OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of doktornotor »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - doktornotor

Pages: [1] 2 3 ... 48
1
General Discussion / Re: Allow access to port 9200 locally
« on: September 12, 2024, 03:37:02 am »
Quote from: dnll on September 12, 2024, 02:13:19 am
Quote from: doktornotor on September 10, 2024, 09:37:01 am
You need a port forward to 127.0.0.1:9200 on the interface where the monitoring host is, not an allow rule on localhost.
Unsure why I would need any port forwarding here, I'm connecting directly to the OPNsense box on the correct port.

Because the packets are not arriving on localhost (loopback) interface at all, as you have observed.

Quote from: dnll on September 10, 2024, 09:18:29 am
However, when trying from 10.1.1.21, the telnet never connects. Am I missing something obvious here? The 10.1.1.0/24 subnet is in the LOCAL group.

P.S. Making ES listen on wildcard is... crazy. Would really suggest to undo that and do the simple port forward. This post has a proper example of such NAT rule to make services that listen only on loopback accessible over LAN to chosen hosts.  Use 10.1.1.21 for source and 9200 for destination and redirect target ports.

2
24.7 Production Series / Re: NUT / TrippLite / Permission problems?
« on: September 11, 2024, 06:00:32 pm »
Well, I would suggest undoing your "fixes" and doing a fresh OPNsense re-install.

3
24.7 Production Series / Re: IPS/IDS filling my log file
« on: September 10, 2024, 08:15:42 pm »
Another one for your noise...

https://github.com/opnsense/plugins/pull/4228

4
24.7 Production Series / Re: IPS/IDS filling my log file
« on: September 10, 2024, 07:58:31 pm »
Well, they have some deal with the signature vendor about telemetry. However, it should be kept within reasonable limits.

Finally did a PR for the original issue which should significantly (~40x) reduce the logs for the stats at least.  https://github.com/opnsense/core/pull/7857

5
24.7 Production Series / Re: IPS/IDS filling my log file
« on: September 10, 2024, 07:49:54 pm »
This is the offending line - https://github.com/opnsense/plugins/blob/5a02d3867d5e074837a1de8af7ffbaa46552a89f/security/etpro-telemetry/src/opnsense/scripts/etpro_telemetry/send_telemetry.py#L82

Feel free to file another ticket about it. Should be DEBUG at best. Noone cares about such nonsense.

6
24.7 Production Series / Re: IPS/IDS filling my log file
« on: September 10, 2024, 07:30:21 pm »
It's actually worse...  perhaps the below ticket should be renamed to "stop logging useless IDS junk".

https://github.com/opnsense/core/issues/7101

7
24.7 Production Series / Re: 24.7.1 issue with importing CA and Certificate
« on: September 10, 2024, 06:10:29 pm »
I would suggest filling an issue at GitHub.

8
24.7 Production Series / Re: Adding reservations with Kea API?
« on: September 10, 2024, 05:45:29 pm »
🎉

9
General Discussion / Re: 'This account is currently not available' even after wipe
« on: September 10, 2024, 05:10:05 pm »
You are trying to login with user account that has nologin as shell. And on another note, only admin group can use SSH and shell.

10
24.7 Production Series / Re: Adding reservations with Kea API?
« on: September 10, 2024, 04:48:18 pm »
Posting  the exact response instead of describing it would be awesome...

11
24.7 Production Series / Re: NUT / TrippLite / Permission problems?
« on: September 10, 2024, 03:48:16 pm »
The post-(un)install messages from pkgs in output are very much irrelevant for OPNsense. Honestly, cannot see how would that affect the resursive chown either.

12
General Discussion / Re: 'This account is currently not available' even after wipe
« on: September 10, 2024, 10:07:35 am »
Yeah, that's pretty much the only place with that string.

https://github.com/opnsense/src/blob/stable/24.7/usr.sbin/nologin/nologin.c#L32

13
General Discussion / Re: Allow access to port 9200 locally
« on: September 10, 2024, 09:37:01 am »
You need a port forward to 127.0.0.1:9200 on the interface where the monitoring host is, not an allow rule on localhost.

14
24.7 Production Series / Re: NUT / TrippLite / Permission problems?
« on: September 10, 2024, 08:08:56 am »
Dunno, but this was fixed about 1 1/2 years ago. Perhaps you should remove and reinstall the package.

https://github.com/opnsense/plugins/commit/16cbe99ebf0e776afa5deee349f9e0ff73fbe8aa

Code: [Select]
# ls -l /var/db/nut
total 2
-rw-r--r--  1 nut nut 6 Aug 30 02:05 upsd.pid
-rw-r--r--  1 nut nut 6 Aug 30 02:05 upsmon.pid
srw-rw----  1 nut nut 0 Aug 30 02:05 usbhid-ups-CyberPowerOR600
-rw-r--r--  1 nut nut 6 Aug 30 02:05 usbhid-ups-CyberPowerOR600.pid

15
General Discussion / Re: New Protectli installation, but reboot goes nowhere
« on: September 09, 2024, 11:25:53 pm »
Perhaps disable netboot (iPXE)?

Pages: [1] 2 3 ... 48
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2