Topics

1

German - Deutsch / Heise Artikel

« on: February 06, 2020, 11:27:06 pm »

Heise hat wieder mal nen Artikel über OPNsense veröffentlicht:

https://www.heise.de/newsticker/meldung/OPNsense-Firewall-20-1-mit-VXLAN-IPsec-public-key-und-kompletter-Doku-4654216.html

2

German - Deutsch / Admin Magazin

« on: February 15, 2019, 11:40:18 pm »

Habe gerade gesehen, dass ein Bericht über OPNsense geschrieben wurde:
https://www.admin-magazin.de/Das-Heft/2019/01/Freie-Firewall-OPNSense-administrieren
Sind drei Seiten.

3

German - Deutsch / BSI Bericht zur Telemetrie

« on: November 20, 2018, 07:58:59 pm »

Falls sich wer ersparen will, die Hostnamen für Telemetriedaten von Windows 10 heraus zu suchen, kann sich hier den Bericht vom BSI herunterladen:
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/SiSyPHus/Analyse_Telemetriekomponente.pdf?__blob=publicationFile&v=3

4

German - Deutsch / OPNsense Workshop

« on: October 06, 2018, 11:03:20 am »

Nächste Woche ist in Dornbirn (Bundesland Vorarlberg in Österreich) mein Workshop zu OPNsense. Wer sich noch nicht angemeldet hat, kann ggf. noch:
https://www.linuxday.at/die-opnsense-firewall-distribution

Ort: https://osm.org/go/0C283FHld--?m=

5

18.7 Legacy Series / Bug in 18.7.1: boot does not complete

« on: August 15, 2018, 01:48:09 pm »

The boot does never complete, instead the firewall log is written to the serial port of my APU1 board and control c allows to start a shell. The web interface is running fine and the system is already mostly configured.

6

Development and Code Review / executing build scripts

« on: August 11, 2018, 09:47:50 pm »

hi,
does a defined way exist to add build scripts to plugins as well as build dependencies?
for themes: sass -> css via sassc
general build of frontend heavy stuff: via webpack

7

18.7 Legacy Series / CFT: nginx plugin

« on: July 19, 2018, 09:54:57 pm »

Since Franco and I merged the branch, Franco created a new release (the release candidate 2) on which you can install a developer preview of the nginx plugin. The plugin should work but be careful with your locations. You must not enable security rules if you don't have rules. I am not sure if the patch for this issue is already out there for the nginx package. Also the error pages are still not perfectly designed. However the plugin itself should work.
Features:Proxy with WAF, TLS offloading and Authentication
Local Webserver (can currently serve static content)Webserver to serve the web interface (not enabled - can be done via command line by modifying some files).

Install:pkg install os-nginx-devel

8

Development and Code Review / nginx plugin

« on: June 10, 2018, 12:35:30 pm »

I work on a nginx plugin and made a developer preview (may still contain bugs):
Source: https://github.com/opnsense/plugins/pull/696

Package: pkg add https://files.fabian-franz.eu/os-nginx-devel-0.2.txz
Please do not use it for production systems because it may contain unknown bugs.

9

17.7 Legacy Series / Be careful with ClamAV

« on: January 26, 2018, 05:45:40 pm »

There are several vulnerabilities:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Heise (german) has an article about it: https://www.heise.de/security/meldung/Jetzt-patchen-Angriffe-auf-Viren-Scanner-ClamAV-3951801.html

10

Development and Code Review / PAC file support

« on: December 29, 2017, 01:07:46 pm »

If anyone wants to test that:

I made a patch to allow the proxy pages to generate a PAC file:
https://github.com/opnsense/core/pull/2018

PAC can be used for advanced proxy configuration and it might be deployed via WPAD.

11

General Discussion / Mailsploit

« on: December 05, 2017, 08:23:59 pm »

This page has some content for an attack against mail clients which hides the correct sender of the email:
https://www.mailsploit.com/index

I tried the example and it passed postfix / rspamd. Rspamd seems to detect that something is wrong (increase of score by 1.5 because of the encoding in the sender), but that is enough to block the mails. It would probably help in short term to increase this value but it could block legit mails.

If anyone is testing the mail gateway plugins, the mails will be probably not detected.

12

Development and Code Review / Mail Protection

« on: November 12, 2017, 10:53:38 am »

There is a collection of new plugins in development.
Michael Contributed a Postfix plugin which act as a mail proxy.
In this mail proxy, rspamd (plugin written by myself) can be integrated. Rspamd can use other plugins like clamav (already available) for anti malware and redis, which may be released soon too.

Kind regards

Fabian

13

17.7 Legacy Series / [CALL FOR TESTING] Tor

« on: September 19, 2017, 02:25:25 pm »

Just if anyone likes to test:

Log in via SSH, and run this in the shell:

Code: [Select]

pkg install os-tor-devel
Docs may be available soon (URL will probably be https://docs.opnsense.org/manual/how-tos/tor.html)

14

Development and Code Review / mdns-repeater

« on: September 02, 2017, 12:50:24 pm »

because this is very often requested:
a plugin may become available.

For some early adopters, a mostly working plugin is attached.

Not yet implemented: status indicator (the thing on the top right on the screen)

15

Documentation and Translation / Docs for c-icap + ClamAV released

« on: September 01, 2017, 09:29:00 am »

https://docs.opnsense.org/manual/how-tos/proxyicapantivirusinternal.html

Please note that the plugins are not yet available. They might be released with 17.7.2 or 17.7.3.