Messages

121

General Discussion / Re: Docker in the OPNsense environment?

« on: February 17, 2019, 07:12:58 am »

I also look in this direction, because it's more easy and versatile for developers to maintain just Docker rather than many plugins for third party services like Ubiquiti Controller.
Here is an experimental implementation:

https://wiki.freebsd.org/Docker

122

19.1 Legacy Series / Re: Call for testing: New netmap enabled kernel

« on: February 15, 2019, 05:59:21 am »

So is there 19.1.1 netmap enabled or just 19.1 ?

123

19.1 Legacy Series / Re: Call for testing: New netmap enabled kernel

« on: February 14, 2019, 10:37:29 pm »

Now when there is 19.1.1 can we use it with netmap enabled kernel and what is the command?

May be "# opnsense-update -bkr 19.1.1-netmap" ?

124

19.1 Legacy Series / How to edit the notorious "Default deny rule"

« on: February 13, 2019, 10:00:23 pm »

Hi felas,

i have a problem behind several routers with accessing Dahua DVR/NVRs by serial number (Dahua's DDNS).
Edited Firewall>>LAN>>Advanced>>State>>State Type to 'none' and the default deny rule still kicks in
Any clue?

p.s. it's all about asymmetrical routing. Is there a way to allow it for sure?

125

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: February 13, 2019, 09:42:35 pm »

Hi hbc,

Yep, correct. VLANs were also broken, but it looks like it was fixed with the FreeBSD 11.2 update. My note was about virtio support. Sensei 0.7 filters out any virtio interfaces. 0.8 will remove this filtering so that they will be presented in the Interface Selection.

Source Interface/Network Address/IP Address/VLAN/User/Group filtering is a feature of Policy based enforcement, which will be showing up with the Premium Subscription.

My advice is to consider exchange "Source Interface/Network Address/IP Address/VLAN/" for volume of users above 1000 or so... It's vital for usability and development at all IMHO.

126

Hardware and Performance / Good ITX board with limited availability

« on: February 06, 2019, 09:06:06 pm »

From time to time i observe the net for a decent ITX 12V(or wider DC power tolerance) with proper components for a x86 router. I guess i find one in Intel:
https://solutionsdirectory.intel.com/solutions-directory/d3543-s-industrial-series-mini-itx-mainboard
and found it also in Fujitsu:
http://www.fujitsu.com/fts/products/computing/peripheral/mainboards/industrial-mainboards/d3543s.html

I am in Bulgaria, and here such boards are hard to find and order. Is anyone seen this board anywhere ot order single piece in Europe?

127

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: February 02, 2019, 10:20:23 am »

19.1 goes in production now, and we that have sensei have a problem:
https://forum.opnsense.org/index.php?topic=11400.msg51520#msg51520

128

19.1 Legacy Series / Re: New OpenVPN Export does not work with Windows because of UDP instead of udp

« on: February 02, 2019, 09:59:08 am »

i also observed this and 'comp-lzo' not inserted in .OVPN file also.

129

19.1 Legacy Series / Re: Upgrade fail

« on: February 02, 2019, 09:57:40 am »

Setting vm.pmap.pti tunable to 0 not helping me. After unlocking 19.1 and hit upgrade router boots normally, but version stays on 18.7.10_4.
My instance runs as VM on Proxmox 5.3-7. All 4 cores of i5-4570 are fully exposed to VM in 'host' mode.
Ask if some logs are needes.

130

Hardware and Performance / Re: Fitlet2 J3455 alternative?

« on: January 11, 2019, 06:42:08 pm »

Whats wrong with the fitlet2 itself? Its onboard NICs are Intel i211s and its FACET add in card its two more i211s. So a total of four Intel NICs.

The price.

131

Hardware and Performance / Re: Best Nic Card

« on: January 06, 2019, 07:04:14 pm »

Here is a thread with good content about NICs:
https://forums.servethehome.com/index.php?threads/list-of-nics-and-their-equivalent-oem-parts.20974/

132

Hardware and Performance / Re: Fitlet2 J3455 alternative?

« on: January 06, 2019, 07:02:46 pm »

I also observe these small PCs but for such moneay always will take second hand brand PC with haswell i5 + i340-T4 also second hand, and there is no comparison in performance and options...
Just players on the market are too few, and i will give them a time to evolve before buy something from them.
On other side HP, Dell, Lenovo are always stable for such use. I never had strange behavior or failure with them.
As i read this forum and pfSense that can't be said for Qotom.

133

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: December 27, 2018, 09:04:14 pm »

Also thanks from me for the update.

"12. Fixed Rebellion Theme compatibility issues."

In session details the headers of the columns are still with white text on white background:

https://www.dropbox.com/s/0v72em2bch0rk0q/Reb.jpg?dl=0

134

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: December 23, 2018, 10:53:34 pm »

I have only LAN selected in Sensei with only one IP and no VLANs on it. The adresses are known internal hosts. Not broadcast or net addresses.

135

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: December 23, 2018, 06:02:32 pm »

Very often i see remote hosts in local table and vice versa. Is something wrong with my setups?
And sometimes i see comunication between two local ip addresses and one of them is marked as remote...