Messages

1

General Discussion / Rules are messed up

« on: December 09, 2015, 10:11:29 pm »

Hi all,

So everything was working quite well, when I had a slight ISP problem.  I needed to reboot the firewall.  I reboot it, and now the rules/nats are literally backwards.

I can access the web configuration/ssh from the WAN, and well this isn't what I had.

What happened? Any help?

Thank you all.

2

Hardware and Performance / Re: APU1D4, Performance Tuning

« on: November 24, 2015, 03:46:56 pm »

FYI, running opnsense with fairly default settings and a few NATs, I'm running at 56-58 C.

When I was running pfSense, which had full IPS, more NATs, I was running at 53.

3

16.1 Legacy Series / Re: Suricata

« on: November 24, 2015, 03:41:43 pm »

Thanks! I might give this a shot.  How's the stability so far? 

As for the pfblocker item.  Using those blacklists was handy, as it would cron update the blacklists so (Spambots, Malware, etc)

It also does deduplication, which I find handy as well.  If this is something that could be added, or alternatives, that would be handy.

I think with Suricata being in IPS mode would help alleviate these concerns a lot, as the default rules has dshield, and will help a lot on the security ends of things.

Thank you for your help!

4

16.1 Legacy Series / [CALL FOR TESTING] Suricata 3.0

« on: November 22, 2015, 08:26:18 pm »

Good afternoon everyone,

First off, I like the opnsense feel and while it still has a common feel to pfsense, I like the tweaks that have been done to it.

I have a couple of questions about it thought.

I mistakenly thought that the suricata implementation provides intrusion prevention (IPS) services, but it does not.  I saw a couple forum hits in that there is some work going on this.  I'm just wondering if there is a rough idea of when this will be made available?

Also, in PFSENSE, there is pfblockerng, is this something that could be ported over to opnsense?

Thank you all.