Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - everfree

#1
Ok, no problem
#2
Hi franco,

I am mirror admin of Nantou County Education Network Center, How to add mirror for firmware updates in the GUI. :)




#3
General Discussion / System: Firmware setting add please
September 14, 2021, 01:07:32 PM
hi

Can add Taiwan:Nantou County Education Network Center to Firmware setting

Because others Taiwan site Dept. of CSE, Yuan Ze University cant's use for long time

Thx.
#4
General Discussion / how to become mirror
February 27, 2021, 06:00:10 AM
hi

How to become OPNsense mirror site?

Taiwan

Nantou County Education Network Center
#5
21.1 Legacy Series / Suricata 5.0.5 use ET Open 4.0 rules
February 10, 2021, 09:41:35 AM
hi.

https://rules.emergingthreats.net/open/suricata-5.0/rules/

https://rules.emergingthreats.net/open/suricata-4.0/rules/

#suricata -V

This is Suricata version 5.0.5 RELEASE

I see ET open/emerging-trojan, this rules is removed at suricata 5.0

confuse  :-\ ??

#6
one-to-one setting
#7
hi Michael,

I follow your step, now it's only one 1:1 rules, but rdr show many rules

binat on igb0 from 192.168.170.96 to any -> 163.22.170.96
rdr on ixl0 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl1 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on lo0 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl3 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
rdr on ixl2 from {any} to {163.22.170.96} -> {192.168.170.96} bitmask
nat on ixl0 inet from (ixl0:network) to {192.168.170.96} -> (ixl0) port 1024:65535
nat on ixl1 inet from (ixl1:network) to {192.168.170.96} -> (ixl1) port 1024:65535
nat on lo0 inet from (lo0:network) to {192.168.170.96} -> (lo0) port 1024:65535
nat on ixl3 inet from (ixl3:network) to {192.168.170.96} -> (ixl3) port 1024:65535
nat on ixl2 inet from (ixl2:network) to {192.168.170.96} -> (ixl2) port 1024:65535
nat on igb0 inet from (igb0:network) to {192.168.170.96} -> (igb0) port 1024:65535


I new to use OPNsense, use pfSense before.
I still can't ping 163.22.170.96

Thanks!
#8
21.1 Legacy Series / NAT reflection for 1:1 not working
February 02, 2021, 04:16:02 AM
#9
General Discussion / Re: My Subscription
February 01, 2021, 02:54:04 AM
ok, I know need subscription key. :)
#10
General Discussion / My Subscription
January 31, 2021, 12:58:28 AM
hi,

MySubscription #2124, OPNsense Business Edition 1year

Downloads disipaly No downloads available yet.

So I loss something?


#11
Hi,

I use 16.7.7 and have one special network.

B point 10.87.0.34/30 (gateway)
A point 10.87.0.33/30 (WAN)
Public IP (LAN)
Private IP(NAT)

10.87.0.32/30 and Private IP is outbound nat for LAN Public IP through WAN interface. Public IP is routing through A point WAN to B point gateway. The network traffic is normal. I use IDS and enable ET-TROJAN rules. I try to query qfsl.net and trigger that alert. Only NAT interface is trigger. No alert in WAN and LAN interface.
#12
Intrusion Detection and Prevention / Re: IDS questions
October 28, 2016, 03:22:07 AM
I try opnsense 16.7.7, It's amazing. I also donate to opnsense, I hope that opnsense can be used for 10G inline mode in my production in the future.  :)

I will donate again next month.
#13
Intrusion Detection and Prevention / Re: IDS questions
October 24, 2016, 04:44:28 AM
Yes, I'm looking forward to Opnsense development.

For IPS on Intel 10G, I'm expecting that day's coming!
#14
Intrusion Detection and Prevention / Re: IDS questions
October 21, 2016, 12:04:29 PM
Hi franco,
o Because it crash about 6 months ago, i did not copy any crash logs, but most messages (as attachment) from console before crash.
o I'm sorry I did not make it clearly, I mean Transparent Filtering Bridge mode.
o Really? I can use ET PRO rules in opnsense now? Hope ET PRO GUI and regular expression(for sid management) in the future.
o Syslog support was recently added, It's good news.

I have not test opnsense in my productions before, Maybe I can try.

Thanks! 
#15
Intrusion Detection and Prevention / Re: IDS questions
October 20, 2016, 04:15:21 PM
Hi!

I use bridge mode (Intel 10G ix0/ix1) in pfSense, inline mode is also not working and crash. At the same time, I use ET RPO rules and syslog(alert) forward. If opnsense can made that stable in the future, I am very glad to use opnsense and request commercial-support.