Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - nwabytes

Pages1
#1
General Discussion / Multi DHCP servers
August 29, 2025, 10:52:09 PM
I searched the forum and the docs i cant really find anything about removing ISC DHCP and dnsmasq It just bugs me i cant remove unused apps. I just moved back to OPNSense from Mikrotik. I run a lot of wireless its my main choice on towers ect.

If i remove it from the cli will it remove the menu in the GUI. One more thing about Intrusion Detection its so hard to understand i  used it on pfsense years back. is there an easier way to enable the rules. Im running in (test mode) not blocking. some stuff by default id like to block like all the scanning stuff.

This is my first post here i think. Thank you for the great software. If i put this in the wrong  place let me know
#2
Intrusion Detection and Prevention / Help me understand suricata
February 19, 2020, 07:00:45 PM
Im coming from Pfsense, I really like everything i see with OPNSense. I have one issue and its suricata.
Ive tried bare metal and virtualization, I cant seem to get  it working.
Im use to seeing alerts and blocks. with OPNSense there never anything in alerts. ive read over the forums disabled the snort rules. Heres my logs as of now.

Code Select
2020-02-19T11:42:52 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:40:15 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:40:15 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:37:27 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:37:27 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:34:53 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:33:15 suricata[4136]: [100381] <Notice> -- all 4 packet processing threads, 4 management threads initialized, engine started.
2020-02-19T11:31:35 suricata: [100381] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-02-19T11:31:35 suricata: [100174] <Notice> -- This is Suricata version 4.1.6 RELEASE
2020-02-19T11:31:35 suricata[29109]: [100462] <Notice> -- Stats for 'vtnet0+': pkts: 0, drop: 0 (nan%), invalid chksum: 0
2020-02-19T11:31:35 suricata[29109]: [100462] <Notice> -- Stats for 'vtnet0': pkts: 0, drop: 0 (nan%), invalid chksum: 0
2020-02-19T11:31:34 suricata[29109]: [100462] <Notice> -- Signal Received. Stopping engine.
2020-02-19T11:31:34 suricata[29109]: [100462] <Notice> -- all 2 packet processing threads, 4 management threads initialized, engine started.
2020-02-19T11:30:23 suricata: [100462] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-02-19T11:30:23 suricata: [100107] <Notice> -- This is Suricata version 4.1.6 RELEASE
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Stats for 'vtnet1+': pkts: 1611, drop: 0 (0.00%), invalid chksum: 0
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Stats for 'vtnet1': pkts: 2052, drop: 0 (0.00%), invalid chksum: 0
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Signal Received. Stopping engine.
Pages1