Messages

1

Development and Code Review / Use poudriere to build OPNsense

« on: October 23, 2019, 10:27:49 am »

Hi all,

I was recently needing to compile a package for OPNsense and went forward the documented ways (tools) and hours later I got result (so far so good).
I was wondering why the build system is home-baked as opposed to using a bespoke tool like the magnificent poudriere that should be able to perform this task more efficiently (esp on ZFS enabled environments).

Was an evaluation performed and poudriere considered inadequate?
Was a move to poudriere considered as a mid-term goal? I see a statement from Franco in the forum from 2016. Why was it not undertaken?
Would you consider a move to poudriere if you get support (initial setup, build-server, etc.)? Please note that any such support  would definitely bind your core resources as well.

Cheers,

Keve

PS: Keep up the good work!

2

17.1 Legacy Series / Suricata IPS ban IP (iteract with pf)

« on: June 15, 2017, 02:39:07 pm »

I have started using the IPS feature of Suricata and plugged some own rules. Alerts and Drops work fine.
I would like to enhance the setup by temporarily blacklisting IPs that match rules, i.e. something like fwsam:src, 60 minutes;
After reading the first three dozen sites on this topic I concluded that this is not possible with suricata as installed on opnsense.
Is this the right conclusion?

Is there a workaround? Triggering an action when suricata matches a rule and add the ip to a fw table? And have a periodic cron job expire the ips?

I appreciate any advise on this topic.

Cheers,
Keve