"
Hello, I need to create a report or an audit from the LOG files of the last month in OPNsense.
What software I can use? What files I must export?
What software I can use? What files I must export?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
18.7 Legacy Series / Outbound NAT rules not instantly applied
November 22, 2018, 12:04:05 PM
Hello, I've found on different OPNsense firmware version that NAT rules are not applied until I reboot OPNsense.
Outbound NAT is in Manual outbound NAT rule generation (no automatic rules are being generated).
It's there a way to reload Outbound NAT without reboot?
Outbound NAT is in Manual outbound NAT rule generation (no automatic rules are being generated).
It's there a way to reload Outbound NAT without reboot?
#3
Development and Code Review / Very interesting reading about some test on FreeBSD
November 21, 2018, 11:40:55 PM
I share an interesting reading about some test between FreeBSD and Linux:
https://medium.com/@matteocroce/linux-and-freebsd-networking-cbadcdb15ddd?fbclid=IwAR1Z5WOODJWTey3eEQZEtHGUP7uQTczcwLAT4qyLOa2Dlm_yBj-80mTwahM
Here the reply of a FreeBSD developer
https://twitter.com/ocochardlabbe/status/1063347386393743361
And here is the paper he wrote:
https://people.freebsd.org/~olivier/talks/2018_AsiaBSDCon_Tuning_FreeBSD_for_routing_and_firewalling-Paper.pdf
Have a nice read
https://medium.com/@matteocroce/linux-and-freebsd-networking-cbadcdb15ddd?fbclid=IwAR1Z5WOODJWTey3eEQZEtHGUP7uQTczcwLAT4qyLOa2Dlm_yBj-80mTwahM
Here the reply of a FreeBSD developer
https://twitter.com/ocochardlabbe/status/1063347386393743361
And here is the paper he wrote:
https://people.freebsd.org/~olivier/talks/2018_AsiaBSDCon_Tuning_FreeBSD_for_routing_and_firewalling-Paper.pdf
Have a nice read
#4
18.7 Legacy Series / Help creating weekly report
November 21, 2018, 11:29:10 PM
Hello, I need help or suggestion with creation of OPNsense report.
The first report that I need is weekly report of Social Network usage:
- global;
- per source MAC address or source IP;
- can I specify what Social Network? For example Facebook?
The second report is daily with bandwith usage:
- global;
- per source MAC address or source IP;
In both report can I resolve destination IP to display the FQDN of destination?
Thank you
The first report that I need is weekly report of Social Network usage:
- global;
- per source MAC address or source IP;
- can I specify what Social Network? For example Facebook?
The second report is daily with bandwith usage:
- global;
- per source MAC address or source IP;
In both report can I resolve destination IP to display the FQDN of destination?
Thank you
#5
18.7 Legacy Series / IDS IPS with Suricata and OPNsense in Transparent Mode
August 22, 2018, 05:30:00 PM
Hello, I'm trying to make working Suricata with OPNsense in Transparent Bridged mode.
According to this page:
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
I must setup (Suricata) Interface on WAN or BRIDGE or LAN?
What about (Suricata) Home Networks: blank (any) or the broadcast address of the transparent network?
I need to know how it's configured to work, for example: if I set only WAN as interfaces
A packet arrives from WAN, pass through Suricata and then it goes to BRIDGE?
PACKET --> WAN --> SURICATA --> BRIDGE --> LAN
or
PACKET --> SURICATA --> WAN --> BRIDGE --> LAN
Can I suggest to insert this settings of Suricata on OPNsense Web Configuration Page?
https://github.com/StamusNetworks/SELKS/wiki/Initial-Setup---Suricata-IPS
interface: WAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: LAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes
interface: LAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: WAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes
With the availability of this settings, I can make a transparent firewall with 3 interfaces:
em0 Management of OPNsense with IP
em1 WAN without IP
em2 LAN without IP
in this mode I don't need to create a bridge and all traffic is copied from "copy-iface:" option in Suricata (transparent).
The rule can be written on WAN or LAN indifferently.
Thank you for any precious help
According to this page:
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
I must setup (Suricata) Interface on WAN or BRIDGE or LAN?
What about (Suricata) Home Networks: blank (any) or the broadcast address of the transparent network?
I need to know how it's configured to work, for example: if I set only WAN as interfaces
A packet arrives from WAN, pass through Suricata and then it goes to BRIDGE?
