Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - onefix

Pages1
#1
General Discussion / Re: Alias URL Question
February 03, 2018, 04:34:25 AM
I don't think OPNSense has an automated ASN lookup rule.  What I have done is create a script to output a number of requests / lists to an /opt file once a day.  The command would look like this:

whois -h whois.radb.net -- '-i origin AS15169' | grep -Eo "([0-9.]+){4}/[0-9]+" > /opt/aliases/google_ips

You should then simply create a rule URL Table (IPs) and point the first entry to /opt/aliases/google_ips
#2
General Discussion / Re: Migrating from pfSense
February 03, 2018, 03:50:16 AM
Yes.  There are a few caveats regarding 3rd party packages (such as pfBlockerNG), but all of the settings that exist on a base install of pfSense should come over fine.

That having been said, OPNsense has a slightly different design philosophy than pfSense.  To clean up after my pfBlockerNG config, all I did was disable the aliases and firewall rules created by pfBlockerNG and remove the extra settings it added to the Unbound config.

If you're looking to duplicate pfBlockerNG, here is a good page on that.

http://www.routerperformance.net/opnsense/using-pfblocker-features-in-opnsense/

It will also open your eyes to the different design theories followed by OPNsense.
#3
General Discussion / Re: System hanging on reboot
January 28, 2018, 07:17:53 AM
Yes, I do not understand why, but reinstalling OPNSense fixed the problem.  The thing that is strange is that no amount of power cycling or resetting of configuration fixed it before (and the rest of the system was operating correctly as far as I could tell).
#4
General Discussion / Re: System hanging on reboot
January 27, 2018, 11:19:37 AM
OK, I reinstalled and went to the newest stable (not devel) release and it's working.

Version codes are as follows:

OPNsense 17.7.12-amd64
FreeBSD 11.0-RELEASE-p17
OpenSSL 1.0.2n 7 Dec 2017

Thanks.
#5
General Discussion / Re: System hanging on reboot
January 26, 2018, 06:14:42 PM
pfSense has never had this issue for me.
#6
General Discussion / Re: duplicating pfblockerng features
January 26, 2018, 03:03:44 AM
For the DNSBL, you can try following this:

https://devinstechblog.com/block-ads-with-dns-in-opnsense/

I'm also researching the possibility of creating a version of the script in that post that will create external aliases as well.
#7
General Discussion / System hanging on reboot
January 26, 2018, 02:33:24 AM
I've been trying to migrate from pfSense to OPNSense and I'm hitting an issue with regards to rebooting the system.

It is hanging after outputting "Uptime : xxxxx" ... I have tried this on both 17.7.5 and the newest 18.1 version and I get the same issue.

The box I'm using is one of these https://protectli.com/product/fw6/ ... I have 8GB of RAM and a 64GB MSATA card.  The thing that confounds me is it is working fine with pfSense.

Any ideas on what might be causing this?
Pages1