Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - JohnDoe17

Pages: [1] 2

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: December 06, 2019, 05:57:02 pm »

@mb

Please consult the attached picture...

Is this message normal? What does it mean?

Thanks.

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: November 10, 2019, 11:39:18 pm »

@mb

I just upgraded my firewall from 19.1.10_1 to 19.7.6 again, and I'm having the same problem with elasticsearch. It's not starting. In fact, I don't think it's even installed. It looks like engine 1.1_3 is used, so I assumed the issue would be fixed.

Are you aware of this? Did I misunderstand the fix?

Also, if I just upgrade the 19.1.10 components (and not go to 19.7.x), it seems to break Sensei too in the same way.

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: November 05, 2019, 03:55:32 pm »

I just noticed some messages on the console that don't look good either. I don't know if they are related to my Sensei issue or not, but I thought I'd post them in case they were.

See attachment.

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: November 05, 2019, 03:47:52 pm »

I just updated from 19.1.10 to 19.7.6. Now I'm getting the following message every time I click on the Dashboard:

Quote

Elasticsearch service is not running! In order to view reports, you need to start Elasticsearch service. Do you want to start it?

And when I click "Yes," it doesn't seem to start. I just get a

Quote

Waiting for database service to come up

bar.

This used to work fine. Any ideas?

19.1 Legacy Series / Re: OPNsense 19.1.x and DNSoverTLS with Hostname Verification

« on: July 01, 2019, 01:16:20 am »

I *think* the configs need to be adjusted slightly...

NOTE the additional "dns" in the "dns.quad9.net" string.

Code: [Select]

	forward-addr: 9.9.9.9@853#dns.quad9.net
	forward-addr: 149.112.112.112@853#dns.quad9.net

NOTE the removal of "1dot1dot1dot1dot1" in the "cloudflare-dns.com" string.

Code: [Select]

	forward-addr: 1.1.1.1@853#cloudflare-dns.com
	forward-addr: 1.0.0.1@853#cloudflare-dns.com

Maybe someone can confirm this or not.

19.1 Legacy Series / Re: OPNsense 19.1.x and DNSoverTLS with Hostname Verification

« on: June 30, 2019, 05:18:00 am »

Good stuff! Thanks!

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: June 04, 2019, 06:08:42 pm »

@mb

Looks like this issue wasn't completely resolved afterall...

Code: [Select]

User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
FreeBSD 11.2-RELEASE-p10-HBSD  5e5adf26fc3(stable/19.1) amd64
OPNsense 19.1.8 dff8692b8
Plugins os-arp-scan-1.1 os-ftp-proxy-1.0_1 os-sensei-0.8.0.rc1 os-sensei-updater-0.8.0_21 os-vmware-1.5 
Time Tue, 04 Jun 2019 11:05:35 -0500
OpenSSL 1.0.2r  26 Feb 2019
PHP 7.2.18
PHP Errors:
[04-Jun-2019 11:02:51 America/Chicago] Exception: Cannot connect to 127.0.0.1 on port 4343 in /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php:111
Stack trace:
#0 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php(75): OPNsense\Sensei\Telnet->connect()
#1 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(155): OPNsense\Sensei\Telnet->__construct('127.0.0.1', 4343, 1, '', 0.5)
#2 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(138): OPNsense\Sensei\Sensei->runTelnetCommands('127.0.0.1', 4343, 'ballyhoo#Recons...', Array, Array)
#3 /usr/local/opnsense/mvc/app/controllers/OPNsense/Sensei/Api/EngineController.php(93): OPNsense\Sensei\Sensei->runCLI(Array, 'ballyhoo#Recons...')
#4 [internal function]: OPNsense\Sensei\Api\EngineController->cliAction()
#5 [internal function]: Phalcon\Dispatcher->callActionMethod(Object(OPNsense\Sensei\Api\EngineController), 'cliAction', Array)
#6 [internal function]: Phalcon\Dispatcher->dispatch()
#7 /usr/local/opnsense/www/api.php(26): Phalcon\Mvc\Application->handle()
#8 {main}
[04-Jun-2019 11:03:24 America/Chicago] Exception: Cannot connect to 127.0.0.1 on port 4343 in /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php:111
Stack trace:
#0 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php(75): OPNsense\Sensei\Telnet->connect()
#1 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(155): OPNsense\Sensei\Telnet->__construct('127.0.0.1', 4343, 1, '', 0.5)
#2 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(138): OPNsense\Sensei\Sensei->runTelnetCommands('127.0.0.1', 4343, 'ballyhoo#Recons...', Array, Array)
#3 /usr/local/opnsense/mvc/app/controllers/OPNsense/Sensei/Api/EngineController.php(93): OPNsense\Sensei\Sensei->runCLI(Array, 'ballyhoo#Recons...')
#4 [internal function]: OPNsense\Sensei\Api\EngineController->cliAction()
#5 [internal function]: Phalcon\Dispatcher->callActionMethod(Object(OPNsense\Sensei\Api\EngineController), 'cliAction', Array)
#6 [internal function]: Phalcon\Dispatcher->dispatch()
#7 /usr/local/opnsense/www/api.php(26): Phalcon\Mvc\Application->handle()
#8 {main}

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: May 29, 2019, 06:18:58 pm »

Hello @mb.

