Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - mb

Pages: [1] 2

Intrusion Detection and Prevention / [CALL FOR TESTING] Netmap lagg/vlan queue stall fixes

« on: January 30, 2023, 03:29:19 pm »

If you've experienced packet stalls while using Zenarmor or Suricata IPS with vlan/lagg interfaces:

OPNsense team has shipped a test kernel which has bug-fixes for netmap emulated driver, the default mode for vlan and lagg interfaces.

Please test and provide feedback. We want to make sure all issues are addresses this time. So, your help will be greatly appreciated.

https://forum.opnsense.org/index.php?topic=32114.0

Zenarmor (Sensei) / [CALL FOR TESTING] Netmap lagg/vlan queue stall fixes

« on: January 30, 2023, 03:25:54 pm »

Zenarmor (Sensei) / zenarmor 1.11.4-rc1 packages are available for OPNsense 22.7 RC

« on: July 25, 2022, 06:36:34 pm »

Dear zenarmor users,

We've shipped zenarmor 1.11.4-rc1 on the OPNsense 22.7 branch.

This release is meant for compatibility with the upcoming OPNsense 22.7 release.

Please feel free to report any issues you've encountered and we'll get them all sorted out before OPNsense 22.7.

Zenarmor (Sensei) / Request for Feedback: Help us decide Zenarmor's next UI on OPNsense

« on: June 14, 2022, 03:53:36 am »

Dear beloved OPNsense users,

Your opinion matters to us. Please help us decide the future of Zenarmor's UI on OPNsense

In the past year, Zenarmor's Cloud User Interface received significant improvements on the usability side. We want to bring those improvements to the Zenarmor OPNsense plug-in.

We have two options that we would like you to see and provide your feedback.

Please have a look at the Poll below and share your opinion with us.

https://docs.google.com/forms/d/1pWbiObQsKgdaUIduI_mImLo-MW695KmfftwxizxVBzc/viewform?ts=62a4f641

Best
Zenarmor Team

Zenarmor (Sensei) / Zenarmor 1.10.1 is out

« on: January 17, 2022, 11:54:30 pm »

Happy to announce that Zenarmor 1.10.1 is released with the following improvements:

OPNsense 22.1 packages
Debian 11 support
Other fixes and improvements

For the full Release Notes, please see:

https://www.sunnyvalley.io/docs/support/release-notes#1101----jan-16-2022

PS: 1.11 is planned for end of February. Some of the major features that are planned for 1.11:

Device Identification and Auto-discovery
RESTful API

Enjoy

- Your Zenarmor team

Zenarmor (Sensei) / Exciting news today: Sensei is now Zenarmor

« on: September 14, 2021, 06:18:57 pm »

Dear friends,

As of today, we're thrilled to announce that we'll be rebranding Sensei as ZENARMOR.

Sensei will be getting a new logo with a new brand name, but our beloved next-generation firewall plug-in will remain the same if not better.

Read more here:

https://www.sunnyvalley.io/post/sensei-is-now-zenarmor

Zenarmor (Sensei) / Announcement: Better to postpone 21.7 upgrade if you have igb(4) ethernet

« on: July 30, 2021, 02:06:32 am »

Dear Sensei users,

It looks like igb(4) in netmap mode is mangling with the ahci(4) driver. Therefore, if you're using igb(4) ethernet, we advise you to postpone 21.7 upgrades for a while once we confirm everything is 100% ok.

We'll keep you posted.

UPDATE Jul 29, 6:49pm PT:
We've come across this problem on a system where Sensei and/or Suricata was not installed (thus no netmap). Looked like a similar problem: https://forum.opnsense.org/index.php?topic=23867.msg115304#msg115304; the same ahci-related error was present. We're in touch with the OPNsense team, and will post when we have further updates.

Zenarmor (Sensei) / Sensei 1.9.2 is released (Includes an important comp. fix for OPNsense 21.1.8)

« on: July 06, 2021, 06:42:21 pm »

As the second phase for their migration to PHP 7.4, OPNsense will release 21.1.8 tomorrow, upgrading its PHP software to version 7.4. This leaves some compatibility issues with Sensei 1.9.1 and prior releases.

Sensei 1.9.2 addresses these compatibility issues and it is compatible both with OPNsense 21.1.8 and the current and past 21.1.x releases.

You can install Sensei 1.9.2 now or let the OPNsense 21.1.8 updater do the job for you automatically. It will also update Sensei to 1.9.2 release as part of OPNsense 21.1.8 upgrade process.

We would like to thank OPNsense team for their cooperation to make this a smooth transition for Sensei users.

For the full Release Notes, please see:

https://www.sunnyvalley.io/docs/support/release-notes/

Zenarmor (Sensei) / Sensei 1.9.1 is released (Includes an important comp. fix for OPNsense 21.1.7)

« on: June 16, 2021, 05:30:06 am »

Dear Sensei users,

Sensei 1.9.1 is released today. You can now have the "Live Sessions Explorer" feature in the Cloud Management Portal and start using premium subscriptions on the new platforms.

