Show Posts
1
Development and Code Review / No service Recovery out of the box = bad and dangerous (Problem/Solution)
« on: April 10, 2022, 03:56:04 pm »
I really tried to like OPNSense, but as a firewall it turned out to be an unreliable and dangerous out-of-the-box solution.
PROBLEM: The Suricata service stops constantly and leaves the internal network vulnerable.
This is because OPNSense doesn't seem to have service recovery enabled for important services by default and the Monit function just doesn't provide an easy solution, i.e. it requires the user to look up documentation and the documentation doesn't provide a clear and simple example how to reboot failed service.
SOLUTION: Microsoft did a very smart thing and enabled service recovery for important services out of the box on all of its operating systems. Also, Microsoft added a very easy to understand [Recovery] tab for each service. For example, "Microsoft Defender Antivirus Service" has maximum service recovery options enabled:
First Failure: Restart the Service
Second Failure: Restart the Service
Subsequent failures: Restart the Service
Reset fail count after: 1 days
Restart service after: 0 minutes
Please, add service recovery out of the box. For example: Services / Monit / Recovery
List all the services here, with pre-configured and basic recovery options to modify.
P.S.: A good system should try to counter the mistakes of others, that is, faulty services, and do everything possible to protect the user out-of-the-box.
PROBLEM: The Suricata service stops constantly and leaves the internal network vulnerable.
This is because OPNSense doesn't seem to have service recovery enabled for important services by default and the Monit function just doesn't provide an easy solution, i.e. it requires the user to look up documentation and the documentation doesn't provide a clear and simple example how to reboot failed service.
SOLUTION: Microsoft did a very smart thing and enabled service recovery for important services out of the box on all of its operating systems. Also, Microsoft added a very easy to understand [Recovery] tab for each service. For example, "Microsoft Defender Antivirus Service" has maximum service recovery options enabled:
First Failure: Restart the Service
Second Failure: Restart the Service
Subsequent failures: Restart the Service
Reset fail count after: 1 days
Restart service after: 0 minutes
Please, add service recovery out of the box. For example: Services / Monit / Recovery
List all the services here, with pre-configured and basic recovery options to modify.
P.S.: A good system should try to counter the mistakes of others, that is, faulty services, and do everything possible to protect the user out-of-the-box.