Messages

Never mind I feel stupid now. The LibreWolf browser I was using was blocking my time zone. Zenarmor shows local time in other browsers.

Hello: All my times in zenarmor are showing in GMT. Is there a setting in Zenarmor to change it to local time.

I have sent report as requested.

Update: I put in the ip address that the host name resolves to instead of the host name in the exclusions and it seems to have solved the problem so far.

Thanks for your reply. I will wait and see if anybody else has any more insight into this. I don't remember it doing this on earlier versions of opnsense.

Thanks Seimus. Yes I had excluded them as you said , but they keep getting blocked

The block message is firstly seen sites. I don't understand why it still gets blocked when it is added to the exclusions list.

Thanks for the reply SY: Im not sure what you mean Block Message in Blocks report. Where do I find that?

Hello: I have hosts (i4.c.eset.com, and c.eset.com) required for live grid on eset antivirus that have been added to exclusions but are still showing in blocked conversations heat map. Can anyone explain to me why these items are being blocked when they have been excluded globally.

Hello: I have monit set to alert when elasticsearch shuts down. I would like to us it to also restart elasticsearch but from what I understand, elasticsearch cannot be started as administrator. How can I get monit to restart elasticsearch when it as shutdown and not restart.

After a a little more searching I found this post https://forum.opnsense.org/index.php?topic=37466.0 that answered my question and explained a lot more I may have had questions on in the future.

Thanks for the reply. I can see that now. About the false positives. I have suricata monitoring the wan with zenarmor on the lan. I have read the there are a lot of false positives from noise" that firewall rules are likely to drop anyway.

Hello: I have suricata set up in ids mode only. I have created and enabled policy and selected some of the downloaded rulesets selected in policy. It seems that the policy is being ignored and I am getting alerts for all the downloaded rulesets, not just the ones selected for that policy. Does policy work for ids or only for ips.

I though this problem was solved but it keeps coming back. After a restart of Opnsense my two hardwired computers will show the Ip address in the reports. After It has been up and running for a while they will start reporting with Hostname.local domain instead of ip address. All wifi clients always report with ip address as I would like the wired clients to as well. It makes no difference if dns enrichment is enabled or disabled. I have no aliases set in unbound for any clients.

All the other host names on wifi show only ip address which I want. It was only the wired machines that were showing the hostname.localdomain randomly on and off. I switched off dns enrichment in zenarmor as  you sugessted and they just show ip addresses. Thanks for the reply.