Messages

We have as well an official kmod on OPNsense.
Its in the repository and can be installed via cli. You don't need to complete the driver yourself

https://forum.opnsense.org/index.php?topic=51767.0

Regards,
S.

I have seen such freezes/lockups in the past. It was caused by Memory faulty blocks.

I would advise to run memtest in a prolonged period.

Regards,
S.

This more like plugin specific issue.

The Plugin, controls the poll rate per the sub you have. With manually defining the alias or the blocklist the poll interval is shifted outside the Plugin.

Regards,
S.

That would be actually cool.

As well, I had more time to play a bit with the new updated TiP, its fantastic. As mentioned above the visibility is superb.
For a T-shooting nerd like me, what you provide in TiP is just a dream.

I would love to have all of this directly in OPN GUI (or selfhost it via docker :D), but I understand its most likely not possible.

Great job guys! Keep it up, looking forward what you have next on the table.

Regards,
S.

With Q-feeds, you have more curated list of IoC, blocking more necessary doesn't mean better.
The worth of the Q-feeds feed is the quality & the curation & insight.

With the latest changes on their TiP you can track down why the IP is blocked, and a lot of information.
Additionally, the ease of reporting false positives. You simple open a ticket, they review.

I found very few false positives, lately only one that affected me, within 30min it was removed and in the next poll it reflected on OPN.

This workflow combined with their tooling and the fact all is local is a major plus.

Regards,
S.

Actually I realized this is affecting everyone.

For example I have a PLUS sub, and my refresh interval instead of 4h is set to 8h.



After removing the the content of /var/db/qfeeds-tables/ and re-triggering the feeds download its back to 4h.



Looks like per the OP example and my, the poll rate interval doubles for some reason :D, kinda funny.

Regards,
S.

core@ now claims that CoC is actually a terrible idea and we shouldn't be enforcing it xD

WOW, just WOW.

Regards,
S.

https://forum.opnsense.org/index.php?topic=41295.0

Regards,
S.

I have tried to look at the DHCP and live firewall logs to see what is happening

And what do you see there?
Share it with us?

drop off the wifi and do not connect with a "Saved / IP configuration failure" status on the android device

So If I understand this correctly, when you have the disconnection you get that popup or error message on those phones?

The Pixel phones sadly are know to such issues, there are several post on reddit reporting such issues across the pixel phone series. So its as well possible google just once again broke them with a software upgrade.

Regards,
S.

The out-of-the-box works default for only a Single LAN. (can be as well disabled)
This is done so new users, have access to internet. The default any/any allow applies only to the 1st LAN interface.

Any sub-sequential Interface you create needs to have a manually added rule > this is expected and by design.


In regards of Source NAT (outbound), if its on Automatic, any new Interface should be added to the Automatic Rule. But this will happen only if the rule is automatic. If you have had it on Auto, maybe the interface was just not loaded properly in there, hitting the apply button under the rules should reload the config and put in in there.

Anyway, best practice is always to create your rules manually for both Firewall rules and NAT rules.

Regards,
S.

I can confirm then the numbering is now correct.

1-6 from left to right.

From OPNsense perspective

Ports 1-2 = aq0 & aq1
Ports 3-6 = igc0-igc3

Regards,
S.

Indeed there are nice options for Intel + AQ combinations.

I have from Qotom the Q11032H6, which is a N355 system, bough it during black Friday for a very good price.
https://www.qotom.com/products/show/Mini-PC-Q10900H6-S13-Series

This was originally bought to test the AQ Driver functionality on OPNsense, as I started to see my own need for 10G Networking. I didnt wanted to buy systems with very old Intel NICs. The driver itself was already existing and kinda working on OBSD but not on FBSD, yet missing a lot of features. As the luck strucked @albb0920 had the same NICs and needed the Drivers for FBSD. Which basically triggered the effort to port/finish the drivers for FBSD.

Regards,
S.

what are your thought that would cause memory to increase by X2 by just turning on a "smart" device?    it pretty much stays that high even up to 30 minutes after the tv is turned off?

Considering, the TV only reaches to internet. The only thing how it can impact memory is as mentioned above by opening a lot of sessions.
Each session takes a slice of memory. If you run ZA or IPS the memory impact can be multiplied.

each state table entry requires about 1 kB (kilobytes) of RAM

Considering the above, the TV would have to open a lot of sessions. But SmartTVs are basically just IoT devices with the perk they like to flood and spam which is as well multiplied by various applications you run on the TV.

Regards,
S.

Solid and pretty stable at least that is my experience with the AQC113C.

As mentioned I didn't had any problems since I put it into PROD so since 24th Feb.
The AQC113C and as well the Driver is working on OPNsense/FBSD seamlessly, honestly its hard to believe at first. But after months running these and not hitting any problems its just amazing.

Also this potentially unlocks 2nd option for NICs as to the Intel ones. AQC113C for me performs way better than any realtek NIC on OPNsense/FBSD.

Regards,
S.

What filtering options would you actually use?
Anything missing in the IOC view?

Not sure if this is feasible but what about sorting based on country of origin? E.g Country from where the IoC originates.

Ideas for improving the OPNsense plugin?

Well, OPNsense has inbuilt RRD and other graph possible tooling, would it be possible under the condition its not resource heavy, to create graphs based on the events/IPs/ports/protocols?

Something similar for example as in
Lobby > Reporting > Health
Or
Firewall> Log Files > Overview?

This would still be local to the OPNsense, but would give the users more visual representation.

Regards,
S.