Messages

1

20.7 Legacy Series / Re: opnsense freezes and needs reboot

« on: September 21, 2020, 11:16:04 pm »

so periodic interface reset did not work. - I am also now cronning a reboot.

DHCP4 -V6 is disabled - all 'static' IP are ARPed
OpenDNS is enabled
UnboundDNS w/ blocklists.
IPS is on using Hyperscan.
All offloads are offloading
only using VMware plugin

2

20.7 Legacy Series / Re: opnsense freezes and needs reboot

« on: September 16, 2020, 08:35:00 pm »

I am also having same issue and very similar configuration (ESXi & VM)...

What about a Periodic interface reset - rather than a system reboot?

a periodic interface reset is scheduled daily on my setup; i'll post results in a week so.

Note: i am using e1000 network 'cards'

3

20.1 Legacy Series / syslog column definitions

« on: June 21, 2020, 09:04:21 pm »

Will some one please point me to a resource with the column definitions for syslog-ng SyslogMessage?

Facility = local0
SeverityLevel = info

56,,,0,vmx1,match,block,in,6,0x00,0x2ac1f,1,udp,17,36,fe80::d952:2e68:a12d:54c9,ff02::fb,5353,5353,36

I can determine the interface (vmx1), action (match & block), direction (in), protocol (udp), and source ip (fe80::d952:2e68:a12d:54c9)

Can someone help me determine the other columns?


OPNsense Details:
OPNsense 20.1.7-amd64
FreeBSD 11.2-RELEASE-p20-HBSD
LibreSSL 3.0.2

thank you

4

17.7 Legacy Series / Intrusion Detection - downloading abuse.ch

« on: September 08, 2017, 05:05:28 am »

I'm new to OPNsense, please help me enable and verify IDS/IPS for abuse.ch (https://docs.opnsense.org/manual/how-tos/ips-feodo.html)

When i verify rules have been created, the count is the same as before: 282. When i search for Feodo, no rule results show.

How do i verify I have enabled IDS/IPS correctly for abuse.ch? How do i read the log file for IDS?


Note: i have some counties blocked and alerts are generated; but i don't know about the abuse.ch rules.


OPNsense 17.7.1