Messages

dear all,
1st of all i am sorry this question already been asked and been answered, because i didn't find any similar using forum search and google.

the question is: why interface statistics always reset to zero(0) after rebooting? the traffic graphs also start a new graphs.
are the logs not been saved in a logfile?

the interfaces/overview adapter's interface in/out packets counters also reset to zero.

regards
sans

nice work guys. after applying 31a0c40 patch, unbound works flawlessly!

bravo!  ;D

in the freebsd, i can set auto resolution via rc.conf with command
allscreens_flags="MODE_XXX"

where XXX is the number of the resolution i want to set from the list generated via vidcontrol -i mode

so, in opnsense, where should i put the allscreens_flags?
there is no rc.conf in the /etc path

thank you
sans

i am using 21.1 with unbound 1.13.0_1

still crash. always crash. sometime several times a day, sometime once every several days.
there is nothing in the log whatsoever that showing something that i can understand why it keep crashes and crashes.

until the unbound developer (or opnsense decide to change the dns resolver to other) fix this, i disable the service and manually assign the dns to each client (or assign public dns such as opendns, google etc etc in the dhcp settings).

dear all,

in the opnsense -> interfaces -> pppoe0
the ipv4 configuration type = pppoe
while ipv6 configuration type = slaac


slaac configuration = use ipv4 connectivity.

the problem is when the dsl disconnect and reconnect, the old ipv6 address assigned by the isp still there and it will conflicted with the new one assigned by the isp.

i need to remove the ip manually by login into console and issue the ifconfig... delete command.

the question is, what is the true configuration do i need to use so that the old ip will be gone after disconnected and assigned with the new one.

the ipv4 were fine.

i also try to use dhcpv6. same problem.

it is not the problem from the isp because i have no problem when connecting the pppoe using modem or windows.

thank you.
sans

no one like to answer?

ok let me rephrase my question again.

are there some pre-defined ruleset made by opnsense (which can't be edited via  web gui) that prevent me to put:

block drop out quick on pppoe0 all
and
pass out quick on pppoe0 from any to any port = 1234 keep state

so that i can block outgoing at the pppoe0 and allow certain ports only?

the only setting that successful is via LAN. but it still not achieve my needs because from the shell itself can connect to the outside because the filter only made at the LAN interface

thank you
sans

dear all,

i am new here. register as a member so that i can ask this:

for what i understand, the default rules for WAN is blocking inbound and allow outbound while for LAN is allowed both in and out.

what should i put so that WAN is blocking both inbound and outbound and i specify certains rules to allow outbound at WAN (for example, allow outgoing 80 & 443) only.

for your information, i want to set this rules at gateway level (WAN/PPPOE?) and not at LAN interface only, so that both LAN network and opnsense/gateway/pppoe also restricted by this rules.

i already put the rules at WAN:
1. block (direction out, source any, destination any)
2. allow (direction out, source any, destination any, destination ports alias 80,443)

doesn't work.

so i try at floating rules
1. block (direction out, interface not selected, source any, destination any)
2. allow (direction out, interface not selected, source any, destination any, destination ports alias 80,443)

it works, but i caused the port forwarding from outside (from internet to a website forwarded to a LAN machine) failed, although it already been defined in NAT rules.

if i put that rules in a LAN interface, it works, but it only filters outbound access from LAN pc, and not the gateway/opnsense itself.

so my question is, which interface should i use so that the rules applied to both firewall and a machine inside the LAN?