Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - fabian

#1
German - Deutsch / Heise Artikel
February 06, 2020, 11:27:06 PM
#2
German - Deutsch / Admin Magazin
February 15, 2019, 11:40:18 PM
Habe gerade gesehen, dass ein Bericht über OPNsense geschrieben wurde:
https://www.admin-magazin.de/Das-Heft/2019/01/Freie-Firewall-OPNSense-administrieren
Sind drei Seiten.
#3
German - Deutsch / BSI Bericht zur Telemetrie
November 20, 2018, 07:58:59 PM
Falls sich wer ersparen will, die Hostnamen für Telemetriedaten von Windows 10 heraus zu suchen, kann sich hier den Bericht vom BSI herunterladen:
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/SiSyPHus/Analyse_Telemetriekomponente.pdf?__blob=publicationFile&v=3
#4
German - Deutsch / OPNsense Workshop
October 06, 2018, 11:03:20 AM
Nächste Woche ist in Dornbirn (Bundesland Vorarlberg in Österreich) mein Workshop zu OPNsense. Wer sich noch nicht angemeldet hat, kann ggf. noch:
https://www.linuxday.at/die-opnsense-firewall-distribution

Ort: https://osm.org/go/0C283FHld--?m=
#5
The boot does never complete, instead the firewall log is written to the serial port of my APU1 board and control c allows to start a shell. The web interface is running fine and the system is already mostly configured.
#6
Development and Code Review / executing build scripts
August 11, 2018, 09:47:50 PM
hi,
does a defined way exist to add build scripts to plugins as well as build dependencies?
for themes: sass -> css via sassc
general build of frontend heavy stuff: via webpack
#7
18.7 Legacy Series / CFT: nginx plugin
July 19, 2018, 09:54:57 PM
Since Franco and I merged the branch, Franco created a new release (the release candidate 2) on which you can install a developer preview of the nginx plugin. The plugin should work but be careful with your locations. You must not enable security rules if you don't have rules. I am not sure if the patch for this issue is already out there for the nginx package. Also the error pages are still not perfectly designed. However the plugin itself should work.
Features:Proxy with WAF, TLS offloading and Authentication
Local Webserver (can currently serve static content)Webserver to serve the web interface (not enabled - can be done via command line by modifying some files).

Install:pkg install os-nginx-devel

#8
Development and Code Review / nginx plugin
June 10, 2018, 12:35:30 PM
I work on a nginx plugin and made a developer preview (may still contain bugs):
Source: https://github.com/opnsense/plugins/pull/696

Package: pkg add https://files.fabian-franz.eu/os-nginx-devel-0.2.txz
Please do not use it for production systems because it may contain unknown bugs.
#10
Development and Code Review / PAC file support
December 29, 2017, 01:07:46 PM
If anyone wants to test that:

I made a patch to allow the proxy pages to generate a PAC file:
https://github.com/opnsense/core/pull/2018

PAC can be used for advanced proxy configuration and it might be deployed via WPAD.
#11
General Discussion / Mailsploit
December 05, 2017, 08:23:59 PM
This page has some content for an attack against mail clients which hides the correct sender of the email:
https://www.mailsploit.com/index

I tried the example and it passed postfix / rspamd. Rspamd seems to detect that something is wrong (increase of score by 1.5 because of the encoding in the sender), but that is enough to block the mails. It would probably help in short term to increase this value but it could block legit mails.

If anyone is testing the mail gateway plugins, the mails will be probably not detected.


#12
Development and Code Review / Mail Protection
November 12, 2017, 10:53:38 AM
There is a collection of new plugins in development.
Michael Contributed a Postfix plugin which act as a mail proxy.
In this mail proxy, rspamd (plugin written by myself) can be integrated. Rspamd can use other plugins like clamav (already available) for anti malware and redis, which may be released soon too.

Kind regards

Fabian

#13
17.7 Legacy Series / [CALL FOR TESTING] Tor
September 19, 2017, 02:25:25 PM
Just if anyone likes to test:

Log in via SSH, and run this in the shell:

pkg install os-tor-devel

Docs may be available soon (URL will probably be https://docs.opnsense.org/manual/how-tos/tor.html)
#14
Development and Code Review / mdns-repeater
September 02, 2017, 12:50:24 PM
because this is very often requested:
a plugin may become available.

For some early adopters, a mostly working plugin is attached.

Not yet implemented: status indicator (the thing on the top right on the screen)
#15
https://docs.opnsense.org/manual/how-tos/proxyicapantivirusinternal.html

Please note that the plugins are not yet available. They might be released with 17.7.2 or 17.7.3.

#17
Hi all,

Suricata 4.0 is out and I asked Franco to build it for 17.7. It will not be included in the stable version but it can be installed via the shell by running the following command:

pkg install https://pkg.opnsense.org/snapshots/suricata-4.0.0.txz

In a short test it still works without changing the GUI. Note: If you are having Suricata running, you will have to to restart it after installation. You can do that in the GUI.
#18
17.1 Legacy Series / CVE-2017-8301
May 05, 2017, 07:38:32 PM
Just if anyone is questioning this:

OPNsense is not affected as CVE-2017-8301 affects 2.5.1 to 2.5.3 and OPNsense uses a 2.4.x version of LibreSSL.

http://seclists.org/oss-sec/2017/q2/145

Please be careful with your other servers out there.

Kind regards

Fabian
#20
Es können noch Rechtschreibfehler vorhanden sein, und manche Plugins und 17.7 Änderungen noch nicht vorhanden sein.