl3 inet from (ixl3:network) to {192.168.170.96} -> (ixl3) port 1024:65535
nat on ixl2 inet from (ixl2:network) to {192.168.170.96} -> (ixl2) port 1024:65535
nat on igb0 inet from (igb0:network) to {192.168.170.96} -> (igb0) port 1024:65535

I new to use OPNsense, use pfSense before.
I still can't ping 163.22.170.96

Thanks!

https://github.com/opnsense/core/issues/4469

this issus still in 21.1

ok, I know need subscription key. :)

hi,

MySubscription #2124, OPNsense Business Edition 1year

Downloads disipaly No downloads available yet.

So I loss something?

Hi,

I use 16.7.7 and have one special network.

B point 10.87.0.34/30 (gateway)
A point 10.87.0.33/30 (WAN)
Public IP (LAN)
Private IP(NAT)

10.87.0.32/30 and Private IP is outbound nat for LAN Public IP through WAN interface. Public IP is routing through A point WAN to B point gateway. The network traffic is normal. I use IDS and enable ET-TROJAN rules. I try to query qfsl.net and trigger that alert. Only NAT interface is trigger. No alert in WAN and LAN interface.

I try opnsense 16.7.7, It's amazing. I also donate to opnsense, I hope that opnsense can be used for 10G inline mode in my production in the future.  :)

I will donate again next month.

Yes, I'm looking forward to Opnsense development.

For IPS on Intel 10G, I'm expecting that day's coming!

Hi franco,
o Because it crash about 6 months ago, i did not copy any crash logs, but most messages (as attachment) from console before crash.
o I'm sorry I did not make it clearly, I mean Transparent Filtering Bridge mode.
o Really? I can use ET PRO rules in opnsense now? Hope ET PRO GUI and regular expression(for sid management) in the future.
o Syslog support was recently added, It's good news.

I have not test opnsense in my productions before, Maybe I can try.

Thanks! 

Hi!

I use bridge mode (Intel 10G ix0/ix1) in pfSense, inline mode is also not working and crash. At the same time, I use ET RPO rules and syslog(alert) forward. If opnsense can made that stable in the future, I am very glad to use opnsense and request commercial-support.