PACKET --> WAN --> SURICATA --> BRIDGE --> LAN
or
PACKET --> SURICATA --> WAN --> BRIDGE --> LAN
Can I suggest to insert this settings of Suricata on OPNsense Web Configuration Page?
https://github.com/StamusNetworks/SELKS/wiki/Initial-Setup---Suricata-IPS
interface: WAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: LAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes
interface: LAN
threads: 4 # or a number that is below half the number of cores available
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: WAN
tpacket-v3: no
ring-size: 2048
use-mmap: yes
With the availability of this settings, I can make a transparent firewall with 3 interfaces:
em0 Management of OPNsense with IP
em1 WAN without IP
em2 LAN without IP
in this mode I don't need to create a bridge and all traffic is copied from "copy-iface:" option in Suricata (transparent).
The rule can be written on WAN or LAN indifferently.
Thank you for any precious help
#6
18.1 Legacy Series / OPNsense with WAN multi IPs
March 27, 2018, 09:11:32 AM
Hello, I have setup an OPNsense with one WAN public IP and four Virtual Public IPs Alias.
How I can setup OPNsense to not surf on internet with the four Virtual IP Alias, but only the WAN IP?
Every client continue to change Public IP on which it surf internet.
Thank you
How I can setup OPNsense to not surf on internet with the four Virtual IP Alias, but only the WAN IP?
Every client continue to change Public IP on which it surf internet.
Thank you
#7
18.1 Legacy Series / [SOLVED] Problem with VIP CARP MASTER redundancy
March 13, 2018, 03:24:27 PM
Hello, I have two firewall with CARP VIP configured like the attached images.
On fw1 all IP are Master.
On fw2 3 IPs remain Master this 3 IPs simultaneously and I don't understand why?
If on fw1 I enter in CARP Maintenance Mode the fw2 becomes the Master on all IPs correctly.
Any help appreciated
On fw1 all IP are Master.
On fw2 3 IPs remain Master this 3 IPs simultaneously and I don't understand why?
If on fw1 I enter in CARP Maintenance Mode the fw2 becomes the Master on all IPs correctly.
Any help appreciated
#8
18.1 Legacy Series / [SOLVED] DNS problem between Viscosity on OSX and OpenVPN on OPNsense
February 08, 2018, 04:19:19 PM
I have an OPNsense with OpenVPN Server up and running.
In OpenVPN I have setup DNS and domain.
When I connect from Mac OSX with Viscosity I can't resolve name of internal server:
Tried short name
server
Tried long name
server.domain.local
Working with IP I don't have any problem.
Any suggestion?
Thank you
In OpenVPN I have setup DNS and domain.
When I connect from Mac OSX with Viscosity I can't resolve name of internal server:
Tried short name
server
Tried long name
server.domain.local
Working with IP I don't have any problem.
Any suggestion?
Thank you
#9
General Discussion / Problem with high availability and lan traffic between host
December 14, 2017, 08:06:44 PM
Hello, I've configured 2 OPNsense in HA with multiple VIP Carp.
The NAT work correctly and I can explore internet.
When I reboot the master, the slave work flawlessly.
VIP LAN CARP 192.168.1.1/16
My problem is between client host on the LAN network, for example:
From 192.168.100.1 I can ping 192.168.1.10
From 192.168.100.1 I can't explore the https page on 192.168.1.10
From 192.168.100.1 I can't explore the shared folders on 192.168.1.10
Any suggestion? Can be the managed switch, I need to reboot it?
If I reconnect the original firewall (obsolete, I want to change) https, shared folder, etc work without any problem.
The NAT work correctly and I can explore internet.
When I reboot the master, the slave work flawlessly.
VIP LAN CARP 192.168.1.1/16
My problem is between client host on the LAN network, for example:
From 192.168.100.1 I can ping 192.168.1.10
From 192.168.100.1 I can't explore the https page on 192.168.1.10
From 192.168.100.1 I can't explore the shared folders on 192.168.1.10
Any suggestion? Can be the managed switch, I need to reboot it?
If I reconnect the original firewall (obsolete, I want to change) https, shared folder, etc work without any problem.
#10
Web Proxy Filtering and Caching / Cache files bigger than 1MB
November 30, 2017, 02:35:49 AM
Hi, it's there an option to cache only files bigger than 1MB in Squid?
If I have SSD mSATA can I set to 0 memory used?
Thank you
If I have SSD mSATA can I set to 0 memory used?
