OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of senseless »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - senseless

Pages: [1]
1
20.7 Legacy Series / Re: Why do I have NTP traffic to random IP's?
« on: September 13, 2020, 12:21:36 am »
I am wondering the same. Why does OPNsense try to contact the following IPs with UDP/123 (i.e. NTP) 185.17.70.106, 212.25.1.1, etc. (see picture attached)? These are not the default OPNsense NTP Servers (which by the way at the moment are configured as "do not use").

Where are the NTP servers show in the picture configured?


2
General Discussion / Re: DNS requests to localhost
« on: June 21, 2020, 04:31:16 pm »
@Mitheor: I misinterpreted your answer. Sorry for that.

I realised now localhost is configured as namesserver in "resolv.conf" and I assume that's why the OS is asking localhost for name resolution. Does it make sense to have localhost configured as nameserver in "resolv.conf"? Is this how FreeBSD does consult its DNS cache and/or host file (these entries are loaded into the DNS cache afaik)? Or is there a nameserver operating in OPNsense / FreeBSD?

3
General Discussion / Re: DNS requests to localhost
« on: June 21, 2020, 11:43:07 am »
Quote from: phoenix on June 21, 2020, 10:40:16 am
Why do the DNS requests matter, is it causing you a problem?

Not yet... but I try to understand, if it will cause me troubles in future. These drops are only visible after creating an explicit deny all rule at the end of the rule set. With the default rule set there are implicit/automatically created rules allowing this traffic (see screenshot attached). BTW, where can I find the automatically created "pass loopback" rule?

And it fills up the log with drops making troubleshooting more diffcuilt (I know, I could get ride of the log entries by defining a rule for the dns traffic w/o logging. However, this is symptomatic treatment and not eliminating the root cause.)

Quote from: Mitheor on June 21, 2020, 10:44:07 am
Any service that has to communicate with Internet has to do that.

Like, checking for new firmware, signature updates ... anything.

Okay -  thank you. Why is that? And then the question is, how can I disable this service that makes the firewall to do DNS queries? At the moment, I don't see an apparent reason why the firewall should do DNS queries...  (so there will be no answer), I did not configure a local or remote DNS server, there are no clients configured to query the firewall for DNS... There seems to be some default setting causing this... can it be deactivated?   

4
General Discussion / DNS requests to localhost
« on: June 21, 2020, 10:21:12 am »
Hi all

In the firewall log I see a lot of DNS requests from localhost to localhost (see screenshot attached). Why does OPNsense do this and what is it good for? Can I get ride of these requests somehow?

Thank you and regards,
Peter

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2