Messages

The two fail over options inside the gateway setup (of both the wan connections) are enabled or not?
Today I observed something similar to your desciption, after disabling them, the issue seems disappeared.

Sometime I also observed Ihad to delete the state and sourcing tables in order for the sysyem to properly use the new settings.

unfortunately it seems it does not work properly. The log returns:
 <4>[1447] attempted source route from 10.3.0.2 to 127.0.0.1

the command is executed but the IPs are reversed.

@franco: suggestions? thanks

Up

Yes I am aware, but I need to schedule it because of a particular issue.

Hi,

I created this working script for the Cron

[START]
command:traceroute -g 127.0.0.1 10.2.0.1
parameters:
type:script
message:Automatic traceroute to 10.2.0.1
description:Automatic traceroute to 10.2.0.1

How should I modify it in order to pass as parameterthe ip to trace route (10.2.0.1)?

Thank you

Did you set the vpn gateway to an higher priority than the wan gateway?

https://developers.cloudflare.com/waf/tools/lists/managed-lists/

The use of the lists require an enterprise plan.

I have already a list of blocklists that is already pretty solid, I was trying to make it more solid :D

It is just an assumption, but I strongly believe that cloudflare offers pre-defined blocklists. I am alway behind vpn and sometime I am blocked by their shield....I doubt that their customers search for the IPs of the exit point of the VPNs.

So, I believe that a blocking list exist, but I do not know if it is public.

No, I did not ask direct to Cloudflare...assuming that someone before me already checked that (another assumption is that I have never new ideas, someone before already considered that...especially in an area that is out of my expertise) :D

Yes, I already use it.

Good news. Now that it works, i would suggest to try to understand the meaning/ use of each settings: it will greatly help you in case you need changes to the config or restore the settings.

 

Correct, I always forget that many people hosts service externslly reachable.
I do not hosts anythying like that nor i use vpn frm the outside, at least for my casr i'd say there is no extra protection...or I am not considering something?

What if I have to whitelist some domain blocked by qfeeds?

I use AdGuard Home for DNS based blocking. It works well with Q-Feeds and you have a very good Web UI to add exceptions - either allowing domains or exempting certain internal hosts from filtering or whatever you might need.

I am using unbound, you mean that even if the qfeed blocklist is not mentioned inside unbound the whitelist management is still the same, correct?
Thanks

I am asking  if someone already has a link to that lists / lists...

I do not need pihole, we have opnsense that can manage that

Hi, I'd like to use the cloudflare blocklist, is it possible to get it in a usable format for opnsense? Thanks