Messages

1

Intrusion Detection and Prevention / Intrusion Detection => Strategy => There are too many entries.

« on: August 25, 2024, 06:51:05 am »

Intrusion Detection => Strategy => There are too many entries. Is it possible to have an option of ALL under each category? It is really frustrating to have to choose one by one under each entry. I feel like I am holding a stone to prepare for defense.

2

Intrusion Detection and Prevention / Re: I don't know how to integrate abuseipdb.com's IP List into opnsense to block the

« on: August 25, 2024, 06:50:22 am »

Solution   

3

Intrusion Detection and Prevention / I don't know how to integrate abuseipdb.com's IP List into opnsense to block the

« on: August 21, 2024, 05:59:15 am »

I have been reported by Maltrail for a lot of dirty IP access and scanning reported by abuseipdb.com. But I don't know how to integrate abuseipdb.com's IP List into opnsense to block these annoying IPs. Is there any good way to do this? :'(

4

24.7 Production Series / Zenarmor Some of the settings cannot be successful.

« on: August 12, 2024, 01:05:37 pm »

In setup, I cannot change the settings of interfaces. When I clicked set security zone, I added or deleted status (such as WAN), and after confirming, I clicked restart. However, the deleted status settings reappeared. I tried many times but it didn't work. 

5

General Discussion / Re: What Alias type to use for different blocking lists.

« on: February 13, 2024, 11:09:39 am »

https://blocklist.stie/app    can't open.

6

General Discussion / Re: Please tell me if such a function can be achieved.

« on: February 01, 2024, 12:51:28 pm »

Firewall: Settings: Schedules - create a schedule.

Add a rule to restrict all traffic to and from the network the interface connects to and attach the schedule

Stupid me, the experiment failed. Please give me some pointers. I would be more grateful if you have screenshots for me to learn how to do. :'( :'( :'( :'(

7

General Discussion / Re: Please tell me if such a function can be achieved.

« on: January 30, 2024, 08:55:10 am »

OOO....  thanks.

8

General Discussion / Please tell me if such a function can be achieved.

« on: January 29, 2024, 02:33:52 pm »

It's easy under ROS, just write a script.

If you want to suspend the use of a certain network card at a fixed time and make the network card invalid. Set another time to restore the use of this network card. Meet the need to control network connections. How to implement this function.

9

Chinese - 中文 / 请教，是否可以实现这样的功能。

« on: January 29, 2024, 02:33:05 pm »

在ROS 下很容易，写个脚本就可以。

如果想在一个固定的时间，暂停某块网卡的使用，让这个网卡失效。再设定一个时间，恢复这块网卡的使用。达到控制网络连接的需要。这个功能，要如何实现。

10

23.1 Legacy Series / Re: VnStat query not working in 23.1.2

« on: March 10, 2023, 10:52:17 am »

OPNsense 23.1.3-amd64.  repair the bug

11

23.1 Legacy Series / Re: VnStat query not working in 23.1.2

« on: March 08, 2023, 05:23:03 am »

yes.  me too

12

22.7 Legacy Series / Re: 22.7.9 Lose WAN

« on: December 08, 2022, 06:31:06 am »

Do you run Suricata? That seems to be the problem most are having that is causing it to lose WAN or LAN depending on which its looking at. Rolling Suricata back to 6.0.8 from 22.7.8 fixes the issue it seems.

Thanks for the reply brother, I tried to downgrade to other 22.7.8 and 22.7.7 but it didn't work, and it would hang up after a while every time. I just upgraded to the latest 22.7.9_3. Suricata seems to be upgraded to 6.0.9_1. Let me take another look. If there is no reply, everything is fine.   

13

22.7 Legacy Series / 22.7.9 Lose WAN

« on: December 06, 2022, 03:53:29 am »

Looking at the many questions in the forum, what I encountered was that the WAN would lose the link within a day.
I chose to fall back to 22.7.8. Waiting for the next major version update.
The 22.7 series is really a lot of tribulations.

14

General Discussion / Re: I want to suggest that the official launch a function like Fail2ban.

« on: November 15, 2022, 04:24:34 am »

Suricata can do what you need. It just doesnt have the attempts counter but bans them instantly.

Suricata is also being used and has many advantages, but for operations that do not exist in the rules, I don't know what corresponding operations it will make. Of course, the matching of rules is more extensive. But it does not prevent the defense against simple brute force attempts like fail2ban, and can manage the blocking time of such IPs. If you need to add a period, I hope it is 3650 days.   

15

General Discussion / Re: I want to suggest that the official launch a function like Fail2ban.

« on: November 15, 2022, 04:11:37 am »

Have you tried CrowdSec ? It can do what Fail2ban can and more.
There's a CrowdSec plugin though I haven't tried it yet in OPNSense, it works great on my Linux server though.

thanks. CrowdSec  Doesn't work, it's a good program, but under opnsense, it's a photo, just look at it.