Messages

I've been attempting to determine why adverts are being served by the YouTube applications on my TV and fire tab. I attempted to block QUIK over UDP/443 after seeing a lot of it. The information in this post could be the reason why nothing I try seems to function with www.socialfollowersfree.com. You might try blocking all Google DNS servers through HTTP. My redirects have not been effective because it is impossible to divert this kind of traffic. Tiktok won't be able to get around geoblocking on your perimeter firewall and a solid NAC running on your network.

Blocking YouTube ads with firewalls like *sense/Sophos/Untangle/etc is impossible. If you want to 100% remove ads from YouTube videos on your SmartTV running the Android OS (or Android devices like the Shield, Fire tablet, etc.,) use this: https://smarttubenext.github.io/

For PCs, install the uBlock Origin browser plugin and on things like the iPad, use the 'Brave' web browser.

If you use SmartTubeNext, please consider donating to the guy and supporting his work.

Thanks for the reply!

I compare the various off-the-shelf routers by wifi quality, feature list, USB ports, how many LAN ports, how often is the firmware updated, 3rd party firmware support, RAM and CPU, and a few other categories. Price point.... when I'm buying a home router, anywhere from $100-$300+.

Every time I mess around with products like OPNSense, pfSense, etc.... I have a decommissioned server from work I install them onto. This thing is a beast. Dual Xeons (32 cores total I think), 512GB of RAM, RAID array.... it's a 1U blade server. With the BIOS adjustments I've made, and only having 3 of the SAS drives in use, power consumption hardly ever goes above 100W. Electricity isn't too expensive where I live so I don't sweat paying an extra dollar or 2 a month to have this thing running 24x7.

As for choking my 1 gig connection.... I pull a lot of stuff from Usenet and FTP servers. I absolutely utilize every bit of bandwidth from time to time and other people in the house notice it. I think we have less than 10 devices on wifi (video game consoles, a few phones, some smart TVs and an iPad).

Mainly, I'm just looking for articles that go into how secure consumer grade wifi routers are when compared against products like OPNSense and if I can configure OPNSense to make my server the last device on my network as far as traffic prioritization is concerned.

I have symetrical gigabit internet at my house and have dabbled with the following firewalls off and on over the last year or so: pfSense, OPNSense, Sophos and Untangle.

All had pros and cons but eventually, I end up going back to my little Asus AX86U router as I prefer a simple UI and easy maintenance. The only demands I have of my router are port forwarding Plex, OpenVPN integration and QoS (QoS on my Asus is kind of garbo, more on that later).

Because I can never leave things alone, and like to tinker and wreck my home network from time to time :) .... I'm gearing up, again, to give OPNSense another shot.

One of the things I -love- about these firewalls is the ability to do geo IP blocking! Every so often, the TrendMicro plugin on my Asus router blocks various attacks and that got me to thinking..... how good is the TrendMicro/Asus security vs the security/IPS detection in OPNSense? Since Asus routers are allllllllllll over the place, I'm sure they put decent effort into securing their firmware and have partnered up with Trend but I don't think I've ever seen an article that dug deep into how secure a router firmware is vs. something like OPNSense. Anyone have a link that goes into detail along those lines?

QoS. The last time I played with OPNSense, I didn't mess with the QoS stuff. Whenever my server is doing a big download, and maxing out my 1 gig connection, everyone in the house complains that web browsing is super slow. Since my server is doing the downloading, and sometimes serving up files via FTP and used for Plex..... is there a way to configure QoS in OPNSense that if my server is hogging up 100% of the connection, if ANY OTHER APP OR DEVICE on my network needs 10Mbps of speed or 800Mbps.... my server connection will be throttled down to accommodate that?

I looked at some of the QoS docs on the OPNSense site and got confused on things. If I remember correctly (which I might not)..... I think I could configure things like..... device X needs this much bandwidth and device Y gets higher/lower...... but I just want to put my server dead last and have anything and everything else get priority over any traffic my server PC is using.

I know this will sound silly but it's annoying to me and I'm wondering if OPNSense can help.

Sometimes I like to watch certain videos on YT as one-offs and don't want the algorithm feeding me more of the same so I'll open the app and won't sign into my account.

