Messages

1

General Discussion / Problem with pppoe

« on: November 22, 2018, 02:45:38 pm »

Hello
anyone can help me with this topic?

https://github.com/opnsense/plugins/issues/1007

i have this problem too.
please.

2

General Discussion / see blocked ip by ids

« on: March 22, 2018, 02:44:48 pm »

hello
i want to see which ip's blocked by ips? and flush or clear them
where can i see this in opnsese?

3

General Discussion / use remote radius server

« on: March 05, 2018, 06:28:03 am »

Hello
i want to use remote radius server for pptp and all vpn servers on opnsense
i should pass 2 these flags in accounting request to radius server :

this is a opnsense packet :

Code: [Select]

opensense packets: 
  Packet-Type = Access-Request
  NAS-Identifier = "OPNsense.localdomain"
  Acct-Session-Id = "9724037-L-1"
  NAS-Port = 1
  NAS-Port-Type = Virtual
  Service-Type = Framed-User
  Framed-Protocol = PPP
  Attr-26.12341.12 = 0x4c2d31
  Attr-26.12341.19 = 0x4d5352415356352e3230204d535241532d302d4b4149504f442004b6561c95d06441a7807f6d05042e31
  Tunnel-Type:0 = PPTP
  Tunnel-Medium-Type:0 = IPv4
  Tunnel-Server-Endpoint:0 = "192.168.30.5"
  Tunnel-Client-Endpoint:0 = "192.168.50.92"
  Tunnel-Server-Auth-Id:0 = "OPNsense.localdomain"
  User-Name = "m"
  MS-CHAP-Challenge = 0xbb1e68137474a650c11db9b16393f933
  MS-CHAP2-Response = 0x01009fed02e9a440f37de8e743a68576a3f60000000000000000352f6b2976a6cb2c95df51b0fdf2f76184d83172d78fd571
  Event-Timestamp = "Feb 27 2018 13:04:33 +0330"
  NAS-IP-Address = 85.xx.xx.xx
  Timestamp = 1519724073
but i should use this packet format :

Code: [Select]

normal packets:
  Packet-Type = Access-Request
  NAS-Port-Type = Wireless-802.11
  Calling-Station-Id = "30:85:A9:EC:C7:FE"
  Called-Station-Id = "hotspot1"
  NAS-Port-Id = "ether2-Local Lan"
  User-Name = "m.tabatabaenasab"
  NAS-Port = 2160067826
  Acct-Session-Id = "80c004f2"
  Framed-IP-Address = 192.168.26.68
  Mikrotik-Host-IP = 192.168.26.68
  CHAP-Challenge = 0xa86f1fa69d1e9f28534dcd19f06ed86a
  CHAP-Password = 0xd5c8d303b94c8054a8e5b15db5eec036b4
  Service-Type = Login-User
  WISPr-Logoff-URL = "http://192.168.26.1/logout"
  NAS-Identifier = "201710301048561303YWr2"
  NAS-IP-Address = 192.168.2.1
  Event-Timestamp = "Jan 27 2018 14:17:39 +0330"
  Timestamp = 1517050059
in fact i need two this flag in request packet:

Calling-Station-Id =
CHAP-Password =

how can i configure opnsense to use this format of request ?

4

General Discussion / Re: Accounting Features

« on: January 25, 2018, 10:25:49 am »

thanks
is there any plan or guide for develop accounting for VPNs?

5

General Discussion / Re: Accounting Features

« on: January 25, 2018, 08:10:23 am »

Hi
i can not use accounting for pptp or l2tp, WISP not working, why?

6

General Discussion / Re: Accounting Features

« on: January 18, 2018, 08:34:21 pm »

yes, of course, or for pptp users, for example 1 GB traffic for 1 month

7

General Discussion / Re: Accounting Features

« on: January 18, 2018, 07:16:19 pm »

yeah, it is just only time session limit, is this feature was add in future?

8

General Discussion / Re: Accounting Features

« on: January 18, 2018, 06:44:40 pm »

sorry, which feature you say?

9

General Discussion / Accounting Features

« on: January 18, 2018, 03:47:23 pm »

hello
in order i should give thanks to the developer team for adding Freeradius Limitation in bandwidth.
i have a request for completing this nice work.
can we limit traffic?
and can we set this restriction on a group?
thanks

10

Intrusion Detection and Prevention / Re: suricata failed to run

« on: December 15, 2017, 06:43:59 am »

thanks franco.
i think there is another problem else. snort rules not worked with suricata, i set the oinkcode and enable the rules but not matched even 1 rule.
thanks

11

Intrusion Detection and Prevention / suricata failed to run

« on: December 15, 2017, 06:30:34 am »

hello
i have a problem with suricata, it goes dead after some days and everytime i should remove the pid from /var/run
how can i fix this problem?

Starting suricata.
15/12/2017 -- 08:57:19 - <Info> - Including configuration file installed_rules.yaml.
/usr/local/etc/rc.d/suricata: WARNING: failed to start suricata

part of log file:

Code: [Select]

15/12/2017 -- 08:56:35 - <Notice> - This is Suricata version 4.0.1 RELEASE
15/12/2017 -- 08:56:35 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
15/12/2017 -- 08:57:19 - <Notice> - This is Suricata version 4.0.1 RELEASE
15/12/2017 -- 08:57:19 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!


12

General Discussion / Re: snort rules

« on: October 29, 2017, 08:47:43 pm »

thanks, it's goes to download after some seconds.

13

General Discussion / Re: snort rules

« on: October 29, 2017, 08:26:24 pm »

i set the oinkcode and try to download but nothing downloaded

14

General Discussion / [SOLVED] snort rules

« on: October 29, 2017, 08:17:09 pm »

hello
i updated opnsense and saw the snort compatible rules appear, i setup the plugin but i cannot install the rules which is appear in Downloads tab in intrusion system.
what can i do?
i saw a path this file:
snortrules-snapshot-2990.tar.gz
what is it?

15

General Discussion / question about opnsense ports

« on: August 18, 2017, 10:14:48 am »

hello
is there any help or guide lines about installing opensense ports on githubs on opensene?
for example this:
https://github.com/opnsense/ports/blob/master/mail/assp/pkg-descr
i wanna to use SMTP protection on opensense, how can i ?
i tried but :

env: /usr/local/bin/perl5.24.2: No such file or directory
*** Error code 127

Stop.
make[2]: stopped in /usr/ports/security/p5-Digest-HMAC
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/dns/p5-Net-DNS
*** Error code 1

Stop.
make: stopped in /usr/ports/mail/assp