Messages

[In Kürze:]

Ist zwar schon älter aber andere Benutzer suchen sicher auch danach.

Hier die Lösung:
FQDN WhiteListing


In Kürze:

Folgende Datei anlegen:
/usr/local/etc/crowdsec/postoverflows/FQDN-whitelists.yaml
Den Inhalt unten reinkopieren und anpassen.
Service neu starten.

Code Select Expand

name: me/FQDN-whitlists
description: "Whitelist postoverflows from FQDN"
whitelist:
  reason: "do whitelistings by FQDN"
  expression:
    - evt.Overflow.Alert.Source.IP in LookupHost("foo.com")
    - evt.Overflow.Alert.Source.IP in LookupHost("foo.foo.org")
    - evt.Overflow.Alert.Source.IP in LookupHost("12123564.org")


Yes, Sorry. I User 24.7.

It's getting even stranger.
When I use Wifi, everything works.
Using an normal LAN connection does not work.

What could this cause?

Hi,
I used to use an external Wireguard connection to reach my companies network from my windows 11 host at home.
This does not work any longer after I updated OPNsense to 24.1.

The Wireguard protocol says:
Handshake to peer 1 (....) dit not complete after 5 seconds, retrying...

As far as I know, the Wireguard client uses UPD to communicate with the server.

I created a firewall rule in OPNsense to allow "any to any" with IP4 and TCP+UDP (just for testing).
The internal Windows firewall is deactivated.
Other Tools like Syncthing work fine. Syncthing also uses UDP on an specific port.

The OPNsense log-files does not contain any lines with the port I used for this Wireguard connection.

Does Anybody have an idea what's the problem could be?