Messages

Never did.  I'll try again soon with 18.7 and try to remember to post here.

18.7.1 and 18.7.2 both exhibit this behavior.  Under Services: Intrusion Detection: Administration, Rules tab, the little "enable/disable selected" buttons under the first column do nothing in Chrome 69.  In Firefox 61 they work as intended.  Is this a known bug?

I've seen the guidance for disabling CRC/TSO/LSO within OPNsense when running an IDS.

What about NIC parameters at the ESXi level?  TSO can be killed globally with Net.UseHwTSO.  Should I be looking into other ESXi params as well?  I've been seeing IDS alerts similar to the ones normally blamed on TSO...

[System: Access: Users]

My apologies if this is a known issue with a known fix.  I searched and couldn't find anything.

Under System: Access: Users I am trying to assign VPN privs to a new user account.  On this page, only the GUI category is displayed.  Should there be other privs from additional categories in the list?

My reason for choosing OPNsense is simple.  With pfsense I spent probably 10 hours across several days trying to get traffic shaping to work properly and actually help my bufferbloat without creating new issues.  With OPNsense I had it up and running in about 20 minutes helping with my latency challenges.  I didn't have to fight with fine-tuning queues or floating rules.

I remember seeing it when googling traffic shaper guidance and scenarios.  But I did read a lot of pfsense info and indeed this issue may be relevant to only pfsense (if at all).

What about TCP Segment Offload and other pNIC offloads at the VMware host level?  I've read that these can thwart various packet schedulers...

I've seen some chatter on the 'net regarding traffic shaping not working well with the otherwise superior vmxnet3 interface.  Seems e1000e was/is the go-to interface for this scenario.  Where does this issue stand today?