Thank you
#11
Hardware and Performance / [SOLVED] Problem with reboot and shutdown
November 29, 2017, 10:19:13 PM
Hi, I have recently bought this hardware:
https://www.amazon.it/Celeron-Firewall-Fanless-Security-Application/dp/B0746NLTKX/ref=sr_1_1?s=electronics&ie=UTF8&qid=1508315295&sr=1-1&keywords=firewall%2B6%2Bnic&th=1
Type:Mini PC (Include Separate PSU)
is_customized: Yes
Products Status: Stock
Graphics Card Type: HD
Brand Name: HAMSING
Processor Main Frequency: Dual Core 2.4GHZ
Use: Commercial/Industrial
Memory: 2 Slot DDR4 Max. DDR4 32GB
Processor Brand: Intel
Processor Model: Intel Kaby Lake-U
Model Number: HS-7100U
CPU: Intel i3 7100U
Chipset: Intel Chipset
SATA : 1*MSATA3.0 port,1*SATA3.0 support 6Gb/s(2.5'option)
RAM: 8G
Hard Drive Capacity: 256G
Video: 1*HDMI(no sound)
Network: 6*Intel 82583V 10/100/1000M LAN
USB: 4*usb3.0
1*RJ45 COM Console
Size: 155*126.5*52.5mm
Official page:
http://www.ylgkdn.cn/product/60676909315-803540780/utm_firewall_formerly_Kaby_Lake_i3_7100u_vpn_router_6_Intel_Gigabit_LAN_ultra_mini_pc.html?spm=a2700.icbuShop.prewdfa4cf.74.2ca0c6d8bRf2US
I have succesfully installed OPNsense 17.7.5 from USB, but the problem is that it doesn't reboot or shutdown.
Below my try
OPNsense 17.7.5
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR
Update to OPNsense 17.7.8
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR
If I press the physical Power button it correctly shutdown.
When I reboot or shutdown via keyboard or webpage it freezes and doesn't reboot or shutdown
With Ubuntu live it reboot and shutdown correctly.
With pfSense it reboot and shutdown correctly.
Any help appreciated
https://www.amazon.it/Celeron-Firewall-Fanless-Security-Application/dp/B0746NLTKX/ref=sr_1_1?s=electronics&ie=UTF8&qid=1508315295&sr=1-1&keywords=firewall%2B6%2Bnic&th=1
Type:Mini PC (Include Separate PSU)
is_customized: Yes
Products Status: Stock
Graphics Card Type: HD
Brand Name: HAMSING
Processor Main Frequency: Dual Core 2.4GHZ
Use: Commercial/Industrial
Memory: 2 Slot DDR4 Max. DDR4 32GB
Processor Brand: Intel
Processor Model: Intel Kaby Lake-U
Model Number: HS-7100U
CPU: Intel i3 7100U
Chipset: Intel Chipset
SATA : 1*MSATA3.0 port,1*SATA3.0 support 6Gb/s(2.5'option)
RAM: 8G
Hard Drive Capacity: 256G
Video: 1*HDMI(no sound)
Network: 6*Intel 82583V 10/100/1000M LAN
USB: 4*usb3.0
1*RJ45 COM Console
Size: 155*126.5*52.5mm
Official page:
http://www.ylgkdn.cn/product/60676909315-803540780/utm_firewall_formerly_Kaby_Lake_i3_7100u_vpn_router_6_Intel_Gigabit_LAN_ultra_mini_pc.html?spm=a2700.icbuShop.prewdfa4cf.74.2ca0c6d8bRf2US
I have succesfully installed OPNsense 17.7.5 from USB, but the problem is that it doesn't reboot or shutdown.
Below my try
OPNsense 17.7.5
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR
Update to OPNsense 17.7.8
BIOS UEFI / OPNsense UEFI-GPT
BIOS CSM / OPNsense UEFI-GPT
BIOS CSM / OPNsense MBR
If I press the physical Power button it correctly shutdown.
When I reboot or shutdown via keyboard or webpage it freezes and doesn't reboot or shutdown
Code Select
Syncing disks, vnodes remaining... 7 0 0 done
All buffer synced
Uptime: 1m3s
FROZEN WITHOUT REBOOT
(if i detach lan cable it print link disconnected)With Ubuntu live it reboot and shutdown correctly.
With pfSense it reboot and shutdown correctly.
Any help appreciated
Pages1
