1
15.7 Legacy Series / Re: LibreSSL or OpenSSL? Try both.
« on: August 15, 2015, 12:30:57 pm »
cool. are openSSL and libreSSL compatible at the moment? i mean, if change now, do i have to reconfigure some other settings as well?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
15.7 Legacy Series / GUI clickable icon bug?
« on: August 15, 2015, 02:00:13 am »
I have the weird problem where the outcome of the action will differ depending where i click on the icons.
if i click on the drawing itself (pencil, cross, arrow) the desired action will be executed, but if i click on the icon square, not the black drawing, the action might differ slightly ie. edit will act as if i clicked "move selected rules before this rule" icon. no, i did not accidentally drag my mouse when clicking, which does just this.
This mostly happens in the Firewall section, but happens in other areas as well.
Is this a known issue or did i just found a real bug?
Keep the good work going!
if i click on the drawing itself (pencil, cross, arrow) the desired action will be executed, but if i click on the icon square, not the black drawing, the action might differ slightly ie. edit will act as if i clicked "move selected rules before this rule" icon. no, i did not accidentally drag my mouse when clicking, which does just this.
This mostly happens in the Firewall section, but happens in other areas as well.
Is this a known issue or did i just found a real bug?
Keep the good work going!
3
15.7 Legacy Series / Re: LibreSSL or OpenSSL? Try both.
« on: August 15, 2015, 01:50:20 am »
Poke! 
Now what happens when OPNsense decides to ship LibreSSL as the default? I now have OpenSSL running with the options page in the GUI set to "Default". will my system in that case automatically switch to LibreSSL or will it keep using OpenSSL until I say otherwise? This because the "Default" will represent OpenSSL now, but after the update, LibreSSL.
Now what happens when OPNsense decides to ship LibreSSL as the default? I now have OpenSSL running with the options page in the GUI set to "Default". will my system in that case automatically switch to LibreSSL or will it keep using OpenSSL until I say otherwise? This because the "Default" will represent OpenSSL now, but after the update, LibreSSL.
4
General Discussion / [SOLVED] OpenVPN can't ping LAN
« on: August 15, 2015, 01:36:00 am »
This problem is now solved(ish)!
Franco has helped me killing this problem, in the end the problem solved itself??!
Yea... we broke the vpn settings, after we reversed the mistake, the normal setup seemed to work fine.
so in the end NOTHING was changed at all, but everything works now!
The only thing worth mentioning is that IF you change anything openvpn related like add/remove/edit a firewall rule regarding the openvpn server (port 1194, or in my case 443) the openvpn service needs to be stopped and started manually, restart alone doesn't seen to work in this case, dunno why...
Thanks to Dominian for mentioning the "Topology" option!
Also for this specific use, where i wanted to access my lan network, i needed to terminate the vpn to my lan interface, this is done by changing the openvpn server option "Interface" from "WAN" to "LAN" and add a matching NAT rule to the LAN ip address, in my case 10.25.1.254 (now restart openvpn server
).
Franco is still looking into this episode of the x-files and maybe this mistery will be solved once and for all... tune in next time to find out!
In the meanwhile, somewhere out there, a case of beer is finding it's way to you franco!
Franco has helped me killing this problem, in the end the problem solved itself??!
Yea... we broke the vpn settings, after we reversed the mistake, the normal setup seemed to work fine.
so in the end NOTHING was changed at all, but everything works now!
The only thing worth mentioning is that IF you change anything openvpn related like add/remove/edit a firewall rule regarding the openvpn server (port 1194, or in my case 443) the openvpn service needs to be stopped and started manually, restart alone doesn't seen to work in this case, dunno why...
Thanks to Dominian for mentioning the "Topology" option!
Also for this specific use, where i wanted to access my lan network, i needed to terminate the vpn to my lan interface, this is done by changing the openvpn server option "Interface" from "WAN" to "LAN" and add a matching NAT rule to the LAN ip address, in my case 10.25.1.254 (now restart openvpn server
).Franco is still looking into this episode of the x-files and maybe this mistery will be solved once and for all... tune in next time to find out!
In the meanwhile, somewhere out there, a case of beer is finding it's way to you franco!
