"Recent posts
#1
26.1, 26,4 Series / Re: NTP server showing "Not Co...
Last post by pfry - Today at 01:06:10 AMThe only things I can think of would be stratum (too high) or auth... but those aren't enumerated as a status. "Not Considered" does not appear in the NTP source. I assume it's a text representation of an ntpq peer status. So... what symbol ("Select Field" code from the URL) appears on the left edge of "ntpq -p"?
#2
26.1, 26,4 Series / Re: Thin disk / ZFS / Unmap?
Last post by nero355 - Today at 12:36:39 AMQuote from: ThyOnlySandman on April 22, 2026, 08:56:14 PMI don't see ZFS compatible with thin disk...To be honest I think it will never be compatible in the future because ZFS "formats the storage and writes data at the same time" so to speak when new data is written.
But I could be wrong ofcourse! :)
Quote from: Patrick M. Hausen on Today at 12:06:06 AM"50 G is plenty for a firewall and 50 G is nothing, so just use thick provisioning"OK, but OPNsense recommends 120 GB so let's do that then :)
#3
General Discussion / Re: Has the OPNsense team appl...
Last post by nero355 - Today at 12:28:50 AMQuote from: JamesFrisch on April 22, 2026, 10:12:39 PMBUT, the Firefox version 150 with 270 bug fixes makes me second-guess.I am not really surprised considering that Mozilla is ruining Firefox for many years now and has gone waaaaay outside it's primary goal to be a compact light fast browser without all sorts of crap integrated into it...
#SpaghettiCodeStrikesAgain!
#4
General Discussion / Re: help with unbound reportin...
Last post by nero355 - Today at 12:24:28 AMQuote from: OPNenthu on April 22, 2026, 07:02:26 PMWhat uses .NET?I was talking about this :
Quote from: starfox101 on April 22, 2026, 03:45:10 PMWas trying out Technitium DNS Server.It would never be my choice unless I am running some sort of Windows based Server but even there .NET can be a mess sometimes...
#5
26.1, 26,4 Series / Re: Thin disk / ZFS / Unmap?
Last post by Patrick M. Hausen - Today at 12:06:06 AMSingle user would of course be safest. Since you need to shutdown for the thin copy, anyway ...
Sorry. I've come to "50 G is plenty for a firewall and 50 G is nothing, so just use thick" conclusion.
Sorry. I've come to "50 G is plenty for a firewall and 50 G is nothing, so just use thick" conclusion.
#6
General Discussion / Re: Has the OPNsense team appl...
Last post by Marcel_75 - April 22, 2026, 11:56:44 PMHopefully not only the Linux Foundation but also the FreeBSD community and OPNsense team will gain access to this tool.
Yes, there are scams around and AI & Cyber Security are kind of buzzwords, but please read carefully:
https://red.anthropic.com/2026/mythos-preview/
I'm not a developer nor security expert, but I think this is something the BSD developers and OPNsense team shouldn't ignore ...
Yes, there are scams around and AI & Cyber Security are kind of buzzwords, but please read carefully:
https://red.anthropic.com/2026/mythos-preview/
I'm not a developer nor security expert, but I think this is something the BSD developers and OPNsense team shouldn't ignore ...
#7
Web Proxy Filtering and Caching / Re: Caddy redirect custom URL ...
Last post by viragomann - April 22, 2026, 11:40:11 PMDid you try to set the host header to "domainnamede.sharepoint.com" in reverse-proxy mode?
Not sure if Caddy does this automatically now.
Not sure if Caddy does this automatically now.
#8
Q-Feeds (Threat intelligence) / Upcoming major updates sneak-p...
Last post by Q-Feeds - April 22, 2026, 11:34:54 PMWe're working on some major improvements for the TIP and the Q-Feeds OPNsense integration and wanted to share an early preview with the community.
Phase 1 – IOC browser, context, risk scoring & MITRE ATT&CK mapping (Almost done)
We're upgrading the Threat Intelligence Portal so users can investigate our full IOC database, not just the indicators currently pushed through feeds.
This means visibility into:
Example screenshots:
IOC browser
IOC detail
Phase 2 – More granular feed control (in progress)
We're also building more granular generation/filtering for feeds.
Examples:
The feeds as-is will remain available as well.
Phase 3 – Improved OPNsense plugin
Once the backend changes are finished, we'll update the OPNsense plugin to support these improvements while keeping configuration simple.
The goal is still the same: easy threat intelligence integration without complexity.
Features and timelines may still change, but we'd love feedback from the OPNsense community. Especially on what filtering options or plugin improvements would be most valuable for you.
Phase 1 – IOC browser, context, risk scoring & MITRE ATT&CK mapping (Almost done)
We're upgrading the Threat Intelligence Portal so users can investigate our full IOC database, not just the indicators currently pushed through feeds.
This means visibility into:
- IOC history
- enrichment data and relationships
- risk scoring
- MITRE ATT&CK mapping
- indicators that may not be included in active blocklists (for example due to low confidence/risk score)
- and more!
- This should make investigation and validation much easier instead of only consuming blocklists blindly.
Example screenshots:
IOC browser
IOC detail
Phase 2 – More granular feed control (in progress)
We're also building more granular generation/filtering for feeds.
Examples:
- only Command & Control related IOCs
- exclude TOR-related indicators
- focus only on specific malware behavior or even MITRE mappings
The feeds as-is will remain available as well.
Phase 3 – Improved OPNsense plugin
Once the backend changes are finished, we'll update the OPNsense plugin to support these improvements while keeping configuration simple.
The goal is still the same: easy threat intelligence integration without complexity.
Features and timelines may still change, but we'd love feedback from the OPNsense community. Especially on what filtering options or plugin improvements would be most valuable for you.
#9
26.1, 26,4 Series / Re: Monit and STARTTLS Issue
Last post by viragomann - April 22, 2026, 11:34:32 PMI guess, "Mail Server SSL Connection" doesn't do STARTTLS, it rather just let Monit connect via SSL (usually port 465).
So maybe Monit connects successfully if you remove this check.
Or you can try port 465. Don't know, if Office 365 supports this.
So maybe Monit connects successfully if you remove this check.
Or you can try port 465. Don't know, if Office 365 supports this.
#10
Q-Feeds (Threat intelligence) / Re: Inconsistent default sort ...
Last post by Q-Feeds - April 22, 2026, 11:27:58 PMThe fix is in a pull request now, expected to be fixed with the next update.
