"
Hi Franco,
thanks for the tipp, this fixed it :)
bye Josef
thanks for the tipp, this fixed it :)
bye Josef
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
23.7 Legacy Series / Re: change in remote filterlog format after update to 23.7.4
September 18, 2023, 03:33:13 PM #2
23.7 Legacy Series / change in remote filterlog format after update to 23.7.4
September 15, 2023, 12:17:28 AM
Hi,
I use graylog as syslog-target for opnsense. After the update to 23.7.4 there is no leading "hostname filterlog[PID]:" in the remote syslog messages.
bye Josef
I use graylog as syslog-target for opnsense. After the update to 23.7.4 there is no leading "hostname filterlog[PID]:" in the remote syslog messages.
bye Josef
#3
Intrusion Detection and Prevention / Re: Problem starting IPS because of bad rules from urlhaus
September 23, 2020, 04:25:25 PM
I found the problem in my setup.
In the past 10 days there was a huge amount of new submissions to urlhaus, which results in a big increase of rules (from 30000 to 160000) :o https://urlhaus.abuse.ch/statistics/
My hardware (APU 2G RAM) was probably to poor in performance to load all rules in a reasonable time.
In the past 10 days there was a huge amount of new submissions to urlhaus, which results in a big increase of rules (from 30000 to 160000) :o https://urlhaus.abuse.ch/statistics/
My hardware (APU 2G RAM) was probably to poor in performance to load all rules in a reasonable time.
#4
Intrusion Detection and Prevention / Problem starting IPS because of bad rules from urlhaus
September 21, 2020, 03:29:02 PM
Hi all,
I just want to inform, in the actual (21.9.2020 15:00 CEST) abuse.ch/URLhaus rules is a bug wich prevents the IPS from starting :o
[100151] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop http $HOME_NET any -> $EXTERNAL_NET any (msg:"URLhaus Known malware download URL detected (510560)"; flow:established,from_client; content:"GET"; http_method; conte" from file /usr/local/etc/suricata/opnsense.rules/abuse.ch.urlhaus.rules at line 73508
OPNsense 20.7.2-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020
CPU Type AMD G-T40N Processor (2 cores)
I just want to inform, in the actual (21.9.2020 15:00 CEST) abuse.ch/URLhaus rules is a bug wich prevents the IPS from starting :o
[100151] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop http $HOME_NET any -> $EXTERNAL_NET any (msg:"URLhaus Known malware download URL detected (510560)"; flow:established,from_client; content:"GET"; http_method; conte" from file /usr/local/etc/suricata/opnsense.rules/abuse.ch.urlhaus.rules at line 73508
OPNsense 20.7.2-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020
CPU Type AMD G-T40N Processor (2 cores)
#5
20.7 Legacy Series / Re: Better wifi support with 20.7/BSD12.1 ?
August 26, 2020, 10:31:04 PM
I tried it with a WLE200NX but no luck. It seems that there is a driver missing.
#6
German - Deutsch / Re: VoIP - Anrufe kommen nur sporadisch an
February 20, 2020, 10:16:29 AM
Ist die Intrusion Detection aktiv? Wenn ja schalte sie mal aus.
Pages1
