Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - johjoh

Pages: [1]

19.1 Legacy Series / Create report from LOG

« on: February 11, 2019, 08:11:16 am »

Hello, I need to create a report or an audit from the LOG files of the last month in OPNsense.
What software I can use? What files I must export?

18.7 Legacy Series / Outbound NAT rules not instantly applied

« on: November 22, 2018, 12:04:05 pm »

Hello, I've found on different OPNsense firmware version that NAT rules are not applied until I reboot OPNsense.
Outbound NAT is in Manual outbound NAT rule generation (no automatic rules are being generated).
It's there a way to reload Outbound NAT without reboot?

Development and Code Review / Very interesting reading about some test on FreeBSD

« on: November 21, 2018, 11:40:55 pm »

I share an interesting reading about some test between FreeBSD and Linux:
https://medium.com/@matteocroce/linux-and-freebsd-networking-cbadcdb15ddd?fbclid=IwAR1Z5WOODJWTey3eEQZEtHGUP7uQTczcwLAT4qyLOa2Dlm_yBj-80mTwahM

Here the reply of a FreeBSD developer
https://twitter.com/ocochardlabbe/status/1063347386393743361

And here is the paper he wrote:
https://people.freebsd.org/~olivier/talks/2018_AsiaBSDCon_Tuning_FreeBSD_for_routing_and_firewalling-Paper.pdf

Have a nice read

18.7 Legacy Series / Help creating weekly report

« on: November 21, 2018, 11:29:10 pm »

Hello, I need help or suggestion with creation of OPNsense report.
The first report that I need is weekly report of Social Network usage:
- global;
- per source MAC address or source IP;
- can I specify what Social Network? For example Facebook?

The second report is daily with bandwith usage:
- global;
- per source MAC address or source IP;

In both report can I resolve destination IP to display the FQDN of destination?
Thank you

18.7 Legacy Series / IDS IPS with Suricata and OPNsense in Transparent Mode

« on: August 22, 2018, 05:30:00 pm »

Hello, I'm trying to make working Suricata with OPNsense in Transparent Bridged mode.
According to this page:
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
I must setup (Suricata) Interface on WAN or BRIDGE or LAN?
What about (Suricata) Home Networks: blank (any) or the broadcast address of the transparent network?

I need to know how it's configured to work, for example: if I set only WAN as interfaces
A packet arrives from WAN, pass through Suricata and then it goes to BRIDGE?
PACKET --> WAN --> SURICATA --> BRIDGE --> LAN
or
PACKET --> SURICATA --> WAN --> BRIDGE --> LAN

Can I suggest to insert this settings of Suricata on OPNsense Web Configuration Page?
https://github.com/StamusNetworks/SELKS/wiki/Initial-Setup---Suricata-IPS
interface: WAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: LAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes

interface: LAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: WAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes

With the availability of this settings, I can make a transparent firewall with 3 interfaces:
em0 Management of OPNsense with IP
em1 WAN without IP
em2 LAN without IP
in this mode I don't need to create a bridge and all traffic is copied from "copy-iface:" option in Suricata (transparent).
The rule can be written on WAN or LAN indifferently.

Thank you for any precious help

18.1 Legacy Series / OPNsense with WAN multi IPs

« on: March 27, 2018, 09:11:32 am »

Hello, I have setup an OPNsense with one WAN public IP and four Virtual Public IPs Alias.
How I can setup OPNsense to not surf on internet with the four Virtual IP Alias, but only the WAN IP?
Every client continue to change Public IP on which it surf internet.
Thank you

18.1 Legacy Series / [SOLVED] Problem with VIP CARP MASTER redundancy

« on: March 13, 2018, 03:24:27 pm »

Hello, I have two firewall with CARP VIP configured like the attached images.
On fw1 all IP are Master.
On fw2 3 IPs remain Master this 3 IPs simultaneously and I don't understand why?
If on fw1 I enter in CARP Maintenance Mode the fw2 becomes the Master on all IPs correctly.

