451
20.1 Legacy Series / Re: Geoip and Ntopng
« on: August 20, 2020, 10:05:28 pm »
Maybe silly question, my licence key goes in the script, right ?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
452
20.7 Legacy Series / Re: GeoIP 20.7 solution
« on: August 17, 2020, 05:49:21 pm »
According to my OPNsense, actually the default value is set to 1M and the issue still persists...
453
Intrusion Detection and Prevention / Re: Is Suricata running?
« on: August 17, 2020, 08:56:09 am »
Thanks, it's working: 
Code: [Select]
root@gateway:~ # service suricata status
suricata is running as pid 23173.
454
Intrusion Detection and Prevention / Is Suricata running?
« on: August 15, 2020, 08:28:01 pm »
Since I don't have any entries in the 'Alerts' tab, I was wondering which woud be the best way to check that Suricata is actually running ?
Tia.
Tia.
455
20.7 Legacy Series / Re: Post Upgrade 20.7 NTOPNG GeoIP Download Fails - Authentication Error
« on: August 15, 2020, 06:15:44 pm »
It's working for me, also after the upgrade to 20.7
But, my download link is slightly different than yours: https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=MyKEY&suffix=zip
But, my download link is slightly different than yours: https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=MyKEY&suffix=zip
456
20.7 Legacy Series / Re: Post Upgrade 20.7 NTOPNG GeoIP Download Fails - Authentication Error
« on: August 14, 2020, 09:53:58 pm »
This is from a post by marjohn56:
root@gateway:~ # cd /usr/local/opnsense/scripts/filter/lib
root@gateway:/usr/local/opnsense/scripts/filter/lib # python3
You will now be seeing the Python interpreter.
>>> from geoip import download_geolite
>>> download_geolite()
Wait a few seconds and if you have got the correct url and licence you should see something like this:
{'address_count': 433499, 'file_count': 499, 'timestamp': '2020-01-06T23:45:56', 'locations_filename': 'GeoLite2-Country-Locations-en.csv', 'address_sources': {'IPv4': 'GeoLite2-Country-Blocks-IPv4.csv', 'IPv6': 'GeoLite2-Country-Blocks-IPv6.csv'}}
Hit Ctrl-d to exit the Python interpreter.
root@gateway:~ # cd /usr/local/opnsense/scripts/filter/lib
root@gateway:/usr/local/opnsense/scripts/filter/lib # python3
You will now be seeing the Python interpreter.
>>> from geoip import download_geolite
>>> download_geolite()
Wait a few seconds and if you have got the correct url and licence you should see something like this:
{'address_count': 433499, 'file_count': 499, 'timestamp': '2020-01-06T23:45:56', 'locations_filename': 'GeoLite2-Country-Locations-en.csv', 'address_sources': {'IPv4': 'GeoLite2-Country-Blocks-IPv4.csv', 'IPv6': 'GeoLite2-Country-Blocks-IPv6.csv'}}
Hit Ctrl-d to exit the Python interpreter.
457
20.7 Legacy Series / Re: ntpd: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
« on: August 12, 2020, 05:40:26 pm »
Exactly same issue here...
458
Hardware and Performance / Re: OPNsense Hardware Recommendations
« on: August 05, 2020, 01:02:06 pm »
Have also a look at https://www.deciso.com/ and https://www.thomas-krenn.com/en/index.html
459
Intrusion Detection and Prevention / Re: FireHOL Block List ( Botnets, Attacks, Malware....)
« on: August 04, 2020, 05:25:17 pm »
Indeed, they are not updated on a daily basis, BUT my issue is that my OPNsense seems to update the DROP list and seems to ignore the EDROP list, why is that ??
460
Intrusion Detection and Prevention / Re: FireHOL Block List ( Botnets, Attacks, Malware....)
« on: August 04, 2020, 12:02:39 pm »
I've found out that I have an issue with the update of Spamhaus EDROP: I've set up two aliases (see picture) DROP and EDROP which are identical apart from the link (of course), and when I check the log (also attached) I can see that while DROP is updated once a day, EDROP is not and I can't figure out what I'm doing wrong for the life of me...
Tia.
Tia.
461
20.7 Legacy Series / Re: Suricata - Engine?
« on: August 04, 2020, 10:27:13 am »
I'm actually running Hyperscan with my AMD GX-412TC and it works, so far so good...
462
Intrusion Detection and Prevention / Re: Error reconfiguring IDS: Error (1) / Hyperscan: Error installing ids rules (1)
« on: August 04, 2020, 10:25:24 am »
I'm actually using Hyperscan with my AMD GX-412TC and it works, no errors so far...
463
20.7 Legacy Series / Re: What happen to os-unbound-plus?
« on: August 04, 2020, 12:14:59 am »OK, so in that case how to remove that plugin from the list?https://forum.opnsense.org/index.php?topic=18398.msg83649#msg83649
It's there and it's red.
464
20.7 Legacy Series / Re: After Update to 2.7 no ntp update sync, also some traffic graphs are broken
« on: August 04, 2020, 12:12:18 am »
I also see something strange in my log
465
20.7 Legacy Series / Re: Unbound log doesn't update after upgrade to 20.7
« on: August 03, 2020, 03:16:40 pm »
Done, restarted once again OPN but no luck... I feel I will have to install 20.7 from scratch... 