Messages

was digging around and found basically the same chipset/board but with Intel nics-
https://arstechnica.com/gadgets/2020/08/review-odyssey-x86j4105-a-mini-pc-for-makers-and-builders/
https://www.seeedstudio.com/catalogsearch/result/index/?cat=814&q=odyssey

and the case is nicer.

No this does not work. Had it esxi and then shimmed in the realtek drivers (the old H model)- it just was buggy and dropped out frequently. Bare metal doesn't work at all with ubuntu, pfsense or opnsense.

as a win10 media box- it is wonderful, very fast, silent.

Super disappointed in Odroid for cheap'ing out and not getting intel nics. This would be a game changer if a box like this was out at around that pricepoint.

currently looking for a little box with ddr4 and a 6th gen intel cpu with a couple intel nics.
Thinking this;
https://qotom.net/product/23.html

Mini PC Q600S
Support Skylake-S and Kabylake-S FCLGA1151 desktop processor, dual Gigabit Intel network card, dual HDMI display, dual DDR4 memory,

Horrible= badly designed.

a hair away from going to PFsense, badly designed. More descriptive?

The interface and GUI I have realized is horrible. This is why I, after reading tons of articles on suricata, the manual, all this stuff- none of it worked.

what I did is enable the rules in

<-- assumes- you DL'ed the rules you wanted and paid for or applied to any ones that required licensing. -->

Services: Intrusion Detection: Administration> rules

What I had to do is enable all the rules kind of manually.

change the view number of rules drop down to 1000, then check the "sid" check box, selecting all the 1000 rules- then scroll to the bottom click enable selected, and drop, then wait forever after its done, click apply.

for me this fixed it, the 22k rules I have and now in the logs I have all sorts of info.

bonus, go to

Services: Intrusion Detection: Administration> rules

and do a search filter for:

DELETED

these are old rules, and not used rules- but if they are enabled, I don't know if it has any effect on system resources or not- maybe someone can chime in....

anyway, I just pick 1000 again and check sid, then scroll to the bottom and click disable after that's done hit apply, then go thru the next page, if any to see if it applied the disabled to those as well.

proxmox will not work with realtek nics. I found out hard way, built a custom esxi with the drivers compiled- its pretty easy look online.

but if you have intel- GoG.

bump. anyone?

have tried a couple different formats, none seem to work. tried with a simple txt file from my server and tried compressed format.

this is the 2 that I have:
http://squidguard.mesd.k12.or.us/blacklists.tgz

and a txt copy of the adblock list:
http://piratepad.be/p/blk2

any suggestions? or what you guys use?

FYI:

The suricata links to dl the emerging threats rules definition are all broken, the emerging threats site has updated their links.

old broken link example:
https://rules.emergingthreats.net/open/suricata/rules/http-events.rules

New:
https://rules.emergingthreats.net/open/suricata-1.3-enhanced/

or
https://rules.emergingthreats.net/open/suricata-1.3/

But some of the definitions are gone now, that first one being an example.