5
15.7 Legacy Series / Firewall undo button
« on: August 15, 2015, 01:03:49 am »
Is it a good idea to add a button to undo the removal/change of a firewall rule?
I'm testing adding changing removing rules and sometimes i remove the wrong rule because the browser hasn't updated yet or just bugs out for some reason... anyhow, the new button would remove some headache by adding a small rollback to the firewall. saving multiple points in time is overkill, but rollback over current changes should be nice to have.
I'm testing adding changing removing rules and sometimes i remove the wrong rule because the browser hasn't updated yet or just bugs out for some reason... anyhow, the new button would remove some headache by adding a small rollback to the firewall. saving multiple points in time is overkill, but rollback over current changes should be nice to have.
6
16.7 Legacy Series / Re: How to test the development version
« on: August 11, 2015, 08:19:07 pm »
Jup! First thing i did 
7
16.7 Legacy Series / Re: How to test the development version
« on: August 11, 2015, 07:05:10 pm »
I know! it's awesome right?!
8
16.7 Legacy Series / Re: How to test the development version
« on: August 11, 2015, 03:37:21 pm »
Thanks for the info! it is connected trough a dedicated networkcard directly on my production firewall
I should be covered!
I should be covered!
9
General Discussion / Re: Future Request About Addons/Packages Versions
« on: August 11, 2015, 01:39:00 pm »
Fair enough, i've never looked at it that way...
I know pfSense, which is packed with options and still has the option to add more. but to use it to make the base system lighter is kinda cool.
again, i'm not against the plugins thing,i just like secure systems
Keep up the good work!
I know pfSense, which is packed with options and still has the option to add more. but to use it to make the base system lighter is kinda cool.
again, i'm not against the plugins thing,i just like secure systems
Keep up the good work!
10
16.7 Legacy Series / Re: How to test the development version
« on: August 11, 2015, 01:32:28 pm »
Good, i'll set one up then!
11
15.7 Legacy Series / Re: 15.7.7: transparent proxy, firewall logs summary pie charts, openvpn revamp, ...
« on: August 11, 2015, 12:42:51 pm »
Nice prospects! I will look into the transparent proxy as well!
12
General Discussion / Re: Future Request About Addons/Packages Versions
« on: August 11, 2015, 12:35:13 pm »
Is it really a good idea to include packages/plugins just like pfSense?
I understand the probable need for a rollback option for integrated plugins, but to have the option to enable all kinds of plugins might break or slow your system considerably. I like the option to do so, but it will be risky without proper documentation. I like OPNsense over pfSense just for this reason alone, the build in plugins/options are being tested by developers (people who really know what they are doing) and only released when they think it's safe to use.
Yes, it's still a young project and mistakes will be made, but it's a sturdy platform and like this philosophy so far.
Pardon my rant
Groveld
I understand the probable need for a rollback option for integrated plugins, but to have the option to enable all kinds of plugins might break or slow your system considerably. I like the option to do so, but it will be risky without proper documentation. I like OPNsense over pfSense just for this reason alone, the build in plugins/options are being tested by developers (people who really know what they are doing) and only released when they think it's safe to use.
Yes, it's still a young project and mistakes will be made, but it's a sturdy platform and like this philosophy so far.
Pardon my rant
Groveld
13
16.7 Legacy Series / Re: How to test the development version
« on: August 11, 2015, 12:02:28 pm »
To help with the testing, do you recommend i use real hardware or can i use a virtual machine just as well?
14
General Discussion / Re: The Use of RAM Disks
« on: August 11, 2015, 11:51:30 am »
Gotcha! Then i keep using my system with ramdisk off, having a modern ssd and all.
I'd rather have a working system than relying on a function that may or may not work properly in the future in case of missing folders etc.
Thanks for your reply,
Groveld
I'd rather have a working system than relying on a function that may or may not work properly in the future in case of missing folders etc.
Thanks for your reply,
Groveld
15
General Discussion / Re: The Use of RAM Disks
« on: August 11, 2015, 11:21:42 am »
I don't know if i read this wrong, but you're practicly saying that if i can spare it, don't use ramdisk because the updated can be hefty, is that it?
Pages: [1] 2