Messages

1

Intrusion Detection and Prevention / Re: Proofpoint Telemetry Flowbit Issues.

« on: November 28, 2024, 06:05:11 pm »

Hi, I'm a malware analyst & rule writer on the Emerging Threats team.  I have personally developed a fix for this issue which as far as I'm aware, should now be live.  You should no longer be having flowbit dependency issues.

Hi ETOzurie,

I don’t believe that the fix is available yet. I’m still experiencing the issue. Do I need to make any configuration changes for the fix to be enabled?

2024-11-28T12:01:00-05:00   Warning   suricata   [100463] <Warning> -- flowbit 'et.http.PK' is checked but not set. Checked in 2019835 and 1 other sigs   
2024-11-28T12:01:00-05:00   Warning   suricata   [100463] <Warning> -- flowbit 'et.MCOFF' is checked but not set. Checked in 2019837 and 0 other sigs

2

24.7 Production Series / Unbound DNS over Quic (DOQ) Feature Request

« on: November 02, 2024, 09:40:23 am »

Hello Opnsense Team,

Is Unbound DNS over Quic support in the roadmap? Unbound would need to be compiled with quic support.

https://blog.nlnetlabs.nl/dns-over-quic-in-unbound/

3

Intrusion Detection and Prevention / Proofpoint Telemetry Flowbit Issues.

« on: September 30, 2024, 12:28:12 pm »

When is the proofpoint team going to address this issue? It started happening 3 weeks ago and I didn’t make any configuration issues. I tried deleting all of the rulesets and re-downloaded.

2024-09-30T06:01:05-04:00   Warning   suricata   [100908] <Warning> -- flowbit 'et.http.PK' is checked but not set. Checked in 2019835 and 1 other sigs   
2024-09-30T06:01:05-04:00   Warning   suricata   [100908] <Warning> -- flowbit 'et.MCOFF' is checked but not set. Checked in 2019837 and 0 other sigs

4

Intrusion Detection and Prevention / Re: Zenarmor or Suricata

« on: September 30, 2024, 12:23:45 pm »

It’s more appropriate to configure Suricata for the WAN and have Zenarmor configured against the LAN.

5

24.7 Production Series / Re: IPv6 prefix delegation not working with 24.7.1-.3

« on: August 30, 2024, 03:20:34 pm »

2 delegated prefixes. IPv6 connectivity (LAN and WAN) works as well. OP’s issue might be related to his configuration or ISP. My setup isn’t fancy at all. It’s a standard configuration.

6

24.7 Production Series / Re: IPv6 prefix delegation not working with 24.7.1-.3

« on: August 30, 2024, 03:18:14 pm »

IPv6 Prefix delegation is working fine for me. Standard configuration using track interface. Send prefix hit only. Comcast is my ISP for home and business.

Opnsense screenshot: https://imgur.com/a/UswlxyF

7

24.7 Production Series / Re: Health Reporting Broke Again with The 24.7.3 update

« on: August 29, 2024, 06:23:40 pm »

Okay. My fault everyone. Based on jullsssarks remark it is indeed working. My post can and should be ignored. Sorry about that.

8

24.7 Production Series / Re: Health Reporting Broke Again with The 24.7.3 update

« on: August 29, 2024, 06:01:38 pm »

I'll run the command shortly. I believe that I'll have the same result as you. The graph is working fine. The current view statistics show zero.

Screenshot: https://imgur.com/a/RSq51GI

9

24.7 Production Series / Re: Health Reporting Broke Again with The 24.7.3 update

« on: August 29, 2024, 05:32:47 pm »

Well the graph is working, but the current view report shows zeros. Not sure if this expected. It appears to be partially working.

10

24.7 Production Series / Health Reporting Broke Again with The 24.7.3 update

« on: August 29, 2024, 05:23:33 pm »

No statistics 0's across the board again.

11

24.7 Production Series / Re: No public ipv6 address after upgraded to 24.7

« on: July 28, 2024, 04:58:04 pm »

This patch appears to work for me, but I'm not using a PPPOE connection. I'm using Comcast business:

https://github.com/opnsense/core/commit/287c13beb

I'll continue to monitor. The WAN IP hasn't been refreshed since restart yet.

12

24.7 Production Series / Re: No public ipv6 address after upgraded to 24.7

« on: July 28, 2024, 02:09:18 pm »

Same issue with. Post upgrade all of my clients have lost IPv6 connectivity. IPv6 test fails etc. was working fine for well over a year prior to upgrade.

13

24.1 Legacy Series / pkg: glib has a missing dependency: python39

« on: May 17, 2024, 08:08:10 pm »

Processing candidates (18 candidates): .
pkg: glib has a missing dependency: python39
Processing candidates (18 candidates)...... done
Checking integrity... done (0 conflicting)

This broke Zenarmor. Please advise on when the issue is going to be resolved.

14

Zenarmor (Sensei) / Re: why is eastpect locked to a single core

« on: November 25, 2023, 10:28:23 am »

So, now multi-score support has been delayed for a year?

15

Zenarmor (Sensei) / Re: The futility of Zenarmor in Opnsense

« on: August 10, 2023, 02:30:52 pm »

What exactly is the purpose of this post. As with anything I life you have choices. Simply stop using Zenarmor and use Adguard. Your post here really means nothing in the grande scheme of things.