Messages

Hi,
I have 2 questions, but they could be connected maybe to one solution.

I would like to know if there some utility or settings to have some rule to block simple port scanning???
It is like in Mikrotik, where you could have some detection of portscanning by setting weight to scanned ports.
There are some rules which then put remote attackers on list and blocks them before they get to IDS/IPS.
Some solution for this ?

There is another request from my customer to have option to use portknock.
Is some way to use it in OPNsense firewall ? Mainly it works that there is some defined port opening sequence and when it is used from allowed address it opens some port in firewall.

This could be some option to have as feature in OPNsense maybe ???
Or is it solved by Suricata or SENSEI ?

Hi,
better is to think of SENSEI plugin for OPNSENSE - it is very good for content and ads filtering.
Web about SENSEI: https://www.sunnyvalley.io/sensei/
This forum about SENSEI: https://forum.opnsense.org/index.php?board=38.0

I tried to make some new policy in SENSEI, because I could access customer firewall with premium subscription.
I will see if it is OK...
Thanks for hint and support

I have specific requirement for filtering.
My customer wants to have some group of local IP addresses which will be changeable - probably aliases.
This group he wants to limit access to ONLY specific server or servers(*.example.com) and also subdomains (*.server.example.com,  *.example.*).
Is that possible in opnsense ? Or there should be some special plugin for this ?

Thank to anybody who could find some advice how to do this...

To avoid any problems with Intel CPUs just use AMD.
AMD now is  technologically very in front and Intel is left behind.
There are lots of news from AMD and they have very good and powerfull CPUs and for better price then Intel.
If you look at AMD Ryzen, Ryzen Pro, EPYC, embedded Epyc and that big players like Dell, HP and other have strong server platforms based on AMD...
There are of course lots of people who are "locked" and "encrypted" (I do not know how to explain it) with Intel and did not realized that winner is AMD for last 2-3 years.

Pavel

Actually box is working again on opnsense but version 20.7 with latest updates.
After several boots of 21.1. i left it with 20.7.
So I will have to wait with some hope that newer version will work with this box.

If is there somebody who could help with some advice I would appreciate it  ;)

Hi all,
I am writing here after quite long time.
My customer was running his box on vmware + opnsense.
When version 20.7 was released I tried to use it without VMWARE and it worked.
So then it worked several months to end of 2020.
All updates worked fine.
But there is new problem with version 21.1 which is current and it stops on this:

KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xffffffff82967e10
vpanic() at vpanic+0x1a2/frame 0xffffffff82967e60
panic() at panic+0x43/frame 0xffffffff82967ec0
trap_fatal() at trap_fatal+0x39c/frame 0xffffffff82967f20
trap_pfault() at trap_pfault+0x49/frame 0xffffffff82967f80
trap() at trap+0x29f/frame 0xffffffff82968090
calltrap() at calltrap+0x8/frame 0xffffffff82968090
--- trap 0xc, rip = 0xffffffff812ac01b, rsp = 0xffffffff82968160, rbp = 0xffffffff829681b0 ---
xgbe_phy_reset() at xgbe_phy_reset+0x1b/frame 0xffffffff829681b0
xgbe_phy_reset() at xgbe_phy_reset+0x10/frame 0xffffffff829681d0
axgbe_if_attach_post() at axgbe_if_attach_post+0x324/frame 0xffffffff82968210
iflib_device_register() at iflib_device_register+0xfd4/frame 0xffffffff829685a0
iflib_device_attach() at iflib_device_attach+0xb7/frame 0xffffffff829685d0
device_attach() at device_attach+0x3e1/frame 0xffffffff82968620
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff82968650
pci_attach() at pci_attach+0xd5/frame 0xffffffff82968690
device_attach() at device_attach+0x3e1/frame 0xffffffff829686e0
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff82968710
acpi_pcib_pci_attach() at acpi_pcib_pci_attach+0xa1/frame 0xffffffff82968750
device_attach() at device_attach+0x3e1/frame 0xffffffff829687a0
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff829687d0
pci_attach() at pci_attach+0xd5/frame 0xffffffff82968810
device_attach() at device_attach+0x3e1/frame 0xffffffff82968860
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff82968890
acpi_pcib_acpi_attach() at acpi_pcib_acpi_attach+0x440/frame 0xffffffff82968900
device_attach() at device_attach+0x3e1/frame 0xffffffff82968950
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff82968980
acpi_attach() at acpi_attach+0xd81/frame 0xffffffff82968a10
device_attach() at device_attach+0x3e1/frame 0xffffffff82968a60
bus_generic_attach() at bus_generic_attach+0x5c/frame 0xffffffff82968a90
device_attach() at device_attach+0x3e1/frame 0xffffffff82968ae0
bus_generic_new_pass() at bus_generic_new_pass+0x118/frame 0xffffffff82968b10
root_bus_configure() at root_bus_configure+0x77/frame 0xffffffff82968b40
configure() at configure+0x9/frame 0xffffffff82968b50
mi_startup() at mi_startup+0x118/frame 0xffffffff82968b70
btext() at btext+0x2c
KDB: enter: panic
[ thread pid 0 tid 100000 ]
Stopped at      kdb_enter+0x3b: movq    $0,kdb_why
db>


