Topics

1

Intrusion Detection and Prevention / Intrusion Detection => Strategy => There are too many entries.

« on: August 25, 2024, 06:51:05 am »

Intrusion Detection => Strategy => There are too many entries. Is it possible to have an option of ALL under each category? It is really frustrating to have to choose one by one under each entry. I feel like I am holding a stone to prepare for defense.

2

Intrusion Detection and Prevention / I don't know how to integrate abuseipdb.com's IP List into opnsense to block the

« on: August 21, 2024, 05:59:15 am »

I have been reported by Maltrail for a lot of dirty IP access and scanning reported by abuseipdb.com. But I don't know how to integrate abuseipdb.com's IP List into opnsense to block these annoying IPs. Is there any good way to do this? :'(

3

24.7 Production Series / Zenarmor Some of the settings cannot be successful.

« on: August 12, 2024, 01:05:37 pm »

In setup, I cannot change the settings of interfaces. When I clicked set security zone, I added or deleted status (such as WAN), and after confirming, I clicked restart. However, the deleted status settings reappeared. I tried many times but it didn't work. 

4

General Discussion / Please tell me if such a function can be achieved.

« on: January 29, 2024, 02:33:52 pm »

It's easy under ROS, just write a script.

If you want to suspend the use of a certain network card at a fixed time and make the network card invalid. Set another time to restore the use of this network card. Meet the need to control network connections. How to implement this function.

5

Chinese - 中文 / 请教，是否可以实现这样的功能。

« on: January 29, 2024, 02:33:05 pm »

在ROS 下很容易，写个脚本就可以。

如果想在一个固定的时间，暂停某块网卡的使用，让这个网卡失效。再设定一个时间，恢复这块网卡的使用。达到控制网络连接的需要。这个功能，要如何实现。

6

22.7 Legacy Series / 22.7.9 Lose WAN

« on: December 06, 2022, 03:53:29 am »

Looking at the many questions in the forum, what I encountered was that the WAN would lose the link within a day.
I chose to fall back to 22.7.8. Waiting for the next major version update.
The 22.7 series is really a lot of tribulations.

7

General Discussion / I want to suggest that the official launch a function like Fail2ban.

« on: November 14, 2022, 04:15:27 am »

I would like to suggest that the official launch of a function: similar to the function of Fail2ban, or cooperate with it. Realized function: When the set number of wrong attempts is exceeded, the IP will be added into a list, and it will be blocked, or the connection will be prohibited for a set period of time. I don't know if such a function is expected by everyone.
The problem now is that some junk ip is constantly scanning and trying. Every day, every hour, it is really disgusting to see. Even if you add a blacklist to the firewall and add major blacklists to Intrusion Detection and Prevention. But in Maltrail, some IPs are constantly doing nasty things.
Not sure if I made my point. Please understand.

8

22.7 Legacy Series / OPNsense 22.7.7_1-amd64 has just been upgraded. everything is normal.

« on: November 07, 2022, 07:29:13 am »

OPNsense 22.7.7_1-amd64
FreeBSD 13.1-RELEASE-p3
OpenSSL 1.1.1s 1 Nov 2022

OPNsense 22.7.7_1-amd64 has just been upgraded. everything is normal. Can't use or can't use. Still usable. Just 1 hour ago, there are new discoveries, and I will report again.

=================

unusable： CrowdSec

9

22.7 Legacy Series / 22.7.6 broke webui access

« on: October 13, 2022, 09:25:44 am »

 :'( :'( :'(

10

22.7 Legacy Series / It seems that the memory overflow problem is more serious?

« on: October 10, 2022, 06:54:07 am »

After updating to the latest version, only 2 days later, 16GB of memory can no longer meet the requirements. SWAP has already used 1GB.

The main ones are suricata and maltrailserver. This is also the 2 functions that I have to use.

It used to last for 1 week before overflowing. Started 1 day now. Ask the boss to control this problem. Thank you thank you.

11

22.7 Legacy Series / 22.7.5 Just upgraded to the latest version. Everything works fine.

« on: October 06, 2022, 09:44:25 am »

Just upgraded to the latest version.

OPNsense 22.7.5-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022


Can't use it, still can't use it.   ：=>  CrowdSec

Everything works fine.

Thanks Opensense Team.  Nice Team.

12

22.7 Legacy Series / The memory leak problem seems to be back.

« on: September 26, 2022, 07:07:10 am »

OPNsense 22.7.4-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022

After restarting and using it for about 3 days, the 16GB memory can no longer meet the demand. SWAP is already using over 400 MB, which is kind of frustrating, seems to have just been fixed in the last version. Please check it out.

13

22.7 Legacy Series / Upgraded to the latest version and it died. . . maltrailserver CrowdSec

« on: September 02, 2022, 06:15:14 am »

OPNsense 22.7.3_2-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022

I rebooted after installation.

maltrailserver  CrowdSec  Show me the big red square, is this too tired?   

14

22.7 Legacy Series / The Intel network card cannot work in full-duplex mode. In half-duplex mode

« on: August 19, 2022, 05:38:20 am »

The Intel network card cannot work in full-duplex mode. In half-duplex mode, there are errors in both incoming and outgoing.

Just upgraded to the latest version：
OPNsense 22.7.2-amd64
FreeBSD 13.1-RELEASE-p1
OpenSSL 1.1.1q 5 Jul 2022
----------------------------------------

There was no problem before, I will give feedback and hope to get attention. Currently in half-duplex mode, it can still be used, but there will be packet errors.

network card that can be used normally



Full-duplex can be used before, but now only half-duplex network cards can be used.



There will be packet errors


 

15

22.1 Legacy Series / I have upgraded to the latest version, this is a feedback.

« on: May 24, 2022, 09:22:05 am »

    OPNsense 22.1.7_1
Yes. After waiting for a few months, I saw that the version has been iterated to OPNsense 22.1.7_1. Also seeing fewer and fewer questions in the forums, I finally gathered up the courage and clicked the update button. . . In this process, the download file part is not a success. I have done it several times. Fortunately, every update will download a part of the file, and in the subsequent update, it can be used. After 3 update operations, all the files are finally successfully downloaded. After shiveringly pressing OK, after several reboots. Finally upgraded to OPNsense 22.1.7_1. Today is the third day, and it seems that everything has exceeded my expectations. The previous memory leak problem does not seem to have occurred. Maybe in a few days, I'll come back and update this for everyone. I wish you all the best too.
cheers
To the bosses of opnsense.