Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Brano

Pages1

21.1 Legacy Series / Outbound NAT with port forwarding weirdness

May 03, 2021, 03:07:50 PM

System version: OPNsense 21.1.5-amd64

I have a simple port forward defied with http port on wan side redirected to local server.

When outbound NAT is set to Automatic or Hybrid the port forwarding works fine.
When I manually configure outbound NAT as shown on the picture, port forwarding also works fine.

However, when I change outbound NAT source to ANY (instead of defined RFC1918 subnets), port forwarding stops working! Why is that?

Thank you.

Zenarmor (Sensei) / Re: Move sensei data to another disk/partition

January 28, 2021, 08:38:06 PM

Thanks. I totally missed that

Zenarmor (Sensei) / Move sensei data to another disk/partition

January 27, 2021, 05:24:59 PM

What is the recommended approach to move sensei data (mongo db/logs) to another disk or partition?
Where exactly are the data located on default install?

To explain, I've added 2nd SSD to the opnsense as the system default partition was running out of space and I need to move data.

thanks

Zenarmor (Sensei) / Re: Sinkhole for Ad Blocking

January 25, 2021, 04:32:40 PM

Thanks for the update.
Sometimes there are also artefacts left on the screen where AD supposed to be. These behaviour is not really happening on pi-hole for example. ...see attachment

Intrusion Detection and Prevention / Re: Just ran out of space in queue - Suricata Crash

October 22, 2020, 05:36:17 PM

How can I delete Surricata rules? I was playing with various sources and now have 217048 rules on the system, all set to Alert. Just want to delete them all and download only what I need.
Disabling alerting is really PITA as one can do only 1000 rules at a time. I prefer to delete them all and start from scratch.

Intrusion Detection and Prevention / Re: Just ran out of space in queue - Suricata Crash

October 22, 2020, 05:19:42 PM

Same issue here

Code Select

2020-10-21T08:53:20	suricata[52318]	[101262] <Critical> -- [ERRCODE: SC_ERR_AHO_CORASICK(174)] - Just ran out of space in the queue. Fatal Error. Exiting. Please file a bug report on this
2020-10-21T08:47:24	suricata[52303]	[100253] <Notice> -- This is Suricata version 5.0.3 RELEASE running in SYSTEM mode

20.7 Legacy Series / Re: SIP / ALG

October 13, 2020, 03:59:14 PM

I don't believe there's any SIP ALG enabled by default. If you want that functionality you'd need to load and configure os-siproxd plugin.

20.7 Legacy Series / Unbound Blocklist questions

October 07, 2020, 03:49:02 PM

I can't find documentation for the Blocklist section, if there is kindly point me to it.

My question is, when I select lists in the Type of DNSBL field do I still need to provide corresponding URLs in URLs of Blacklists field?
Or is URLs of Blacklists just for custom lists?

How often are the lists refreshed?

Zenarmor (Sensei) / Sinkhole for Ad Blocking

October 06, 2020, 03:52:35 AM

Is there a way to provide sinkhole for Ad Blocking?
When the Ad Blocking is enabled is causes a longer page loads due to time outs. Is there a way to redirect the ad requests to a sinkhole? ...similar approach that pi-hole and pfBlocker are deploying?

#10

20.7 Legacy Series / VoIP fails to register on Gateway failure

October 06, 2020, 03:49:09 AM

We have dual gateway system. 1st gateway is preferred, 2nd gateway is used only if the 1st one fails.

When the 1st fails and 2nd gateway takes over everything works except internal VoIP ATA is showing "Trying to register" to internat side SIP provider and won't register.
We have to manually flush state table and restart the ATA, then it'll register.

We have kill states on gateway failure enabled as well as dynamic state reset is enabled.

Any pointers to fix the issue appreciated.

Pages1