Messages

1

18.1 Legacy Series / Re: New Live Firewall log view

« on: March 07, 2018, 09:56:52 pm »

What would be nice is when the info windows pops up there is a button to create an allow firewall rule

I miss this functionality... hope it finds its way back into production.

Re Search field - it would be nice to have some examples in an advanced help button like some of the other fields...

2

Tutorials and FAQs / Re: HowTo block Youtube.com while maintaining Google access

« on: February 21, 2018, 11:47:35 pm »

Yes. This setup works for me and only takes about 30 seconds to put in place. It will block casual attempts. TOR gets past it easily.

The down side is this blocks for all users 100% of the time. I don't see a way to selectively block users or set a block schedule.

3

Tutorials and FAQs / HowTo block Youtube.com while maintaining Google access

« on: February 21, 2018, 08:53:08 pm »

I have tried to block youtube for a while now and was unsuccessful because Youtube is now part of Google. Blocking Youtube has resulted in blocking access to Google services. It is important for me to allow use of Google services, i.e. docs, so I haven't been able to selectively block Youtube until now.

This seems to have worked for me. Youtube is not accessible but Google Docs are. Does anyone foresee an issue with the following approach?

Services >> Unbound DNS >> Overrides.

"+" to Add New

Domain:  www.youtube.com
IP Address: 127.0.0.1
Desc: Youtube Block

Save

I have tried to get around it by going to www.youtube.de and it is still blocked. I haven't tried facebook or twitter, but they seem to be other sites people frequently want to block.

Is there a way to make this subject to a schedule? TIA

4

18.1 Legacy Series / Re: How to "install" opnsense on hdd with usb?

« on: February 10, 2018, 11:15:45 pm »

Not sure what's up then. I litterally did this 2 days ago... wrote the VGA img to a usb with USB Image Tool, then booted to the 'live' installation, then typed in user "installer" password "opnsense" at the log-in prompt and followed the prompts and it installed.

From the Wiki:

Nano Image

If you have used a Nano image, your system is already up and running as it is designed as such. It is set to read-write attempting to minimise write cycles by mounting relevant partitions as memory file systems. If you should require an installer anyway, log in as user “root”, select option 8 from the menu and type “opnsense-installer”. The “opnsense-importer” can be run this way as well should you require to run the import again.

Create a bootable USB flash drive with the downloaded and unpacked img file. Configure your system to boot from USB.

Installation Steps

The installation process involves a few simple steps.

Note

To invoke the installer login with user installer and password opnsense

Link: https://wiki.opnsense.org/manual/install.html

5

18.1 Legacy Series / Re: How to "install" opnsense on hdd with usb?

« on: February 10, 2018, 03:46:09 am »

He does not write a bootloader for Iso

Oh, in that case, you install it as usual...

Let it boot the live cd.

At the logon prompt, instead of typing 'root' user, type 'installer' user, then 'opnsense' as the password. It will install to the HD.

They changed the installation process a couple of revs back.

6

18.1 Legacy Series / Re: How to "install" opnsense on hdd with usb?

« on: February 10, 2018, 12:12:17 am »

I just did this yesterday...


USB Image Tool for windows.

here: http://www.alexpage.de/usb-image-tool/download/

7

18.1 Legacy Series / IDS/IPS Plugins - Snort Rules PT Research Rules not loaded config reinstall

« on: February 08, 2018, 04:51:02 pm »

In my upgrade from 17.1.12_1 to 18.1.1 I used a backup config file to reinstall my settings. In those settings I had the Snort/VRT rules tagged and had my ID and rules version file input.

On inspection, I noted the packages for Snort VRT and PT Research rulesets were not checked in the packages. Checking the IDS rules, they were not present.

After installing the packages my Snort user ID and rules file version were present. I was able to download and install those rules.

It looks like restoring a prior config is not capturing the all of the installed packages.

8

18.1 Legacy Series / Re: 18.1.2

« on: February 08, 2018, 04:46:14 pm »

Version 18.1.2 is showing up in the firmware upgrade list, but it is not 'available' for update as yet. Maybe that's the confusion. It will most likely be tagged for update later this afternoon.

9

18.1 Legacy Series / Re: OpenVPN Broken

« on: February 05, 2018, 07:56:45 pm »

The patch resolved the issue for me. Here's what I did:

On 17.7.12_1
Saved Config 1 with OpenVPN disabled
Saved Config 2 with OpenVPN enabled
Fresh install 18.1 over 17.7.12_1
Restored Config 1
Firmware Update, installed 18.1.1
Ran Patch above
Reboot
Restored Config 2
Checked ipLeak, other sites, installation performing as expected.

Thank you! Will continue to monitor as it has only been running about 15 minutes.

10

17.7 Legacy Series / Re: Update 17.7.12_1 to 17.7.13 still planned?

« on: February 03, 2018, 07:15:26 pm »

Hi Franco,

Thank you for the reply! No worries, just checking on the .13 update. I'll spend a little time over the weekend and follow your recommendations.
Can't thank you and the team enough for what you do.

11

17.7 Legacy Series / Update 17.7.12_1 to 17.7.13 still planned?

« on: February 03, 2018, 02:50:46 pm »

Is the update from .12_1 to .13 as noted in the version messages still in the works? I reverted to 17.7.12 until I can sort out the issue I've had with OpenVPN.

BTW - thank you for all the hard work OpnSense team, it is appreciated and it is recognized that there's bound to be hic-ups in major version transitions. TIA

12

18.1 Legacy Series / Re: OpenVPN Broken

« on: February 01, 2018, 03:37:31 pm »

Be sure the DNS is configured properly too.
https://imgur.com/a/Bi4Wp

Thank you! Will check this. Might be the issue. 

13

18.1 Legacy Series / Re: OpenVPN Broken

« on: February 01, 2018, 03:35:15 pm »

Hi Jos,
Thanks for your comments and willingness to look at this.

The config files are identical between the two - absolutely no changes. The mssfix on my current config is:

mssfix 1450

This is what is recommended in the providers config dl file.

To try the mssfix 1200 I would have to reinstall 18.1. I don't have time to do this right now, but I'll try the mssfix 1200 on my current setup with 17.7.12 to see if it still works, then maybe run the upgrade to 18.1 - over the weekend.

14

18.1 Legacy Series / Re: OpenVPN Broken

« on: February 01, 2018, 01:50:51 am »

Quick update... reinstalled 17.7.5, updated to 17.7.12_1, restored settings file. Everything working as expected. One note, I performed a factory reset on 18.1_1 and then restored setting file - same issue with OpenVPN. Went the reinstall route.

15

18.1 Legacy Series / Re: OpenVPN Broken

« on: January 31, 2018, 04:20:12 pm »

Thank you for confirming the major rev downgrade restriction. I had pretty much boiled it down to 2 choices - install 17.7.5 (the last available on download) and restore settings or clean install 18.1 and restore settings. I'll try the 18.1/restore first, and if it doesn't resolve I'll go with the 17.7.5/restore.