Messages

Many of the lists I have posted block most of Google's telemetry and spying but not all of it. More can be done.

Adguard - Filters - Custom filtering rules - add:

||dnsotls-ds.metric.gstatic.com^ 
||encrypted-tbn0.gstatic.com^
||encrypted-tbn2.gstatic.com^
||mtalk.google.com^
||metric.gstatic.com^
||chart.apis.google.com^
||cse.google.com^
||encrypted-tbn1.gstatic.com^
||www.gstatic.com^
||fonts.gstatic.com^
||ogs.google.com^
||ssl.gstatic.com^
||aa.google.com^
||encrypted-tbn3.gstatic.com^
||pki-goog.l.google.com^
||signaler-pa.clients6.google.com^
||addons-pa.clients6.google.com^
||apis.google.com^
||0.client-channel.google.com^
||clients2.google.com^

Result after applying the rules:

- Google searches: OK

- Gmail: OK

- Youtube: OK

- Instagram: OK

- Android: OK

- Playstore: OK

I had to omit some of these from my custom filter rules because they messed up my daughter's Google Classroom:

||www.gstatic.com^
||fonts.gstatic.com^
||ogs.google.com^
||ssl.gstatic.com^
||pki-goog.l.google.com^
||signaler-pa.clients6.google.com^
||apis.google.com^

Please update this list or indicate this.

Shot in the dark here, but this happened with my iPhone a year ago, now my wife's, and I can't figure why old to new iPhone data transfers won't work on my network.

I don't see Adguard blocking anything Apple, nor the firewall except for the occasional WAN incoming. Everything else on my network works fine.

Anybody care to take a stab in the dark as to why this Apple function won't work on my network?

Thanks

Hi,

Any workaround for the improbability of Alias implements in Shaper rules?

I just want to throttle back traffic to two ASN's. But since I can't put the alias for those in Shaper rules, I can't figure out if there's something else that I can do. Any suggestions?


Thanks

Thanks for the reply iMx. That is what I suspected. Maybe I'll briefly run Puppy on the appliance so that I can run ethtool -T.

Hello all,

I need to know if my NIC's support PTP hardware time stamping and a clock but it does not look like there's a PTPd.

Is there a freebsd equivalent of ethtool -T em0 ?

Ultimately this is to see if I can use OPNsense for long distance transmission of precision-clocked multichannel audio.


Thank you

Works now after checking out the above link. Thank you!

Regardless of how long I leave Inspect active, all of my active evals, states, packets and bytes just show N/A.

I don't see some new setting, so, is this a bug?

After the upgrade to 23.7.8...     Firewall > Rules:  Hitting "Inspect" while on any interface now only shows N/A on all rule stats - homemade and auto-generated. I used to get counters.

Searched with no luck. What could it be?

Update:

After the recent update to OPNsense 23.7.2 and Zenarmor 1.14.4, the traffic graph in the Zenarmor Dashboard shows active Wireguard traffic but selecting the wg0 interface in Live Sessions or Reports shows nothing.

Thank you to the Devs thus far.

I can confirm Wireguard-Go is installed and the Wireguard interface/fFW rules are setup similar to my other two interfaces. However, those work just fine on Zenarmor.

No idea why Zenarmor sees the Wireguard interface but doesn't filteror report.

Any advice would be appreciated.

When I go to System > Firmware > Plugins it shows os-wireguard-go (installed)  and os-wireguard is not installed.

Should I try uninstalling and reinstalling Wireguard? Will all of my tunnels and keys be preserved?

Thanks

I was getting reporting data with Wireguard-Go before the upgrade but not now.

The WG interface is selected in the Zenarmor Settings > Config, but the the Dashboard traffic graph just shows flatline.
Reports shows all other interfaces but not Wireguard.
Live Sessions - Can filter wg0 interface but reports nothing.

Log Message:
Engine configuration error
Cannot validate interface: netmap@wg0 line: 2, 1, netmap@wg0, netmap@wg0^, 0, 3, 4345 ,lan;netmap;routedmode


Anybody else experiencing the same and is there a fix?



OPNsense 23.7.1_3
Zenarmor   1.14.2

Founf the answer here: https://www.sunnyvalley.io/docs/troubleshooting/reporting#how-do-i-reinstall-the-reporting-database

I had to remove the index files.

How was this resolved? I'm having the same issue.

Indeed I use it, just not for this setup. I looked at all the bookmarks of my gear's GUIs and noticing that the lock icons were alway slashed-out when logging in, I got weary. I simply wondered if there's another level of security that I could setup other than rules. So I was just trying to explore options. Is their no security intermediary that can be setup for situations like these?

Thanks