OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of ToFu »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - ToFu

Pages: [1]
1
Intrusion Detection and Prevention / Re: Block Access Point Spy Traffic
« on: July 02, 2021, 10:28:59 am »
Hi Brainleg,

i agree to annoniempjuh.

its better to send it back.

To block this device for communications to the internet do not make sense.
From time to time you will need security/firmware updates too.

2
Intrusion Detection and Prevention / Re: SMB connection speed very slow after turning on suricata
« on: July 02, 2021, 10:24:27 am »
I thought that was just an extension for the config. Not overriding :)

Thanks for your reply.

3
Intrusion Detection and Prevention / Re: SMB connection speed very slow after turning on suricata
« on: July 02, 2021, 10:01:35 am »
Where can i find this file?

I have only found /usr/local/etc/suricata/custom.yaml.

But this seems not to be the right file.

4
Intrusion Detection and Prevention / Re: SMB connection speed very slow after turning on suricata
« on: July 02, 2021, 09:44:51 am »
Yes IPS.  :)

5
General Discussion / Re: Log only rule
« on: July 02, 2021, 09:43:21 am »
Hi Franco,

thx.

I understand, there is no solution possible for my special task.
So i have to look for another way of log analysis.

Thank you.

6
Intrusion Detection and Prevention / SMB connection speed very slow after turning on suricata
« on: July 02, 2021, 09:28:17 am »
Hello everybody,

last days i configured my data share via smb.
Goal was that my AplleTV can get data from another vlan.
It needed almost a minute to show the index of the smb share, another one for the next subdir and so on ...

The only way to solve was to turn off suricata for this vlans.
No log alerts or anything else.

Do anyone know about this?

Thanks in advance

7
General Discussion / Re: Log only rule
« on: July 02, 2021, 09:10:05 am »
Hi Franco,

first thx for your fast answer.

How does this alias statistics work?
Can i track anything about this ip subnets (alias), even if the alias is not used in any firewall rule?

I can not find anything about the statistics in the alias section of the manual.

I have some firewall rules to allow only specific ports to the outside.
If i pass all ports to this alias only to get the logs, thats not target oriented.

Thanks in advance

8
General Discussion / Re: Log only rule
« on: July 02, 2021, 08:09:29 am »
Hi all,

have the same problem and can not find a needable solution.

I only want to look after some ip subnets, what comes in or goes out.
No blocking, only viewing.

The logfile evaluation is actually being made with grafana/loki.

Possible solutions for me could be:
1. log only rule in opnsense
2. filter by ip subnets in a grafana/loki combination

Both should be not work at this moment.

Any ideas?
Thanks in advance. :)

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2