Messages

1

Zenarmor (Sensei) / Re: Does OPNsense with IDS/IPS/Other takes full advantage of multi-core CPUs

« on: September 27, 2024, 08:46:44 pm »

Thank you, I appreciate the information

2

Zenarmor (Sensei) / Re: Why Top Local Hosts show IPs vs predefined hostnames?

« on: September 27, 2024, 08:44:30 pm »

Thank you, I will check that out

3

Documentation and Translation / Re: AdGuard Home setup guide

« on: September 27, 2024, 02:36:36 am »

Hi, I've got an issue where every device in my network can resolve DNS, but the OPNsense system itself can't, meaning it's not possible to check for updates, also DNS lookups don't work. The setup consists of Unbound DNS being the upstream of Adguard.

I've followed the usual guides present in this thread (the two DNS server options checkboxes are unticked in System->Settings->General, no DNS servers are present there, Unbound is set to run on port 5353 and so on).

What's weird is that if I just enter a public DNS (like 8.8.8.8 ) in System->Settings->General, the OPNsense system itself can suddenly resolve all DNS queries. I'd like it to use at least Unbound as well though.

Could anyone possibly help me with this?

You have to add localhost (127.0.0.1) to the /usr/local/AdGuardHome/AdGuardHome.yaml in the following section:

dns:
  bind_hosts:
    - 127.0.0.1
    - 192.168.1.1 (whatever the OPNsense address is)
  portL 53

After that, restart the AdGuardHome service from the OPNsense console.

4

Documentation and Translation / Re: AdGuard Home setup guide

« on: September 26, 2024, 10:28:30 pm »

Opnsense 24.7.4 Installation:


1 - Activate mimugmail's community repository:


SSH Opnsense: fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf


2 - Install AdGuardHome ( os-adguardhome-maxit ) from System - Firmware - Plugins


3 - Opnsense: System - Settings - General:


 - DNS Servers: all empty

 - Allow DNS server list to be overridden by DHCP/PPP on WAN: uncheked

 - Do not use the local DNS service as a nameserver for this system: uncheked


4 - Disable Unbound


5 - Activate and start AdGuardHome from Services - AdGuardHome - General ( Primary DNS cheked )


6 - Navigate to http://your.opnsense:3000/ to complete the setup


7 - In Adguard Home - Settings - DNS settings - Upstream DNS Servers:   Set the desired servers ( 1.1.1.1,   8.8.8.8  etc ):

  tls://1.1.1.1

  tls://1.0.0.1

  https://odoh.cloudflare-dns.com/dns-query

  quic://dns0.eu


8 - In Adguard Home - Settings - DNS settings - Bootstrap DNS servers:

  1.1.1.1

  1.0.0.1

  193.110.81.0

  185.253.5.0

I like this configuration approach of having AdGuard Home handling all things DNS on default port 53, and disabling UnBound DNS, it's cleaner and has no redirects.

1.- Is there an advantage of keeping UnBound DNS enabled and being the man-in-the-middle?
2.- Is there a disadvantage of disabling UnBound DNS and use ONLY AdGuard Home?

Thanks

5

Zenarmor (Sensei) / Re: Does OPNsense with IDS/IPS/Other takes full advantage of multi-core CPUs

« on: September 26, 2024, 09:30:15 pm »

Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.

It would be better for the year 2040

Sorry for the inconvenience, but we had to prioritize working on other features.

If I enable other services like AdGuard Home, will the multi-core capabilities of FreeBSD be leveraged? Meaning AdGuard Home service, will run on a different core than the cores being used by Zenarmor and OPNsense itself ? Thank you

6

Zenarmor (Sensei) / Why Top Local Hosts show IPs vs predefined hostnames?

« on: September 26, 2024, 09:14:46 pm »

In the Devices section I have already assigned a name to each of these IP addresses (graph below), they show OK (with the name) in the Top Devices section, but not in the Top Local Hosts section, why is this?

I have the Home License in trial mode, thank you

7

23.7 Legacy Series / Re: htop installation fails

« on: September 26, 2024, 04:02:48 pm »

To be honest, it was a pain to even find the htop binary/package.  I'm not going to be any help unfortunately...I could never find an easy way to do this either.

No worries, I agree it is a pain to find this type of information, thank you very much for the help

8

23.7 Legacy Series / Re: htop installation fails

« on: September 26, 2024, 12:34:03 am »

Looks like it's here now for current version of OPNsense.

https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/All/htop-3.3.0_2.pkg

When you need to update it, I "delete pkg htop" and then "add pkg htop <url>".  Just updated using this link and it works as expected.

Is there a way to list the packages available and their respective versions from the pkg.freebsd.org site? I try to go there to look and I always get, I have tried different folders but always the same:

403 Forbidden

nginx

Thank you

9

Zenarmor (Sensei) / Re: ZenArmor and Pihole

« on: September 26, 2024, 12:02:58 am »

ZA also has DNSBL, why not to use only ZA and disable PiHole?

10

Zenarmor (Sensei) / Do I need Unbound DNS blocklist with Zenarmor?

« on: September 25, 2024, 10:57:59 pm »

I am using Unbound DNS Blocklist, it is working fine, now I installed and activated Home subscription (trial) for Zenarmor, it also has adBlocking, do I need both? or I can disable Unbound DNS Blocklist? Thanks

11

Zenarmor (Sensei) / Does OPNsense with IDS/IPS/Other takes full advantage of multi-core CPUs

« on: September 22, 2024, 04:23:04 pm »

Thinking to migrate to a CPU with 6 cores / 12 threads vs 4 cores / 4 threads I have today, will OPNsense take full advantage of it while using IDS/IPS/Zenarmor/Other Tool functionality? Thanks

12

23.7 Legacy Series / Re: htop installation fails

« on: September 22, 2024, 04:08:22 pm »

Looks like it's here now for current version of OPNsense.

https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/All/htop-3.3.0_2.pkg

When you need to update it, I "delete pkg htop" and then "add pkg htop <url>".  Just updated using this link and it works as expected.

Thanks a lot, appreciate the help

13

24.7 Production Series / Re: How to install htop

« on: September 22, 2024, 04:02:17 pm »

Thank you all for the feedback, it is working now, I appreciate the help

14

23.7 Legacy Series / Re: htop installation fails

« on: September 22, 2024, 03:33:35 am »

I just install the pre-compiled version without issue using this command (assuming amd64 platform).

Code: [Select]

sudo pkg add https://pkg.freebsd.org/FreeBSD:13:amd64/quarterly/All/htop-3.2.2_1.pkg

Do you have an updated link? I get back package not found, thank you

15

24.7 Production Series / How to install htop

« on: September 22, 2024, 03:30:25 am »

I have browsed all over, was directed to the mimugmail repository, but htop is not there, tried to compile it from source didn't work, please any assistance or guidance will be appreciated.

As a side note, I don't understand why it is so complicated to install such a basic package.

Thank you