Messages

This is also how some MITM attacks/behaviors look like.
Not saying that your ISP does something similar, but something/somebody is interfering with it. Maybe a service running on that same port?

I'm also using Quad9 with LibreSSL. Still working fine :)

No such thing here... Still working fine :)

Are you using actually using DHCP for the clients or static IPs?
Also, did you verify that the leases are there (in Services: DHCPv4: Leases)?

Works perfectly fine here (so far).
Well done!

Although I would need to see those packets over a dump, to check if these are really going over TLS.

I have a Linux machine which i use for many other things. You get to use it for many things once you have it :)

My Google Drive backup works perfectly, do you need any help with it?

Welcome to OPNsense!
Indeed, proxy would be one idea. The other would be to use a custom DNS server and monitor queries.

I'm just pointing out clues that may also help you.
For example, there may be some tunables out there available for virtio drivers, as they influence OpenVPN as well.
Also, considering your test results, indeed, OpenVPN performance should be better, but only CPU-wise, as there is no real network traffic included in those benchmarks.

But rest assured, OpenVPN will be using AES-NI whatever the setting in the OPNsense GUI if this CPU instruction set is available.

It doesn't matter how many cores you have, as the OpenVPN server instance is single threaded, meaning it will always use one cpu core. This is true with any OpenVPN implementation. If you have a good single-core performance, it should be fast enough, if not, it won't.

You could also follow this thread for better OpenVPN performance, even though it was written for something else (IDPS):
https://forum.opnsense.org/index.php?topic=6590.0

Thanks, but I just needed to go to any store and buy a longer HDMI cable, which I did :)

Yes, but I could only imagine the impact if a WP plugin could also be made, published and advertised in their software repository:

"Protect your WP website with a hardware/software appliance - powered by OPNsense" or something.
Existing wp software "firewalls" could also extend their products to include live OPNsense blocking.

I think it would be cool.

Because the blocking has to be done dynamically, commanded by something (a wp plugin for example, or extension of an existing one etc). If the bruteforce is coming from an ip that isn't listed in any of those lists (usually the case of targeted attacks), something has to feedback the OPNsense box and temporarily slow down or completely block the attack.

While aliases can be used and a list could be maintained somewhere on some webserver, which OPNsense could constantly read, it's an added resource to maintain. It's much more simple to call an API and add the offending ip in a blacklist which a floating rule can later use. And that list could be maintained from the WebGUI.

I wanted to build something like that but never had the time to write it. The idea is creating an API endpoint which can be used to report bad IPs which then will be blocked (and maybe released after some time).

This would be simply awesome :)

So, I'm not the only one.
mimugmail, I've attached some dump file in the google drive, does that helps or you need something else?

Welcome back! Looking forward to your new theme and productive cooperation :)