Messages

631

19.7 Legacy Series / Re: Rate Limiting by IP?

« on: November 28, 2019, 01:54:52 am »

Thanks very much. I changed the items you pointed out. Now the question becomes one of how can I determine how my rules are working? Is the Status section on the Shaper the only tool?

632

19.7 Legacy Series / Re: Rate Limiting by IP?

« on: November 28, 2019, 12:41:48 am »

Ok I think I might have figured this out using the Shaper functionality. I setup a pipe for 100 meg, as shown in the first attachment. I then setup a rule for my IPs, that picks that pipe. The one question I have is that I set the interface in the rule to my WAN and set the destination to any, as shown in the second attachment. In my mind that tells OPNsense to shape the traffic coming from specific IPs, going in/out to the WAN, to 100 meg only.

Did I get this right??

633

19.7 Legacy Series / Rate Limiting by IP?

« on: November 28, 2019, 12:23:13 am »

Hello all,

Is there a way to rate limit IPs in OPNsense? I have three media streaming devices, each have a static IP set. I would like to limit their up/down to 100 meg. This gives my good QoS for all streaming functionality, while providing bandwidth for other tasks.

Thanks,
Steve

634

19.7 Legacy Series / Re: Port forwarding not working

« on: November 26, 2019, 12:24:30 am »

I am curious also....I cannot get a discrete port forward to work, yet UPNP works.

635

19.7 Legacy Series / Re: Speed Test

« on: November 21, 2019, 04:26:41 am »

It didn't work....

root@OPNsense:~ # pkg install speedtest-cli
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'speedtest-cli' have been found in the repositories

636

19.7 Legacy Series / Proxy Rulesets - What Are You Using?

« on: November 21, 2019, 04:08:39 am »

Beginning to look at the web proxy capability, specifically whitelists and blacklists. I am curious...what are the best sources for these that you are using?

637

19.7 Legacy Series / Firewall Rule for Caching Proxy

« on: November 19, 2019, 10:21:21 pm »

Could I use a floating rule to prevent proxy bypass for HTTP and HTTPS, instead of separate rules for each LAN segment I have?

638

19.7 Legacy Series / Re: Segregated Networking Not Working

« on: November 16, 2019, 05:16:06 pm »

Good practice: Have a dedicated service network to reach your routers GUI. Alternative: allow access from network with highest trustability, e.g. not from guest wifi...

Hmmm...interesting thought. I have an extra NIC on my router that is not being used. I am going to make that my trusted network. So now the question...how do I remove the anti-lockout rule on the LAN port, since it was automatically added. There is no delete button.

639

19.7 Legacy Series / Re: Segregated Networking Not Working

« on: November 15, 2019, 02:52:11 am »

Default for all new Interfaces is always emtpy Rules, LAN is only allowed since nobody would reach the internet  to search for a solution why Internet is not working

Yup I was missing the rules for the second network. One thing I am noticing is there is an anti-lockout rule for the LAN interface. Do I need an anti-lockout rule for the OPT network? If yes how does that get created, as it looks like it is auto generated on the LAN network.

640

19.7 Legacy Series / Re: Segregated Networking Not Working

« on: November 09, 2019, 02:57:08 pm »

Cool! 8-D

Do you have firewall rules for LAN and OPT1 blocking traffic between the nets? IPv4 only? Or IPv6 involved?

Ding ding ding...it seems the two default rules for LAN1 do not get populated when you create a new segment on another port. Hey OPNsense folks can that be done, so that when you use another port for a separate segment, and enable the segment, the two rules are auto created and activated?

641

19.7 Legacy Series / Segregated Networking Not Working

« on: November 08, 2019, 11:14:54 pm »

Ok I got a weird one. I use a Protectli 4 port device as my OPNsense firewall. I have setup the LAN port for 192.168.1.0/24 and the OPT port for 192.168.2.0/24. When I connect a device to the O)PT network, via DHCP it still is pulling a 192.168.1.x address. I have setup DHCP for the OPT network. Do I need to enable DHCP Relay?

642

Intrusion Detection and Prevention / Re: Suricata rule load errors: abuse.ch/URLhaus

« on: November 04, 2019, 10:48:43 pm »

Hi,

This should be reported upstream, i think.

Yup...I am getting the same thing!

643

19.7 Legacy Series / Re: Backup to Google Drive

« on: November 04, 2019, 10:03:20 pm »

Hello Steve,

I have it up and running and it's working without issues so far.

What are you having trouble with, is there a specific step that's causing issues of etc? I'll try to help if I can.

I seem to be getting stuck with the p12 key. Its not very clear.

644

19.7 Legacy Series / Backup to Google Drive

« on: November 03, 2019, 10:11:29 pm »

Hello all,

I have tried several times to configure the backup to Google Drive, but without success. Has someone got it done, and if yes could you help?

Steve

645

19.7 Legacy Series / Re: Gateway up/down email alerts

« on: November 03, 2019, 09:57:12 pm »

I am also interested in doing this.