Messages

1

General Discussion / Re: 2 hour delay

« on: August 06, 2024, 07:07:49 pm »

Hi Baender,

That was the first thing I tried, but that didn't solve the exactly 2 hours time difference.
But .. I found the cause, it was something in the browser, perhaps one of the security/privacy plugins or add-ons.
When I tried another browser the issue was gone 

2

General Discussion / Re: 2 hour delay

« on: August 06, 2024, 05:49:13 pm »

From what?
System,Settings,General,Time Zone = country/city near me in my timezone
Reporting,Insight,Totals: The graph always shows my time - 2 hours on the right side of the graph (like all reporting graphs)
Firewall,Log Files, Live View : Shows entries at the current time
If I login via SSH and do "date"  it shows the correct date and time..

3

General Discussion / Re: 2 hour delay

« on: August 06, 2024, 05:04:26 pm »

Time zone is set correctly under General settings, again the system time and time of the log files are ok. Do I need to set the time for reporting in a different way ? I don't understand that both can be different. ?

4

General Discussion / 2 hour delay

« on: August 06, 2024, 04:35:32 pm »

This might turn out to be an embarrassing question ..   

In all the reporting graphs, like : Health Insight , Traffic , Unbound DNS,

The most recent time that can be displayed in under the graphs, is 2 hours ago.
Although the most recent data in the graphs appear to be of  'now" ..

The system date is correct, and all the Firewall live log data has the correct time
as all the log files are correct.

Do I overlook something?

5

24.1 Legacy Series / Re: SSL Handshake errors between unbound and DNS overTLS enabled forwarders

« on: July 15, 2024, 12:11:22 pm »

Thanks Patrick,

I've created an extra .conf file under: /usr/local/etc/unbound.opnsense.d/
and added the line in there, that solved the issue!

Tuatara

6

24.1 Legacy Series / SSL Handshake errors between unbound and DNS overTLS enabled forwarders

« on: July 15, 2024, 09:35:02 am »

When I searched for this, In this forum I found the following post:

[SOLVED] ssl handshake errors between unbound and DNS over TLS enabled forwarders
« Reply #3 on: March 08, 2019, 10:24:43 pm »
I found a solution for my issue. I added following line to a server block and afterwards the name resolution works.
tls-cert-bundle: /etc/ssl/cert.pem

Is there someone who can explain, where exactly I need to place the line above, since I don't understand what was meant with:
"I added following line to a server block" where exactly is that?

Thanks in advance

7

General Discussion / Filters template delete: Template delete failed. Result: undefined

« on: December 06, 2022, 06:20:05 pm »

Does anyone perhaps know, how to solve this:

Firewall, Live View,
If I want to delete a filter  template there,  I get : Template delete failed. Result: undefined

If I want to create a new Filter template: Template save failed. Message: undefined

Is this perhaps a permissions problem, and if so where ?

Thanks in advance,

Tuatara

8

General Discussion / Re: new bug? after upgrade to Version 22.7.6

« on: October 13, 2022, 04:59:32 pm »

Hi Franco,
Thanks for your response.
I am a bit confused and not sure if we are talking about the same situation.
So maybe I misunderstood your response...
Just to be sure:
What you described seems what I've seen before. But after the update things changed.
What happens now, is that even without auto-refresh it removes lines from the screen that should have stayed there. And with auto-refresh and the same number of lines selected let's say 100.
You will see 50 lines, screen refresh , 10 lines, screen refresh 30 lines etc. etc.
So manual refresh will not always show the selected number of lines as well.

The issue now is that I am not able to see the last 100 of lines whatever I select.

9

General Discussion / new bug? after upgrade to Version 22.7.6

« on: October 13, 2022, 01:12:58 pm »

Directly after the last update to (now 22.7.6 ) I've noticed that:
Firewall,Log Files, Live View, no longer works as before.
In the past I was able to select 50 or 100 to see that last number of lines.
But now the content disappears  before at reaches that number.
Of course I've tried multiple browsers, but the effect is the same.
Is this a known issue, was it introduced by the last PHP updates perhaps ?

Thanks in advance

Tuatara

10

Zenarmor (Sensei) / Re: First Impressions

« on: October 10, 2022, 02:36:23 pm »

You are right, I think it is because of the free version:

in zenarmor, Configuration:

at DNS Enrichment for Reports   
DNS server IP addresses to do reverse IP lookups: 192.168.122.254 (is wrong and greyed out)
 
the "Perform real-time DNS reverse queries for local IP addresses " switch is not usable in the free version

Nice to hear it is working in the paid version..

11

Zenarmor (Sensei) / First Impressions

« on: October 10, 2022, 11:18:48 am »

As a CyberSecurity Engineer I really like ZenArmor,

Here are my First impressions..

Using the Free version for trailing, these were some things that I've noticed:

- Only Credit card and WePay as payment options, so no PayPal or Ideal
- Very difficult to find the cancellation method or period on their website
- No Reverse IP resolving of hosts on your private networks, so you manually have to do that, each time when investigating traffic for one of your devices.
- Unworkable amounts of False Positives on the following Security Policies:
- - Block potentially Dangerous sites =>  for many of VirustTotal verified safe Dutch websites
- - Block Firstly Seen Sites          =>  many websites and domains older than 2 years are blocked
- - Block undecided Not Safe Sites   
- - Blocking ads sometimes break websites without ads.
- It would be nice to have a bit more flexibility in the web control categories in the Free version.

As already discussed in this forum, you have to trust the vendor, but that is always the case
for each Security product. Especially when private data can be uploaded to the cloud or to the vendor.
I have no reason to doubt the reputation of Sunny Valley, but it is fair to mention this in general, just for awareness.

The Dutch saying says: “don’t look a gift horse in the mouth”.
And I think that the free version delivers a lot of value for free / bang for no buck,
I am really impressed with the amount of information it provides and it's rich feature set.

so I will continue to test for a while and give another update soon.


Tuatara

12

Zenarmor (Sensei) / question before purchasing a subscription

« on: October 07, 2022, 03:52:55 pm »

The free version has its limitations, so I want to trial for a while with a paid version to see if it is usable for me. Since I did not read the fine licensing print before at other parties in the past ...
I tried to find out how you can cancel a subscription, and what the cancellation period is when you pay monthly.
- Could not find it on the website, but perhaps I've overlooked.
- Did not receive an answer by mail within almost a week on this.

Does anyone here know?

Thanks in advance.

13

General Discussion / Re: under attack, want to block incoming traffic from some sub domains

« on: October 03, 2022, 06:18:36 pm »

SOLVED !!!   

pfff... that saves a lot of work !

14

General Discussion / Re: under attack, want to block incoming traffic from some sub domains

« on: October 03, 2022, 06:17:08 pm »

Yep Supermule, That might do the trick!

Found the BGP ASN of that party , implementing now ..

Thanks a lot !

15

General Discussion / Re: under attack, want to block incoming traffic from some sub domains

« on: October 03, 2022, 04:57:40 pm »

Sadly,
I don't know what their IP range is yet.
It seems that I can only add known hosts in that file.
Since there are new hosts popping up every time, I need to keep 24/7 monitoring which new hosts I see,
and than manually adding each host to the list since wildcards can not be used.
like *.hinet.net

btw I am running a deciso.com appliance