When I do that, on the main YouTube screen, there is a high probability they'll showcase a video from this girl called 'SSSniperwolf'. Just the sight of her makes me want to punch the screen. On my computer, I'm using a YouTube channel blocking app in my browser and no longer see her (THANK GOD!). But if I open the YT app (or SmartTubeNext) on my Android TV (and I'm not signed into my account), I almost always see her showcased on the screen.

So, is there a way to configure OPNSense to block -just her channel- and everything associated with it?

I followed this guide https://www.ntop.org/guides/ntopng/third_party_integrations/opnsense.html to install ntopng and after I was done, I do not see the "Once ntop is running, click here to open the web interface" link. Sure, I'm not using the enterprise version but would that matter?

In any case, trying to access the HTTP address: my_OPNsense_firewall_ip:3000 gets me a 'page can't be loaded' error.

Something I didn't mention in my OP but this is weird to me.

If I create a rule to block yahoo.com, yahoo is blocked.

If I disable the rule, my PC can reach yahoo.com.

If I re-enable the rule, my PC can STILL access yahoo.com.

With the rule now enabled, if I reboot my PC, yahoo is blocked...... until I disable the rule and the cycle repeats.

First off, I know practically nothing about advanced/next generation firewalls. I'm looking into taking advantage of the features they offer (geoIP blocking), more visibility into what the endpoints on my home network are up to and blocking sites from my children.

The first thing I'd like to master is blocking a single URL. In this example, it's yahoo.com. Try as I may, I can not get this working to save my life. Yes, I'll probably spend the $99/year and buy Zenarmor if it comes to that but can't this be done with plain OPNsense? Zenarmor makes this task look trivial but I don't think it can be done with the free version.

When I was testing Sophos, I was able to create a rule that blocked that domain within a minute or so by just poking around and guessing. I'm going on 2+ days with OPNsense and can't do it. I looked at this:

https://docs.opnsense.org/manual/how-tos/proxywebfilter.html

.....but that is just how to enable blacklists. I'm interested in blocking a single URL. I think what's hanging me up is I need to block DNS requests for that site, right?

TLDR: Is there a super simple, detailed guide/video that walks you through blocking a single URL?

Thanks

With a product like McAfee desktop firewall...... it has a 'learn mode'. When it's active, a client will automatically add whatever rules it needs to allow traffic to flow and those learned rules are easily accessible in a separate report and can then be harvested/examined and made permanent. Anything like that in OPNsense?

Well something weird happened..... after installing Sensei, the SmartTube app problem disappeared BUT........ I noticed something else.

The PC I'm using (we'll call it.... A) is plugged into an ASUS AX86U router (which is in AccessPoint mode) and a cable goes from that router into a switch. I have another PC (call it B) plugged plugged directly into that same switch.

Surfing from PC A is VERY SLOW compared to B and when trying to open the page to access the web GUI for the ASUS router from PC A, I sometimes get an error that the page can't be loaded. I wait a few seconds and it works. Also, browsing my SMB share from PC A is slow and will sometimes fail.

Tomorrow, I'm going to hard wire PC A into the switch, bypassing the router that's in AP mode.

Any ideas?

If somebody can help me with the following problems, I'd really appreciate it and will make a donation to the project!

I  have OPNsense 21.1.7_1-amd64 running on a Dell PowerEdge server. Clean install, updated it and added one NAT rule for Plex and so far so good!

Here's the problem:

I have an app on my Android TV (and Shield) called 'SmartTubeNext'. Since putting all my devices behind OPNsense, this app no longer works. It loads but doesn't display any thumbnails for YouTube videos.

Now, I could probably figure out what rule needs added but I'm having problems locating a place to go where I can see a log file that shows incoming traffic to the IP of the device I'm using. I looked at the log files in the firewall section but they don't show the destination IP of my internal device (192.168.x.x)....just the public IP as the destination.

Bonus question: I installed Sensei (layer 3) and with that, I can probably ditch my Pi-Hole for blocking ads, right?

Tipping my toes into the home firewall arena and looked at pfSense and OPNsense and decided to go with OPNsense.

I see the H470I has dual Intel NICs, will the NICs on this board work with OPNsense? I was going to get an Intel 340/350 but every card I look at on eBay seems counterfeit so I thought, heck with it.... just go with something modern.