Topics

1

General Discussion / How much "scanning" is normal?

« on: April 23, 2024, 01:59:21 am »

Hi guys,

I observe on my firewall log that I am seing permanently random addresses trying to connect to suspicious ports, for instance 22, 23, 2222, 2323, 3389 etc. At some points I get 25 such requests in about 10 minutes of time.

As I believe to have been recently hacked (got an account hijacked), I got rather suspicious.

I am aware that it's normal that we're all exposed over the WAN. But how much is "normal" or acceptabe?

In the meantime I've had my IP changed (my operator left me with the same for about a year now,...), same with the new IP. Also I implemented Geo-Blocking, which works great, at least from what I see in the firewall log.

Trying to run a tight ship now... but wondering whether this is a normal experience or if you'd say nono, you should not see more than 5 a day,... :-)

Thanks.

2

Hardware and Performance / WAN faster than LAN...

« on: September 03, 2021, 12:49:16 pm »

I do have a weird behavior with my Opnsense installation. Here´s the environment:

SW:  OPNsense 21.7.1-amd64
        FreeBSD 12.1-RELEASE-p19-HBSD
        OpenSSL 1.1.1k 25 Mar 2021

HW:  APU4D4 (4xIntel I211AT), 4GB RAM,  AMD Embedded G series GX-412TC, 1 GHz quad Jaguar
        core with 64 bit and AES-NI support, 32K data + 32K instruction cache per core, shared 2MB
        L2 cache.

NET:  1gbps Cable WAN connection on IGB1, 1gbps LAN interface on IGB0.

When I connect directly to the modem from the PC, I get close to the 1gbps WAN throughput.

Now the weird thing I do not really understand:

-  PC-Opnsense IPerf3 with 4 parallel streams (best restults) I get around 500mbps max.
-  PC-WAN (Oakla) I get about 650mbps

Not only is of course the WAN performance way below expectation, but the LAN side is even more surprising. How can I get 500mbps on the LAN and 650mbps on WAN, considering I have to go though the same LAN to get to these 650mbps?

BTW, I also tried UDP on the LAN, no chance, rarely above 500mbps (various combinations of parallel streams, reverse testing and bandwidth tested).

Any hints on how I can improve the LAN performance, or maybe even getting the WAN speed up?

Thanks.

3

20.1 Legacy Series / Limit connection by duration

« on: May 12, 2020, 08:13:43 pm »

Good day,

I am desperately seeking a possibility to limit the connection by duration. For instance, I´d like to create an alias for all devices of my kids, and limit their usage to xx Minutes per day per device. Or even better, to create users, force them to login and get them a per account daily limit.

Is this something that can be done?

Thanks.

KR, Bruno
#

4

20.7 Legacy Series / Performance Issues LAN

« on: May 02, 2020, 11:24:11 am »

Good day,

am not sure if this is related to the 20.7 Dev Build. I apologize if I´m in the wrong topic.

I have just recently started using Opensense. Got myself a APU4 board from PCEngines. It all runs quite smooth, am certainly not unhappy. Managed to get the firewall and everything to my liking, still battling VPN client issues (OpenVPN to Server). But that´s a different topic ;-)

An issue I am having is with LAN performance. If I do IPERF vs. the router, I get approx. 450mbps for TCP, but I do get 1gbps when using UDP. Have tried both with 5 parallel streams. When I look at the processor load on TCP, I get core 0 running pretty much idle, while 2,3 & 4 are maxed out. Overall Netdata shows me 100% usage.

For WAN I do have 300/30mbps connection, which I do get to the client without problems.

Everything is wired btw.

Any suggestions on how I can improve TCP throughput in the LAN? I specially don´t like slow speeds between NAS and clients...

Thanks.