Messages

Hello
anyone can help me with this topic?

https://github.com/opnsense/plugins/issues/1007

i have this problem too.
please.

hello
i want to see which ip's blocked by ips? and flush or clear them
where can i see this in opnsese?

Hello
i want to use remote radius server for pptp and all vpn servers on opnsense
i should pass 2 these flags in accounting request to radius server :

this is a opnsense packet :

Code Select Expand

opensense packets: 
  Packet-Type = Access-Request
  NAS-Identifier = "OPNsense.localdomain"
  Acct-Session-Id = "9724037-L-1"
  NAS-Port = 1
  NAS-Port-Type = Virtual
  Service-Type = Framed-User
  Framed-Protocol = PPP
  Attr-26.12341.12 = 0x4c2d31
  Attr-26.12341.19 = 0x4d5352415356352e3230204d535241532d302d4b4149504f442004b6561c95d06441a7807f6d05042e31
  Tunnel-Type:0 = PPTP
  Tunnel-Medium-Type:0 = IPv4
  Tunnel-Server-Endpoint:0 = "192.168.30.5"
  Tunnel-Client-Endpoint:0 = "192.168.50.92"
  Tunnel-Server-Auth-Id:0 = "OPNsense.localdomain"
  User-Name = "m"
  MS-CHAP-Challenge = 0xbb1e68137474a650c11db9b16393f933
  MS-CHAP2-Response = 0x01009fed02e9a440f37de8e743a68576a3f60000000000000000352f6b2976a6cb2c95df51b0fdf2f76184d83172d78fd571
  Event-Timestamp = "Feb 27 2018 13:04:33 +0330"
  NAS-IP-Address = 85.xx.xx.xx
  Timestamp = 1519724073

but i should use this packet format :

Code Select Expand

normal packets:
  Packet-Type = Access-Request
  NAS-Port-Type = Wireless-802.11
  Calling-Station-Id = "30:85:A9:EC:C7:FE"
  Called-Station-Id = "hotspot1"
  NAS-Port-Id = "ether2-Local Lan"
  User-Name = "m.tabatabaenasab"
  NAS-Port = 2160067826
  Acct-Session-Id = "80c004f2"
  Framed-IP-Address = 192.168.26.68
  Mikrotik-Host-IP = 192.168.26.68
  CHAP-Challenge = 0xa86f1fa69d1e9f28534dcd19f06ed86a
  CHAP-Password = 0xd5c8d303b94c8054a8e5b15db5eec036b4
  Service-Type = Login-User
  WISPr-Logoff-URL = "http://192.168.26.1/logout"
  NAS-Identifier = "201710301048561303YWr2"
  NAS-IP-Address = 192.168.2.1
  Event-Timestamp = "Jan 27 2018 14:17:39 +0330"
  Timestamp = 1517050059

in fact i need two this flag in request packet:

Calling-Station-Id =
CHAP-Password =

how can i configure opnsense to use this format of request ?

thanks
is there any plan or guide for develop accounting for VPNs?

Hi
i can not use accounting for pptp or l2tp, WISP not working, why?

yes, of course, or for pptp users, for example 1 GB traffic for 1 month

yeah, it is just only time session limit, is this feature was add in future?

sorry, which feature you say?

hello
in order i should give thanks to the developer team for adding Freeradius Limitation in bandwidth.
i have a request for completing this nice work.
can we limit traffic?
and can we set this restriction on a group?
thanks

thanks franco.
i think there is another problem else. snort rules not worked with suricata, i set the oinkcode and enable the rules but not matched even 1 rule.
thanks

hello
i have a problem with suricata, it goes dead after some days and everytime i should remove the pid from /var/run
how can i fix this problem?

Starting suricata.
15/12/2017 -- 08:57:19 - <Info> - Including configuration file installed_rules.yaml.
/usr/local/etc/rc.d/suricata: WARNING: failed to start suricata

part of log file:

Code Select Expand

15/12/2017 -- 08:56:35 - <Notice> - This is Suricata version 4.0.1 RELEASE
15/12/2017 -- 08:56:35 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
15/12/2017 -- 08:57:19 - <Notice> - This is Suricata version 4.0.1 RELEASE
15/12/2017 -- 08:57:19 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!


thanks, it's goes to download after some seconds.

i set the oinkcode and try to download but nothing downloaded

hello
i updated opnsense and saw the snort compatible rules appear, i setup the plugin but i cannot install the rules which is appear in Downloads tab in intrusion system.
what can i do?
i saw a path this file:
snortrules-snapshot-2990.tar.gz
what is it?

hello
is there any help or guide lines about installing opensense ports on githubs on opensene?
for example this:
https://github.com/opnsense/ports/blob/master/mail/assp/pkg-descr
i wanna to use SMTP protection on opensense, how can i ?
i tried but :

env: /usr/local/bin/perl5.24.2: No such file or directory
*** Error code 127

Stop.
make[2]: stopped in /usr/ports/security/p5-Digest-HMAC
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/dns/p5-Net-DNS
*** Error code 1

Stop.
make: stopped in /usr/ports/mail/assp