Messages

Glad you solved your problem

Check for log file and see.

I know IPS is not function in PPPOE.

1.: Disable Suricata on PPPoE interface
2.: run Memtest86+ to check for faulty ram modules. (Download the iso here: https://www.memtest.org/)
3.: replace Harddisk and reinstall OPNsense

I have Suricata IDS on PPPOE interface only.

Then why don't you post the "crash issue" here? None of us owns a crystal ball. The cause for your crashes is in that text!

Here it is the dmesg text.
 

Previously, I encounter this error. Then I retry to delete the user then recreate user with simple password.

Let me do nmap and vulnerability assessment.

Check if your reboots are not related to kernel panic's, there have been several threads on this topic recently.

I do have crash issue in the /var/log/dmesg. I using latest version.

Dear all forumer, I'm plan to do penetration testing against my OPNSense router to see any weakness in it.
Do you guys know what tools in Kali Linux to use? Thanks in advance.

What is your question?

I have several cron job to periodic reset wan interface and now it is not working anymore. It doesn't renew my wan ip address anymore.

Let me monitor few days and see.

Thanks @Patrick

My LAN Windows PC was affected where the pc change background and word document mess up.

@peterwkc, please advise straight answers to the following:

• Are your firewall rules all in the default state?
• If not, please provide any and all NAT or port forwarding (or other) rules you have created, edited, or removed.

As noted early in this thread, we can not exclude an infection on your internal machines, arriving through phishing or downloading dodgy software. We can tell you what, if any, exposures you may have on your firewall.

As noted more than once by Patrick, the logs you have provided show normal and effective operation of the firewall. You have also not yet described any "hacker" behaviour which would be logical for a real external intruder. If your ISP did not like you, they could more simply randomly drop your connection. It is again hugely improbable.

We may be able to help with clear answers about configuration. Remember, your fears about TinyPilot proved unfounded once you had looked into and understood it better.

I have added one rule block in wan and have several firewall aliases like crowdsec. Opt1 block to lan. No sshd no open port. Opt1 WiFi provide based on mac address.

I worried they use malware to get access to my system.

My firewall reboot this morning again. I don't know whether this is crash or have backdoor script