"
The Kalea one on Amazon seems cheaper:
[Wrong link, see below]
[Wrong link, see below]
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#92
Hardware and Performance / Re: Thunderbolt 3 Ethernet Adapters
May 22, 2022, 06:05:00 PMQuote from: johndchch on May 21, 2022, 03:55:46 AMDo you have examples? I looked for m..2 NICs some time ago out of interest, and could hardly find ones, especially with an Intel chipset.
You would be better off looking at a m.2 format NIC to go either in the wifi slot (2230) or the 2nd storage slot (2280) - you can get proper intel chipset NICs in that format which are well supported
The only one I remember is on Amazon: "Kalea Informatique Controllerkarte Mini PCI Express (MiniPCIE) – 1 Port LAN Gigabit Ethernet – Chipsatz Intel 82574"
#93
22.1 Legacy Series / Re: Crowdsec
May 13, 2022, 10:38:30 AMQuote from: RamSense on May 12, 2022, 05:58:34 PMSomewhat similar here - I re-installed from CLI and updated (via GUI). pulled 1.3.3. working fine now on os-0.1.
I did pkg upgrade xxxx for all the 3 files and that got it working again.
Now did a
Code Select
pkg remove os-crowdsec
pkg install os-crowdsec-develand crowdsec seems to be up and running. System->Firmware->Plugins now also reports 0.2 and shows notes for the plugin.
#94
Hardware and Performance / Re: Power consumption reduction with Cstates?
May 12, 2022, 10:07:39 PM
There is also sysctl hw.acpi.cpu.cx_lowest
Have you tried if
has any effect on your system (the command as such works)?
Have you tried if
Code Select
sysctl hw.acpi.cpu.cx_lowest=c3has any effect on your system (the command as such works)?
#95
General Discussion / Re: CrowdSec
May 05, 2022, 09:39:59 PMQuote from: cookiemonster on May 01, 2022, 12:21:47 AMConfirmed that they get populated automatically after some time (2h sounds about right).Quote from: hushcoden on April 30, 2022, 08:59:39 PMIt looks like they get pulled every two hours by default according to the "Alerts" tab on the plugin UI. I don't remember if they got populated immediately at installation time though. I'd give it a little time, like two hours max or check the docs.
Sorry if I'm missing something obvious, but I just installed it and the two aliases crowdsec_blacklists and crowdsec6_blacklists are empty ?
I thought they'd contain the URLs where they'd take the bad IPs from ?
#96
Intrusion Detection and Prevention / Re: External Block Lists - Firehol
April 28, 2022, 06:53:41 PM
Can't recommend firehol - it often blocs GitHub addresses (false positives).
#97
Intrusion Detection and Prevention / Re: Energy Efficiency Tunable
April 28, 2022, 06:50:05 PM
You need to pick the right tunable. It depends on the driver used by your NIC
#98
Intrusion Detection and Prevention / Re: How to block ET CINS Active Threat Intelligence Poor Reputation?
April 28, 2022, 06:49:21 PM
For blocking all traffic to certain IPs, use IP Blocklists, not suricata - much faster.
1. Define a URL table alias with your IP source
2. Employ a firewall rule(s) to block all traffic from/to that alias.
1. Define a URL table alias with your IP source
2. Employ a firewall rule(s) to block all traffic from/to that alias.
#99
Hardware and Performance / Re: Power consumption reduction with powerd++
April 22, 2022, 05:07:14 PM
I get a different error on OPNsense 22.1.6 (Intel i5250u / Qotom Q355G4):
PID 22 is, of course, the regular powerd:
So ... as per https://opensourcelibs.com/lib/powerdxx, I'll change over to powerdxx:
Stopping powerdxx and running it in foreground verbose mode confirms it works:
However, it does not seem to enable the turbo mode (when setting max MHz to 2700):
Perhaps a hardware CPU temperature protection kicks in?
Code Select
Starting powerdxx.
powerd++: (ECONFLICT) a power daemon is already running under PID: 22
/usr/local/etc/rc.d/powerdxx: WARNING: failed to start powerdxxPID 22 is, of course, the regular powerd:
Code Select
22 root 20 0 12M 2240K select 0 0:46 0.00% /usr/sbin/powerd -b adp -a adp -n adpSo ... as per https://opensourcelibs.com/lib/powerdxx, I'll change over to powerdxx:
Code Select
root@OPNsense:/tmp # service powerdxx onestart
Starting powerdxx.
powerd++: (ECONFLICT) a power daemon is already running under PID: 22
/usr/local/etc/rc.d/powerdxx: WARNING: failed to start powerdxx
root@OPNsense:/tmp # service powerd stop
Stopping powerd.
Waiting for PIDS: 22.
root@OPNsense:/tmp # service powerd disable
Cannot 'disable' powerd. Set powerd_enable to YES in /etc/rc.conf or use 'onedisable' instead of 'disable'.
