Messages

1

General Discussion / Can I limit per-device bandwidth consumed per day during peak hours

« on: March 23, 2023, 01:55:41 pm »

My ISP has data caps that apply to bandwidth consumed during peak hours (7am-11pm).

Occasionally a device (or user) will go a bit crazy and download 100GB+ in a single day, which cuts severely into my cap.

I want to limit all devices to 5GB/day each during peak hours and let them download whatever they want during off-peak hours.

I've been searching the forums, the docs and even asked ChatGPT, but so far I haven't found a solution.
Is this possible?

2

22.7 Legacy Series / How to list all DNS entries in Unbound?

« on: January 13, 2023, 06:49:49 pm »

Is there a way to list all of the DNS entries in Unbound?

I'm trying to use Unbound for local DNS and local lookups are not working so I would like to see if it has any entries in its list.

LAN IP is 10.0.0.1

Here are some things I have tried in various combinations in case it's obvious what I'm doing wrong.

Under System > Settings > General
- I have tried having no DNS servers, and including 10.0.0.1

- I have tried checking and unchecking "Allow DNS server list to be overridden by DHCP/PPP on WAN"

- I have tried checking and unchecking "Do not use the local DNS service as a nameserver for this system"

Under Services > Unbound DNS > General
- "Enable Unbound" is checked, and I confirmed when it is unchecked that I cannot do lookups for external domains

- "Register DHCP leases" is checked

- "Register DHCP static mappings" is checked

- "Register IPv6 link-local addresses" is checked

Under Services > Unbound DNS > Log File
- "Log Queries" is checked
- "Log Replies" is checked
- "Log Level Verbosity" is Level 5

Under Services > Unbound DNS > Log File
I have searched the logs for my queries, but I am not seeing any indication of them.

3

22.7 Legacy Series / Re: API firewall filter rule not blocking

« on: December 28, 2022, 03:59:35 am »

I have resolved the issue.

I recreated the rule and accepted most of the defaults. Then tested and my Xboxes couldn't hit the internet.

Comparing the configs, the one thing that is different is I originally specified the Direction as "out", but the default was "in" and that was the fix.

The other good news is that the filter rule does like the alias I was using in the other Firewall rule!

Now, it's super easy for my wife or kids to open Home Assistant on their phone and toggle the firewall rule.

I'm really loving the upgrade from my old TP-Link router to OPNsense!

4

22.7 Legacy Series / [SOLVED] API firewall filter rule not blocking

« on: December 27, 2022, 08:05:54 pm »

Starlink now has data caps. I need to keep my xboxes from downloading games and updates during Peak hours and eating up all my data.

I have configured a scheduled firewall rule to do this, but I need to make it easier for my family to disable the rule when they want to play a game.

I have home assistant and have followed some instructions for using toggling API filters with HomeAssistant (Controlling OPNsense Firewall Rules from HomeAssistant https://blog.fuzzymistborn.com/opnsense-firewall). And this is working.

The challenge that remains is my new API Filter rule seem to block the traffic as expected.

In the Filter rule whether I set the source as 'xboxes' or as an IP of an Xbox (10.0.0.60), or as the "network" of an xbox (10.0.0.60/32) it's not blocking traffic.

Here is how the rule is configured:
Enabled: checked
Action: Block
Interface: LAN,WAN
Direction: Out
TCP/IP Version: IPv4
Protocol: any
Source: (as described above)
Destination: any
Gateway: none

What am I doing wrong?