Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - cmdr.adama

Pages1
#1
20.7 Legacy Series / [Solved] SSHD banner
September 05, 2020, 07:06:26 AM
Hey guys,

This should be a fairly simple one where I'm just missing something or maybe something to add as a feature request for a future release if it's not already doable...

What I am wanting to do is add my own content to a SSHD banner.
Because sshd_config is currently automatically generated, is there a way to add or append my legal content to the SSH banner in OpnSense?
#2
20.7 Legacy Series / [Solved] Upgrading from 20.1.9 to 20.7 in AWS fails with cylinder checksum
September 02, 2020, 03:35:58 PM
Hey all,

I have a lovely predicament at the moment with upgrading my FW running 20.1.9 in AWS Lightsail.

I tried an upgrade and when the FW was unresponsive for an hour I was starting to get a bit worried...

Exported a backup to EC2 so that I could do some further testing and access the system log and as the subject mentions... I get a whole lot of "cylinder checksum failed" errors.
cylinder checksum failed.
https://pastebin.com/xUfnZqZN

Did some quick googling and came across https://bugs.freebsd.org/225110 I'm not that great with BSD but is there something I can do before attempting the upgrade to resolve this issue?

Solved: Gave up trying to fix the issue so I spooled up a new FreeBSD 12 instance and ran the bootstrapper. Once I got the FW up... Matter of seconds to cut it over... Nice fresh setup with the old config.
#3
20.1 Legacy Series / 5 plugin vulnerabilities in 20.1.7
June 06, 2020, 05:48:51 PM
Hey guys,

Not sure if you are aware or not, there are 5 packages in 20.1.7 with current vulnerabilities.

How far away are we looking for 20.1.8?

Code Select
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
clamav-0.102.2,1 is vulnerable:
clamav -- multiple vulnerabilities
CVE: CVE-2020-3341
CVE: CVE-2020-3327
WWW: https://vuxml.FreeBSD.org/freebsd/91ce95d5-cd15-4105-b942-af5ccc7144c1.html

libnghttp2-1.40.0 is vulnerable:
nghttp2 -- DoS vulnerability
CVE: CVE-2020-11080
WWW: https://vuxml.FreeBSD.org/freebsd/4bb56d2f-a5b0-11ea-a860-08002728f74c.html

unbound-1.10.0 is vulnerable:
unbound -- mutliple vulnerabilities
CVE: CVE-2020-12663
CVE: CVE-2020-12662
WWW: https://vuxml.FreeBSD.org/freebsd/a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c.html

json-c-0.13.1_1 is vulnerable:
json-c -- integer overflow and out-of-bounds write via a large JSON file
CVE: CVE-2020-12762
WWW: https://vuxml.FreeBSD.org/freebsd/abc3ef37-95d4-11ea-9004-25fadb81abf4.html

gnutls-3.6.13_1 is vulnerable:
GnuTLS -- flaw in TLS session ticket key construction
CVE: CVE-2020-13777
WWW: https://vuxml.FreeBSD.org/freebsd/ef5b4f5f-a658-11ea-80d7-001cc0382b2f.html
#4
20.1 Legacy Series / Loopback interface lost its ip after upgrade to 20.1.4
April 11, 2020, 06:16:49 AM
Hi guys,

Has anyone noticed a bug that dropped Loopback interface config(s) after upgrading from 20.1.3 to 20.1.4?

Not a major issue and was an easy enough to fix it, but it took me a little bit to figure out my loopback interface lost it's IP after the upgrade...
#5
20.1 Legacy Series / [Suggestion] Add Authenticated access for a URL Table (IPs) in Alias's
March 13, 2020, 01:43:03 PM
Hey guys,

Would it be possible to add the option to authenticate access for a URL Table (IPs) in Firewall alias's..

i.e. Like with curl...
Code Select
curl --anyauth --user daniel:secret http://example.com/
#6
Intrusion Detection and Prevention / Suricata and loopback interface
March 05, 2020, 03:04:06 PM
Hi all,

I am in a little bit of a predicament at the moment with my Suricata set up on 20.1.1. Everything seems to be running fine when I just have Suricata set to monitor the LAN interface however when I add my newly created lo1 loopback interface it crashes.

A bit of backstory, I have the FW running in AWS and am mainly using suricata to inspect HTTP/HTTPS traffic coming in from the internet. I have SSL Offloading sending the unencrypted traffic to the loopback interface then back in to re-encrypt to then send to the webserver.

Code Select
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine initialization failed, aborting...
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "W#01-lo1" failed to initialize: flags 0145
2020-03-05T13:55:21 suricata: [100885] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't query netmap for lo1, error Invalid argument
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_SYSCALL(50)] - Unable to set caps for iface "lo1": Operation not supported
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't query netmap for lo1, error Invalid argument
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_SYSCALL(50)] - Unable to set caps for iface "lo1": Operation not supported
2020-03-05T13:55:21 suricata: [100884] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't query netmap for lo1, error Invalid argument
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_SYSCALL(50)] - Unable to set caps for iface "lo1": Operation not supported
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_SYSCALL(50)] - Unable to set caps for iface "lo1": Operation not supported
2020-03-05T13:55:21 suricata: [101218] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't query netmap for lo1, error Invalid argument

What am I missing? Is there a way to get Suricata working with a loopback interface?
Pages1