root@OPNsense:/tmp # service powerd onedisable
powerd disabled in /etc/rc.conf
root@OPNsense:/tmp # service powerdxx enable
powerdxx enabled in /etc/rc.conf
root@OPNsense:/tmp # service powerdxx start
Starting powerdxx.Stopping powerdxx and running it in foreground verbose mode confirms it works:
Code Select
root@OPNsense:/tmp # powerd++ -vf -a adp -n adp -n 75% -M 1600
powerd++: cannot read hw.acpi.acline
Terminal Output
verbose: yes
foreground: yes
Load Sampling
load samples: 4
polling interval: 500 ms
load average over: 2000 ms
Frequency Limits
battery: [500 MHz, 1600 MHz]
online: [500 MHz, 1600 MHz]
unknown: [500 MHz, 1600 MHz]
CPU Cores
CPU cores: 2
Core Groups
0: [0, 0]
1: [1, 1]
Core Group Frequency Limits
0: [500 MHz, 1601 MHz]
1: [500 MHz, 1601 MHz]
Load Targets
battery power target: 50 % load
online power target: 50 % load
unknown power target: 75 % load
Temperature Throttling
active: yes
source: dev.cpu.%d.temperature
0: [95 C, 105 C]
1: [95 C, 105 C]
power: unknown, load: 912 MHz, 54 C, cpu.0.freq: 1601 MHz, wanted: 1216 MHz
power: unknown, load: 900 MHz, 54 C, cpu.1.freq: 1601 MHz, wanted: 1200 MHz
power: unknown, load: 617 MHz, 54 C, cpu.0.freq: 1200 MHz, wanted: 822 MHz
power: unknown, load: 605 MHz, 53 C, cpu.1.freq: 1200 MHz, wanted: 806 MHz
power: unknown, load: 327 MHz, 54 C, cpu.0.freq: 800 MHz, wanted: 436 MHz
power: unknown, load: 308 MHz, 53 C, cpu.1.freq: 800 MHz, wanted: 410 MHz
power: unknown, load: 27 MHz, 54 C, cpu.0.freq: 500 MHz, wanted: 36 MHzHowever, it does not seem to enable the turbo mode (when setting max MHz to 2700):
Code Select
power: unknown, load: 1002 MHz, 69 C, cpu.0.freq: 1200 MHz, wanted: 1336 MHz
power: unknown, load: 993 MHz, 68 C, cpu.1.freq: 1200 MHz, wanted: 1324 MHz
power: unknown, load: 1093 MHz, 70 C, cpu.0.freq: 1300 MHz, wanted: 1457 MHz
power: unknown, load: 1075 MHz, 68 C, cpu.1.freq: 1300 MHz, wanted: 1433 MHz
power: unknown, load: 1159 MHz, 71 C, cpu.0.freq: 1400 MHz, wanted: 1545 MHz
power: unknown, load: 1117 MHz, 68 C, cpu.1.freq: 1400 MHz, wanted: 1489 MHz
power: unknown, load: 1110 MHz, 70 C, cpu.0.freq: 1500 MHz, wanted: 1480 MHz
power: unknown, load: 1045 MHz, 67 C, cpu.1.freq: 1500 MHz, wanted: 1393 MHz
power: unknown, load: 1095 MHz, 69 C, cpu.0.freq: 1400 MHz, wanted: 1460 MHzPerhaps a hardware CPU temperature protection kicks in?
#100
22.1 Legacy Series / Re: ACME automation to upload certificates via SFTP fails on setting file permission
April 22, 2022, 05:01:05 PM
I think fsetstat etc. are functions of the SFTP server, not independent Linux commands. So you need to look at Proxmox' SFTP implementation I think.
See e.g. https://community.atlassian.com/t5/Bitbucket-questions/Couldn-t-fsetstat-permission-denied-errors-with-sftp-deploy/qaq-p/1108832 or https://stackoverflow.com/questions/8675373/using-perl-sftp-i-keep-getting-an-fsetstat-error-when-i-put-a-file https://serverfault.com/questions/821760/denying-timestamp-modification-on-sftp-server (for modifying a linux SFTP server) or ...
Alternatively, the OPNsense / ACME SFTP script might need to be modified, see e.g. https://stackoverflow.com/questions/62170626/workaround-for-unsupported-setstat-request-on-sftp-server-with-sshj
BTW, I came across similar issues with uploading the certificates to my ESXi server -- connection works but copying the files over fails unfortunately :-(
And you should work on your google-foo :-)
See e.g. https://community.atlassian.com/t5/Bitbucket-questions/Couldn-t-fsetstat-permission-denied-errors-with-sftp-deploy/qaq-p/1108832 or https://stackoverflow.com/questions/8675373/using-perl-sftp-i-keep-getting-an-fsetstat-error-when-i-put-a-file https://serverfault.com/questions/821760/denying-timestamp-modification-on-sftp-server (for modifying a linux SFTP server) or ...
Alternatively, the OPNsense / ACME SFTP script might need to be modified, see e.g. https://stackoverflow.com/questions/62170626/workaround-for-unsupported-setstat-request-on-sftp-server-with-sshj
BTW, I came across similar issues with uploading the certificates to my ESXi server -- connection works but copying the files over fails unfortunately :-(
And you should work on your google-foo :-)
#101
Intrusion Detection and Prevention / Re: Error when the script send_telemetry.py run
March 10, 2022, 11:00:43 AM
Bumping this - same issue here.
Also, suricata still throws alerts for ET_info although I removed (disabled) that ruleset ..
Also, suricata still throws alerts for ET_info although I removed (disabled) that ruleset ..
#102
22.1 Legacy Series / Re: Track historical usage per user
March 09, 2022, 09:10:15 AM
Ntopng should be able to meet OP's requirements?
#103
Intrusion Detection and Prevention / Re: [SOLVED] So I enabled Suricata - what now?
March 03, 2022, 12:52:39 PM
In the meantime, you can also have suricataog events as JSON and alert yourself per email through monit (monitoring the JSON file). There is documentation floating around. I could also dig up the config later tonight if needed.
#104
21.1 Legacy Series / Re: Let's Encrypt: Automation: SCP fails
January 23, 2022, 10:26:10 PM
Unfortunately, no - would be great to get this to work somehow!
#105
21.7 Legacy Series / Re: chrony NTS issues
January 04, 2022, 10:43:09 AM
This has been fixed in 22.1: https://github.com/opnsense/core/issues/5396
