Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - HatalaTitla48

Pages1
#1
Web Proxy Filtering and Caching / Integration of GoAccess
May 19, 2025, 08:10:51 PM
Hello,

didnt found any results about goaccess, so I ask here. Did anybody managed to get goaccess working on opnsense? Has anybody working setup or functional workflow for using goaccess with haproxy or squid logs?

Thx.
#2
Virtual private networks / Broken OpenVPN s2s function
August 14, 2024, 09:46:46 PM
Hi, does anybody have functional s2s openvpn setup with latest opnsense(OPNsense 24.7.1)? Im getting on client side of openvpn setup message: "ERROR: FreeBSD route add command failed: external program exited with error status: 1. "
Problem is descripted here : https://github.com/opnsense/core/issues/7269 , but looks like nobody cares. Such a basic thing must be functional no matter what new upgrade is rolled up. How can I trust new updates if it results in problems like this? Opnsense team need to do more testing of basic things like this before roll up of new updates. This is home setup, now imagine you deploy this for your customer...cmon guys........
#3
General Discussion / Re: HAProxy Client Certificate Authentication for specific backends
January 20, 2024, 09:24:26 PM
This is a little bit older post, but for those who searching for possible solution for this, I can offer main:
I just roll up separate public service with 444 port and dedicated it to specific backends which I want to connect with client cert. I dont need those backends on 443, as these arent ment for public. This is simple and fast solution....
#4
General Discussion / DNAT+SNAT
September 29, 2021, 11:16:18 PM
I have group of intranet IPs 192.168.0.80-192.168.0.90. If pc with ip from this range make a request for WAN-IP address, it should be redirected to internal ip 192.168.0.20. With iptables, solution is this:

iptables -t nat -A PREROUTING -i $LAN_IF -m iprange --src-range 192.168.0.80-192.168.0.90 -p tcp -d $WAN_IP --dport 443 -j DNAT --to 192.168.0.20:443                                                                                                       
iptables -t nat -A POSTROUTING -m iprange --src-range 192.168.0.80-192.168.0.90 -p tcp -d 192.168.0.20 --dport 443 -j SNAT --to-source $WAN_IP

How do I achive this with opnsense?
#5
General Discussion / Re: Block IP address from local LAN network
September 20, 2021, 07:34:35 PM
Hm, I has same config just with destination as WAN net and rule wasn work.
Anyway, thx for tip, it works with "any" as destinantion.
#6
General Discussion / Block IP address from local LAN network
September 20, 2021, 06:40:46 PM
Hello, Im unable to figure out howto simple block a single ip address from local lan. I have ip address 192.168.1.50 from local lan 192.168.1.0/24. On opnsense it represented by LAN interface. I just want to block this IP from accessing internet. With linux iptables it is simple  "iptables -A FORWARD -i LANiface -s 192.168.1.50 -o WANiface -j REJECT" and thats all. How do I do this on opnsense? Thx.
Pages1