OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of jonf »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - jonf

Pages: [1]
1
21.1 Production Series / Suricata vs Sensei
« on: February 24, 2021, 11:36:06 am »
I recently heard about this OPNsense plugin called Sensei, which by the sounds of it basically adds all sorts of network protection tools as well as extra web filtering to your installation.  Is this like Suricata on steroids?  Would Sensei replace all its functionality making Suricata unnecessary, or could the two work side-by-side?

2
21.1 Production Series / Download encrypted OPNsense config file via script?
« on: February 20, 2021, 09:33:50 pm »
I found the following thread on this forum...

https://forum.opnsense.org/index.php?topic=15349.0

...but it's just over a year old so I thought I'd start a new thread to ask my question about this.  Is it possible to use some of the commands in that script to also set a password for the config before downloading, just like you'd set one in the web GUI when manually downloading the config?

3
21.1 Production Series / Email alert when WAN drops/reconnects?
« on: February 16, 2021, 01:15:32 pm »
I'd like to get an email alert from OPNsense when my WAN connection has dropped and reconnected. As a bonus it would be nice if it could also show me the new IP addresses (v4 and v6) within the email. How could I do this?

4
General Discussion / Feature request (sort of): dynamic DNS - NoIP over IPv6?
« on: February 12, 2021, 11:28:37 am »
Not sure if this is the right part of the forum to ask but here we go...

I recently signed up to NoIP's dynamic DNS service so I could link it up to my OPNsense box.  I notice that OPNsense currently supports linking your IPv4 address to your NoIP hostname, but not the IPv6 address.  I don't know if NoIP's IPv6 service wasn't available at the time NoIP was initially added to the list of providers, or if it's been tested before but not included because of some issues.

In case it's the former I wanted to ask if it could be added, so I guess this thread is sort of a feature request.  If it helps the developers here's a link I found to the details required for integrating their update service into 3rd party products, including the IPv6 related stuff:

https://www.noip.com/integrate/request

I tested this with my own hostname by resetting my broadband connection to get new IP addresses (I have both v4 and v6 enabled), then I copied/pasted their HTTPS update request link (modified with my account details, hostname, and the IPv6 address to be linked) into my browser to see if it updated my hostname's IP address.  It gave a message that said "good <newipv4address>,<newipv6address>".  I then logged into my NoIP account and both the v4 and v6 addresses got updated (maybe because I have both running on my network).

5
21.1 Production Series / Intrusion Detection rulesets - good/bad choices?
« on: February 10, 2021, 03:13:00 pm »
I'd like to try out the Intrusion Detection feature in OPNsense but I see that there are...rather a lot of choices of different rulesets to choose from.  I won't select all of them as I'd assume this would use more resources and possibly block things I don't want blocked.

Does anyone recommend any particular ruleset(s)?  If it makes any difference I'm playing online games quite a lot at the moment and I have a file server which also runs torrents behind my VPN.

6
21.1 Production Series / Questions about running OPNsense in live mode
« on: February 07, 2021, 03:22:00 pm »
Greetings,

I've recently bought a new pico-ITX PC to use as my home router and I've chosen to use OPNsense for this.  When I boot into the DVD ISO image I notice it starts by default in live mode.  I've read it can also be run permanently in such a mode ("embedded", I think?) if you want.  Just out of curiosity, I have a couple of questions about this:

- Aside from reducing the number of read/write operations for certain types of flash media (depending on the user's chosen hardware), would there be any other benefit(s) in running OPNsense this way vs. a more permanent installation (e.g. security-wise)?

- I see that you can install plugins for extra functionality in OPNsense.  If I run it in live mode, are these plugins 'installed' in RAM with the rest of the system, or can they be saved onto non-volatile storage (i.e. to reduce recovery time from a power outage)?

- Would backing up the config in live mode just restore your core settings, or would it also include whatever plugins (or their respective config) you chose?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.18 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2