Recent posts

#1

Q-Feeds (Threat intelligence) / Re: Traffic from unassigned su...

Last post by Q-Feeds - Today at 12:38:48 AM

No not all in particular.

#2

25.7, 25.10 Series / Re: os-OPNWAF / Exchange 2019 ...

Last post by humnab - Today at 12:30:11 AM

Hello,

sure, I did it as described in https://docs.opnsense.org/vendor/deciso/opnwaf.html#exchange-server
I set up the mail and the autodiscover virtual server as described and I also played with the authentication settings in the exchange virtual directories, no change. The same exchnage server works with the Caddy Plugin and the Sophos UTM WAF, any ideas?

#3

General Discussion / Re: Micron exits consumer mark...

Last post by OPNenthu - December 05, 2025, 10:56:04 PM

Say it louder, please.  Some CEOs are acting deaf.

#4

Hardware and Performance / Re: Suggestion for Bufferbloat...

Last post by Kets_One - December 05, 2025, 10:34:31 PM

What ive always wondered is what MTU to set the Quantum to, since i have three different interfaces which have different MTU settings:
Physical WAN: 1512
VLAN WAN: 1508
PPPOE WAN: 1500

Documentation doesnt appear to show this case.

#5

General Discussion / Re: TUI for viewing and analys...

Last post by allddd - December 05, 2025, 10:24:05 PM

And the filter expression can be modified.

I finally replaced my input field implementation with the one provided by the TUI library I use, it now supports all standard key bindings. Tbh, I should've done that from the beginning...

The filtering is remarkable fast.

Should be even faster now with v0.4.0. I've optimized both the filter and streamer code and removed some redundant stuff left over from when I first started writing this.

The filter file from yesterday has around 102'000 entries.

Shouldn't be an issue. I'm mainly testing on a few busy OPNsense instances I run, where even on quiet days, the filter log has a few million entries.

It takes around 7 seconds to start up with the filter file and filtering for 'ip 4' which results in 87'000 items is instant, execellent.

Edit: it takes around 7 seconds if started from the VM console. Running it from a SSH session, it only takes about 1.5 to 3 seconds to start.

Yeah it's not bad, but I'm still trying to figure out how to make it better. Right now, the loading screen remains visible until the file is indexed because some functions (e.g. filtering) don't work without the index.

One way to improve it could be to skip the loading screen and go straight to the TUI, with indexing happening in the background. The advantage of this would be that the TUI opens instantly, and while some features might not be available right away, most users probably wouldn't even notice this since indexing is quick.

Another option, at least in theory, would be to skip building the index altogether and just process everything on the fly. We could cache the lines we've already interacted with to avoid doing the same thing over and over again. However, I'm not sure how well this would perform on low spec devices.

#6

Q-Feeds (Threat intelligence) / Re: Traffic from unassigned su...

Last post by Kets_One - December 05, 2025, 10:22:39 PM

Hi, thanks for the information. Does that mean that all TOR nodes (exists and relays) are on the list?

BTW: it appears that one of my wifi repeaters is the culprit that is trying to contact these NTP servers.
Why it would try to do that is beyond me, i have a fixed NTP server set for the whole network.
To prevent this i have added a specific port-forwarding rule which should forward this traffic to a server of my liking ;)

#7

General Discussion / Re: Micron exits consumer mark...

Last post by franco - December 05, 2025, 10:18:22 PM

When the bubble bursts we will have all the cheap enterprise grade RAM we need. "Yay".  ;)


Cheers,
Franco

#8

Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feed...

Last post by Q-Feeds - December 05, 2025, 09:41:32 PM

Unfortunately, I had to give up on this plugin. In my case, too many resources that were critical to me were blacklisted by Q-Feeds. Otherwise, it worked quite stably. Good luck with developing the service.

That's unfortunate to hear! Sorry it didn't work out for you. We'd really appreciate it if you could share which false positives you ran into, it helps us improve the service for everyone.

#9

German - Deutsch / Re: Probleme bei der Installat...

Last post by juergen2025 - December 05, 2025, 09:23:30 PM

Es wurde auf UFS installiert.
Zur M.2-SSD: Sie ist nagelneu, und die SMART-Werte sind alle unauffällig.
Die Logs kann ich leider nicht mehr auswerten, da ich die SSD inzwischen formatiert habe.

Ich starte demnächst einen neuen Versuch mit der OPNsense-Installation – diesmal werde ich allerdings ZFS als Dateisystem verwenden, um auszuschließen, dass UFS hier eine Rolle spielt.

#10

25.7, 25.10 Series / Re: Unbound DNS resolution sto...

Last post by tangofan - December 05, 2025, 09:20:25 PM

Happened again yesterday.

Only a restart of Unbound DNS would resolve the issue.

Yes  I had the same issue also a few days ago. All the sudden DNS resolution didn't work anymore, but a restart of Unbound within OPNsense got everything back to working again.

Looks like there is some fringe condition that causes Unbound to go into a freeze. I'm wondering how to debug this, when it happens again, so someone can find the root cause of this.