Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - sdnavarro

#1
Hello
I have a computer with a transparent bridge configured, the ids filters the LAN and WAN gate, the Pattern matcher is aho-Corasick

#2
Any ideas? Help

thanks
#3
this is the log that the firewall shows me by ssh

00:00:00.005422 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 20699, offset 0, flags [none], proto UDP (17), length 62)
    192.169.11.134.60302 > 200.50.96.90.53: 64208+ A? dns.msftncsi.com. (34)
00:00:00.007765 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 26297, offset 0, flags [DF], proto TCP (6), length 60)
     192.169.13.75.49852 > 168.195.56.81.443: Flags [S], cksum 0xe5c0 (correct), seq 2352920936, win 29200, options [mss 1460,sackOK,TS val 34335644 ecr 0,nop,wscale 7], length 0
00:00:00.000006 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 52630, offset 0, flags [DF], proto TCP (6), length 60)
     192.170.13.75.45642 > 31.13.94.24.443: Flags [S], cksum 0xeb20 (correct), seq 2724008523, win 29200, options [mss 1460,sackOK,TS val 34335644 ecr 0,nop,wscale 7], length 0
00:00:00.003420 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 5077, offset 0, flags [DF], proto TCP (6), length 492)
     192.169.15.224.41726 > 190.98.133.224.443: Flags [P.], seq 58273697:58274137, ack 2704364150, win 762, options [nop,nop,TS val 16704 ecr 2430859080], length 440
00:00:00.016381 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 22974, offset 0, flags [none], proto UDP (17), length 62)
     192.170.13.215.61705 > 200.50.96.90.53: 32118+ A? go.microsoft.com. (34)
00:00:00.005550 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 28225, offset 0, flags [none], proto UDP (17), length 69)
     192.169.15.228.54252 > 200.50.96.130.53: 34045+ A? win8.ipv6.microsoft.com. (41)
00:00:00.047879 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 9339, offset 0, flags [DF], proto UDP (17), length 73)
     192.169.16.155.36542 > 200.50.96.90.53: 54963+ A? googleads.g.doubleclick.net. (45)
00:00:00.004089 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 64968, offset 0, flags [DF], proto TCP (6), length 85)
     192.169.14.152.49406 > 31.13.94.14.443: Flags [P.], cksum 0x8e87 (correct), seq 265131073:265131106, ack 407923771, win 351, options [nop,nop,TS val 2651075 ecr 2507244509], length 33
00:00:00.003133 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 0, offset 0, flags [DF], proto TCP (6), length 64)
     192.170.14.22.51727 > 17.248.137.141.443: Flags [S], cksum 0x5ccb (correct), seq 1272202283, win 65535, options [mss 1460,nop,wscale 7,nop,nop,TS val 745643595 ecr 0,sackOK,eol], length 0
00:00:00.000008 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 947, offset 0, flags [none], proto UDP (17), length 89)
     192.169.14.123.54903 > 94.245.121.253.3544: UDP, length 61
00:00:00.001896 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 34749, offset 0, flags [none], proto TCP (6), length 1001)
     192.170.16.139.35191 > 172.217.192.95.443: Flags [P.], seq 1393307038:1393307987, ack 26






thanks
#4
Hello, any ideas?

I've already tried creating rules in the lan interface with an ip's alias, but it does not work

Thank you
#5
General Discussion / problem with external private ip's
November 26, 2018, 10:23:22 PM
Hello

I have a problem with an MPSL network,

the opnsense delivers a local dhcp to the router. in each site has dhcp.

I can navigate connected from the switch. but the traffic from the other site says Deny default rule.


How can I unblock these ip's?

thanks

Thank you
#6
Hardware and Performance / problem with NIC DGE-560T
November 21, 2018, 10:01:21 PM

Hello

I have a computer with opnsense, with 2 nic Dlink DGE-560T, these nic work 10/00/1000.

The problem that I have happens when I connect the nic to a sw hp v1910- 24g the nic cards have a speed of 100, if I force the connection by the switch the port falls down. I attach images.
(the lan interface is integrated to the computer, the cable used is cat6 certified)



Interfaces



forcing the switch port



interface options




How can I solve this problem?

Thank you
#7
I'm wrong this ip 10.1.0.1  ::)

QuoteI already have a WAN and WIFI bridge, I need to see from the network 10.1.0.1 the ip 192.168.1.7

thanks
#8
I already have a WAN and WIFI bridge, I need to see from the network 10.0.0.1 the ip 192.168.1.7

thanks
#9
General Discussion / help to configure opnsense networks
November 15, 2018, 10:26:39 PM
Hello

I have a Firewall with two different networks

I have configured the WIFI and WAN interface as a transparent bridge (10.1.0.0), and I need to see a computer from that network as shown in the image.



how can I configure the opnsense so that I see the ip 192.168.1.7

thanks