Messages

1

20.7 Legacy Series / Re: WAN speed slower with IPS enabled on 20.7.4 vs 20.1.9

« on: October 28, 2020, 04:17:03 pm »

good to know that I'm not the only one
do you have a reference link of the other thread? I might be looking for the wrong keywords, can't find it

2

20.7 Legacy Series / WAN speed slower with IPS enabled on 20.7.4 vs 20.1.9

« on: October 28, 2020, 02:43:22 am »

Hi all, just recently upgrade from 20.1.9 to 20.7.4 but noticed a speed reduction when IPS is enabled. from ~350Mbps down to ~250Mbps

One thing I noticed is when I start IDS/IPS it only starts 2 processing threads

Code: [Select]

all 2 packet processing threads, 4 management threads initialized, engine started.
I have 4 igb nics, IPS only enabled on WAN and processor is an

Code: [Select]

Intel(R) Celeron(R) CPU J3160 @ 1.60GHz (4 cores)
started looking into the suricata.yaml file but my inexperience with it didn't help much. under netmap: in the yaml file I have threads set to auto. does it make sense to set this to 4? or is that a stupid idea?

Code: [Select]

# Number of capture threads. "auto" uses number of RSS queues on interface.
# Warning: unless the RSS hashing is symmetrical, this will lead to
# accuracy issues.
threads: auto

3

20.7 Legacy Series / Re: Dynamic DNS - Namecheap doesn't work but cloudflare does

« on: October 27, 2020, 02:34:44 am »

thanks for the response

finally figured it out
opnsense settings was right but it only worked when I correctly set the host on Namecheap

under Advanced DNS >  Dynamic DNS
A + Dynamic DNS Record host should be set with @ for your main domain and for sub domain you only need to set the sub domain excluding the domain.

for example
host should be 'www' for www.mydomain.com
host should be '@' for mydomain.com

4

20.7 Legacy Series / [SOLVED] Dynamic DNS - Namecheap doesn't work but cloudflare does

« on: October 26, 2020, 06:59:59 am »

Hi, wondering if someone else is having an issue updating their IP via Services > Dynamic DNS with namecheap.

I currently use the same service with cloudflare and it works fine but with name cheap i am getting this error on the logs

Code: [Select]

/services_dyndns.php: Dynamic DNS: (Error) No Records updated. A record not Found
this is my config:
Enabled: checked
Service type: Namecheap
Interface Monitor: WAN
Hostname: mydomain.com
MX: <empty>
Wildcards: unchecked
Verbose logging: checked
username: <empty>
password: <Dynamic DNS Password provided by namecheap>

please let me know if i made a dummy mistake.
Thank you!

Edit: currently on opnsense 20.7.4, but 20.1.9 also had the same issue
edit2: also wanted to note that namecheap api works fine with curl

Code: [Select]

curl "https://dynamicdns.park-your-domain.com/update?host=<www.mydomain.com>&domain=<mydomain.com>&password=<namecheap ddns pw>&ip=<my current ip>"

5

Zenarmor (Sensei) / Is Sensei a good replacement for LAN IDS/IPS?

« on: September 24, 2020, 10:41:17 pm »

Hi everyone,

I'm new to the opnsense forums and wanted to ask a general question regarding sensei and suricata

I've been using OPNsense with Suricata IDS/IPS in LAN and so far it has been good. I am new to Sensei and wanted to give it a shot. When I tried to enable Sensei it asked me to disable suricata on my lan connections.

That being said, I'm wondering if anyone could give a short pros and cons of each. If it makes sense to trade suricata with sensei and so on. There are a lot of discussions whether to enable IPS/IDS on WAN or LAN and now Sensei comes into play. I'm lost