Messages

Hi Vilhonator.

I had found the logs about cron, those are on Unbound dns logs, whitelist clear as watter. Correct, looks like we don't have an option to exclude IPs from te BL stuff.

Thanks for your help.

Hi.

I have this questions related to blacklist feature:

1) If I detect a false positive, and whitelist that domain on the GUI, do I need to run a command or restart the service to apply my new whitelist?
2) If we enable cron to update the list(s), do we have a report/statusabout if the update(s) where a good or not?
3) Exist a why to override the blacklist for a specific IPs on my LAN, lest say I don't want the service to apply the blacklist for X lan IP?

Thanks.

Actualizate a la ultima 24.7_x, ya trae varios parches.

   Quien es el dns y gw en tus clientes?

Si es opnsense, en los equipos las pruebas de resolucion de nombres, funcionan?

Si pingeas destinos publicos como 8.8.8.8, 1.1.1.1, etc, responden?

Que pruebas has hecho?

Ya limpiastes el cache dns de tus clientes?

Saludos.

Sube un diagrama con los detalles de tu red, creo sera mas facil entender y poder aportarte algo a la posible solucion, siento que hay datos que no vemos en tu descripcion.

Saludos.

 I had seen how, thanks master.

I reply my self, is possible and log rotation is enable.
Thanks.

come on, I'm a old dog, but yea, new words to learn.

But it works, with opnsense we have to type like a good Unix sysadmin, love it, this give power but, with care.

Good day.

You need to create your customs acls, you will to know how to edit files on shell.

Check this post, you must read about squid acls rules if are not familia with or you will cry.

https://forum.opnsense.org/index.php?topic=16171.0

Hello.

Have some this questions:

  Can we setup custom acl's?
   group1 block or allow this destinies
   group2 block or allow this destinies

   Have an option for log rotation?

   Does we have a report usage?

   Thanks all.

Hello.

  For squid MITM we need CA Auth, I create one and see 2 files to downoad [crt,key].pem, which one I need to download and install on my browsers?

  Last thing, a lot of manuals show the option to download .crt key, but in my case I don't see that option, is gone or is a bug?

  Running OPNsense 24.7.4_1-amd64
 
 

Deberias cambiar el subject, nada que ver con tu situacion, saludos.

Hello.

For the Reflection and Hairpin NAT setup, the dns that handle the domain name is external, do we need to setup a PTR ?

I have a web server behind opnsense LAN, I setup NAT reflection base on the doc from opnsense, but don't seen to work, if I setup a dyndns for the  hostname, works but if I Use the current domain name hosted on a X provider doesn't work, what I see is that the PTR doesn't work.

This is why my question, any input will be appreciated, regards.

NOTE: Running 24.1_10.

Les dejo este video tutorial de maneja de vlans en opnsense, espero les sea de utilidad, saludos.

https://youtu.be/DqJ6Td61Uec

oooo puede ser un bug en el modulo que grafica y este marcando un pico de consumo alto, cuando no lo hay...?
saludos.

Que nombres le coloca a el resto de las interfaces?

Por que a lo mejor asi vienen configuradas a nivel del diseño electronico, has investigado mas a fondo?

500mb a nivel lan o WAN?

A nivel LAN ejecutales pruebas con iperf para que te des una idea sobre el maximo que puedan darte inicia con la LAN pero asegurate tengas un buen CPU y disco SSD si puedes a veces esto limita a iperf y nos reporta velocidades bajas, saludos.