Another important item to note is that Sensei 1.9.1 introduces a forward compatibility enhancement for the upcoming OPNsense 21.1.7 release, which will be released tomorrow.

This is due to the fact that OPNense is upgrading its Phalcon library to version 4. This leaves some compatibility issues with Sensei 1.9 and prior releases.

Sensei 1.9.1 addresses these compatibility issues and it is compatible both with OPNsense 21.1.7 and the prior 21.1.x releases.

You can install Sensei 1.9.1 now or let the OPNsense 21.1.7 updater do the job for you automatically. It will also update Sensei to 1.9.1 release as part of OPNsense 21.1.7 upgrade process.

We would like to thank OPNsense team for the timely heads-up and for their cooperation to make this a smooth transition for the Sensei users.

For the full release notes, please see:

https://www.sunnyvalley.io/docs/support/release-notes

Zenarmor (Sensei) / New Sensei User Manual

« on: June 09, 2021, 01:00:09 am »

Dear OPNsense users,

As promised, we've just published the new User Manual:

https://www.sunnyvalley.io/docs/opnsense/

In the coming days/weeks, you'll be able to see more guides and tutorials focusing on specific features, which were missing up until now.

Enjoy

Zenarmor (Sensei) / Request for Feedback: Application/Web Category based Traffic Shaping

« on: May 06, 2021, 01:33:01 am »

Dear OPNsense users,

I'm happy to bring you the news that we're very close to providing Application & Web Category based Traffic Shaping and Prioritization to the beloved OPNsense firewall.

Initial tests with the engine implementation looks very promising. We are able to prioritize and/or set bandwidth caps on select traffic according to L7 criteria like Application/Application Category/Web Category.

Next step is the User Interface.

Here, we're trying to decide whether we should provide different policies for filtering and shaping or we should handle them in a single policy. I guess we need to hear your use cases and opinions.

Your feedback will be much appreciated.

Zenarmor (Sensei) / Sensei 1.6.1 is out

« on: October 07, 2020, 01:52:42 am »

Dear OPNsense community,

Sensei 1.6.1 is now available; doubling TLS/SSL download speeds and fixing remote Elasticsearch TLS authentication bug.

Full Release Notes:

https://www.sunnyvalley.io/post/sensei-1-6-1-for-opnsense-is-out/

20.7 Legacy Series / Call for testing: official netmap kernel

« on: September 16, 2020, 06:53:51 pm »

Dear OPNsense community,

It's my pleasure to announce that OPNsense team has shipped the official netmap test kernel today.

This kernel fixes important stability and reliability issues with regard to vmx(4), vtnet(4), ixl(4), ix(4) and em(4) ethernet drivers.

The kernel also adds long-awaited support for tun(4) and lagg(4) interfaces.

The end benefit of this kernel is that you'll be able to run Sensei or Suricata on the following:

OpenVPN and other VPNs which use tun(4) interface
Link Aggregation Groups (lagg)
QEMU/KVM guests with performant vtnet driver
VMware guests with vmx driver
Intel 10 Gbps Ethernet drivers
Intel 1 Gbps Ethernet (em driver) with VLANs

To deploy the new kernel just run below command and restart your firewall.

Code: [Select]

# opnsense-update -kr 20.7.3-netmap
Patches which went into this kernel have been under heavy testing by us (Sunny Valley Networks) and by the OPNsense team for a few weeks now.

We'd very much appreciate your further testing and feedback. If no further issues pop up, OPNsense team will be shipping all these functionality with 20.7.4 or later releases.

As Sunny Valley Networks, we'd very much like to thank OPNsense/HardenedBSD team, netmap team (Universita di Pisa) and the FreeBSD team for their awesome collaboration and precious efforts. With their full coordination and co-operation, we are able to provide this today.

Intrusion Detection and Prevention / Call for testing: Suricata IPS mode on OPNsense 20.7

« on: May 23, 2020, 02:34:39 am »

Main topic here:

https://forum.opnsense.org/index.php?topic=17363.0

20.7 Legacy Series / Call for testing: netmap on 20.7

« on: May 23, 2020, 02:32:10 am »

Dear OPNsense community,

As promised, we've[1] kicked off another project which focuses on killing remaining netmap bugs on HardenedBSD 12 (FreeBSD 12).

Any help in testing the upcoming OPNsense 20.7 with Suricata (IPS mode) and/or Sensei and providing bug reports would be much appreciated.

We'll get them prioritized, fixed, and committed to the upstream Operating System as soon as possible.

We hope to help provide a release quality netmap implementation for the upcoming OPNsense 20.7 release.

Make sure you update to the latest 20.7 beta after the ISO installation, since latest 20.7 includes some important patches with regard to interface drivers. Kernel should read 12.1-RELEASE-p5 or later:

12.1-RELEASE-p5-HBSD FreeBSD 12.1-RELEASE-p5-HBSD #0 d8b850736ba(master)-dirty

[1] Sunny Valley Networks

Pages: [1] 2