Yes, I can confirm the fix in rc1 did resolve the error I saw with the Sensei CLI API and OPNsense Crash Reporter.

Thank you!

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: May 28, 2019, 06:11:31 pm »

I got the crash to happen again.

Note that "Rainbow#Bicycle" is the password I was using for the test. Does Sensei handle the "#" symbol in a password?

Code: [Select]

[28-May-2019 11:08:17 America/Chicago] PHP Fatal error:  Uncaught Error: Class 'OPNsense\Sensei\Exception' not found in /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php:111
Stack trace:
#0 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php(75): OPNsense\Sensei\Telnet->connect()
#1 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(151): OPNsense\Sensei\Telnet->__construct('127.0.0.1', 4346, 1, '', 1)
#2 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Sensei.php(134): OPNsense\Sensei\Sensei->runTelnetCommands('127.0.0.1', 4346, 'Rainbow#Bicycle', Array, Array)
#3 /usr/local/opnsense/mvc/app/controllers/OPNsense/Sensei/Api/EngineController.php(89): OPNsense\Sensei\Sensei->runCLI(Array)
#4 [internal function]: OPNsense\Sensei\Api\EngineController->cliAction()
#5 [internal function]: Phalcon\Dispatcher->callActionMethod(Object(OPNsense\Sensei\Api\EngineController), 'cliAction', Array)
#6 [internal function]: Phalcon\Dispatcher->dispatch()
#7 /usr/local/opnsense/www/api.php(26): Phalcon\Mvc\Application->handle()
#8 {main in /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/Telnet.class.php on line 111

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: May 28, 2019, 05:35:02 pm »

Quote

2) Installed Sensei 0.8.0.beta10.

Development and Code Review / Re: Sensei on OPNsense - Application based filtering

« on: May 28, 2019, 05:28:35 pm »

I'm new to Sensei, but I'm loving it so far! Great work!

I do occasionally get a "crash report" notification though.

Here is the sequence of events:

0) Sensei was not installed.
1) Upgraded OPNsense from 18.7.10_4 to 19.1.8.
2) Installed Sensei 0.8.0.beta10.
3) Successfully completed the initial Sensei configure wizard.
4) Noticed a "crash report" when I went to the OPNsense Dashboard.

Unfortunately, I don't have the crash report in front of me at the moment, but I *did* submit it, so hopefully you'll get it from the OPNsense team eventually. It was something about PHP crashing with bad data related to the "TCP Service Security" password. I'll keep you posted if I see it again.

19.1 Legacy Series / Re: OpenVPN DNS DHCP options not pushed to clients

« on: April 17, 2019, 04:05:26 pm »

No, you are not the only person to experience this. I have the same issue, but I am still running 18.7.x.

18.7 Legacy Series / Re: 18.7.10 and Suricata

« on: January 23, 2019, 05:49:28 pm »

Well, after reverting, I seem to be getting alerts again. And the rules lists are downloading again.

Thanks, Franco.

I assume if this gets sorted out in the future, when I upgrade to 19.1.x, the reverted version will upgrade at that time too?

18.7 Legacy Series / 18.7.10 and Suricata

« on: January 21, 2019, 10:35:05 pm »

Hello.

Are there known issues with Suricata and OPNsense 18.7.10_3? I just upgraded from 18.7.7, and Suricata doesn't seem like its working any more. Before the upgrade I would see a fair number of alerts from day to day (mostly informational), but after the upgrade I haven't gotten any! Seems hard to believe.

I have OPNsense configured to use it on a number of internal interfaces, but not WAN. And I have chosen Hyperscan as the matching engine. (I did try the default engine too, but that didn't seem to make a difference.)

I'm using http://testmyids.com to try to stimulate an alert. This has worked in the past, but nothing happens after the upgrade.

Any ideas?

P.S. I really love OPNsense. I've been using it for a couple of years, and I recommend it to others. Thanks for the great work!

18.1 Legacy Series / Re: How to setup and manage 18+ OpnSense centralized

« on: May 16, 2018, 09:39:33 pm »

I am very, very interested in this topic as well. Have you been able to make any progress on this front using the API?

Question for Opnsense developer's: What would it take to make this use case a higher priority? Do you accept private contracts to prioritize work? Or, in other words, what drives the priorities for developing new features?

Thanks!

Pages: [1] 2