Is there somebody who could look at this and help with details?

Thanks.

Thanks and problem report sent...

Thank you for reply.
I checked now Dashboard and I see this:

Disk usage   
9% / [ufs] (8.9G/108G)
0% /usr/local/sensei/output/active/temp [ufs] (8.0K/9.3M)

In attachement is screenshot...

What does it mean ?

Hi,
I have some problems with Sensei on PC Engines APU - mainly with graphs and reports.
HW is PC Engines APU4, 4GB RAM, CPU AMD GX-412TC SOC (4 cores), 128GB SSD.
There is new updated opnsense to 20.1(libressl) and sensei latest install. I repeated also install today again.
Sensei shows in status it is OK, but I do not see any graphs or reports.
Is there some advice how to solve this ?

Try booting 19.7 and do the following after a couple minutes from a directly connected machine. Set up your IP manually to be on the safe side.

ssh installer@192.168.1.1

Hi,
I have tried it and nothing happened. I am trying it from Windows machine. I see in network adapter only 10Mbit speed, so the box is not running in right drivers. It has realtek net adapters.
I tried to install vmware and it worked nice - i will try to install opnsense in vmware and let you know...

Hi,
thank you. I wil try this...
Should I use serial or dvd version ?

I have tried 19.7 and it was same, but i did not have serial version to copy content.
So for this reason I tried 19.1. which I have in serial usb install.
HW is just new and it certainly has actual bios. In bios there are lots of options, but in ACPI section is only possible to disable or enable ACPI or suspend.
HW has power on button but it is not something unusual.
It did not get to state to have IP address. If you check my attachments from last post there is no start of opnsense.
I will try to run all in VMWARE, but I would like to prefer to have this box only for opnsense...
So I will try 19.7. and we will see.
I could also try to boot vmware esxi to see if it will work.

I have this for use as opnsense firewall:
Barebone XtendLan EBF-224-V1605B
Barebone, Ryzen V1605B 4x 2,0GHz, 2x SO-DIMM, HDMI+DP, 2x LAN, 7x USB 2.0/ 3.0/ typ C, 1x COM, TDP 15W, fanless
There is installed 16GB RAM and M.2 64 GB SSD
I tried to install normal DVD image with latest opnsense and it stops with "power button".
I have 19.1. serial, so I tried it and there is copy of terminal text in attachements

When I boot FreeBSD 12 latest it goes well to run and it is possible to install FreeBSD 12 on it.

Is there some possibility to solve "power button" to finish the setup ?

Thanks for reply

Hi,
OK I will prepare it to HW forums.
Thanks.