Any help appreciated

18.1 Legacy Series / [SOLVED] DNS problem between Viscosity on OSX and OpenVPN on OPNsense

« on: February 08, 2018, 04:19:19 pm »

I have an OPNsense with OpenVPN Server up and running.
In OpenVPN I have setup DNS and domain.
When I connect from Mac OSX with Viscosity I can't resolve name of internal server:
Tried short name
server
Tried long name
server.domain.local

Working with IP I don't have any problem.
Any suggestion?
Thank you

General Discussion / Problem with high availability and lan traffic between host

« on: December 14, 2017, 08:06:44 pm »

Hello, I've configured 2 OPNsense in HA with multiple VIP Carp.
The NAT work correctly and I can explore internet.
When I reboot the master, the slave work flawlessly.
VIP LAN CARP 192.168.1.1/16
My problem is between client host on the LAN network, for example:
From 192.168.100.1 I can ping 192.168.1.10
From 192.168.100.1 I can't explore the https page on 192.168.1.10
From 192.168.100.1 I can't explore the shared folders on 192.168.1.10
Any suggestion? Can be the managed switch, I need to reboot it?
If I reconnect the original firewall (obsolete, I want to change) https, shared folder, etc work without any problem.

Web Proxy Filtering and Caching / Cache files bigger than 1MB

« on: November 30, 2017, 02:35:49 am »

Hi, it's there an option to cache only files bigger than 1MB in Squid?
If I have SSD mSATA can I set to 0 memory used?

Thank you

Hardware and Performance / [SOLVED] Problem with reboot and shutdown

« on: November 29, 2017, 10:19:13 pm »

Hi, I have recently bought this hardware:
https://www.amazon.it/Celeron-Firewall-Fanless-Security-Application/dp/B0746NLTKX/ref=sr_1_1?s=electronics&ie=UTF8&qid=1508315295&sr=1-1&keywords=firewall%2B6%2Bnic&th=1
Type:Mini PC (Include Separate PSU)
is_customized: Yes
Products Status: Stock
Graphics Card Type: HD
Brand Name: HAMSING
Processor Main Frequency: Dual Core 2.4GHZ
Use: Commercial/Industrial
Memory: 2 Slot DDR4 Max. DDR4 32GB
Processor Brand: Intel
Processor Model: Intel Kaby Lake-U
Model Number: HS-7100U
CPU: Intel i3 7100U
Chipset: Intel Chipset
SATA : 1*MSATA3.0 port,1*SATA3.0 support 6Gb/s(2.5'option)
RAM: 8G
Hard Drive Capacity: 256G
Video: 1*HDMI(no sound)
Network: 6*Intel 82583V 10/100/1000M LAN
USB: 4*usb3.0
1*RJ45 COM Console
Size: 155*126.5*52.5mm

Official page:
http://www.ylgkdn.cn/product/60676909315-803540780/utm_firewall_formerly_Kaby_Lake_i3_7100u_vpn_router_6_Intel_Gigabit_LAN_ultra_mini_pc.html?spm=a2700.icbuShop.prewdfa4cf.74.2ca0c6d8bRf2US

I have succesfully installed OPNsense 17.7.5 from USB, but the problem is that it doesn't reboot or shutdown.
Below my try

OPNsense 17.7.5
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR

Update to OPNsense 17.7.8
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR

If I press the physical Power button it correctly shutdown.
When I reboot or shutdown via keyboard or webpage it freezes and doesn't reboot or shutdown

Code: [Select]

Syncing disks, vnodes remaining... 7 0 0 done
All buffer synced
Uptime: 1m3s
FROZEN WITHOUT REBOOT
(if i detach lan cable it print link disconnected)

With Ubuntu live it reboot and shutdown correctly.
With pfSense it reboot and shutdown correctly.
Any help appreciated

Pages: [1]