Messages

I agree it is wrong to believe that port knocking improves security, but it undoubtedly improves reliability. For example i just spend ~50 minutes attempting to get in line to ssh opnsense, that refused browser logins with "CSRF check failed." error. Turned somebody managed to find the ssh port and over jealously attempted to bruteforce it using large bot net, filling all free space with filter.log's. Unfortunately ssh has no distinct answer that can inform bots that no password logins are allowed and non-standard port when found triggers much more intense attacks, as bot writers most likely consider such servers more interesting. In cases like this what turned to be quite successful DDoS would be impossible if i had port knocking set.

Just had same problem, this message appeared on any browser. Turned to be lack of free space, result of extreme filter.log sizes last few days due to overly active ssh bruteforcing. Found this post while attempting to get in line to ssh. As i understand in this case Opnsense was reinstalled without free space check, so it is quite possible it had same problem,

I have set OPT1 to be a Wireuard interfave called [with description] VPN1. When i set TOR's Configuration/Listen Interfaces to VPN1 the setting is completely ignored and TOR's SOCKS proxy and config interface listen only on 127.0.0.1.
I thought one can run around this by setting virtual interface and route it via Wireguard, but TOR does not bind to aliases on lo0 and i can't figure how to create completely virtual interface with assignment in Interfaces/Asignements, that makes it selectable in TOR's settings. Forwarding both ports from Wireguard interface to 127.0.0.1 also does not seem to work.
Is this supposed to be so, or should it be reported as a bug? And if it is a bug is it in Wireguard or in TOR plugin? Also any idea how to make TOR available to Wireguard peers?