OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Recent Posts

Recent Posts

Pages: [1] 2 3 ... 10
1
18.7 Production Series / Re: Firewall API use
« Last post by seized on Today at 06:57:55 pm »
I noticed this same behavior too. I even verified that it happens even if the alias is referenced in a firewall rule or not referenced in a firewall rule as I thought that could be it, but it happens either way. Basically if the host type alias is empty then there is an error on API posting an address. I tried a few variations such as 1.0.32.1/32 (returned an error about invalid address like the alias was empty) and 1.0.32.1\32 (returned "not an address").

This is the error if the alias is empty:
{"errorMessage":"[OPNsense\\Firewall\\Alias:aliases.alias.c87dab5e-d37b-4bb0-9f01-ec950f0891b7.content] Entry \"\" is not a valid hostname or IP address.\n","errorTitle":"An API exception occured"}

I tried curl and PostMan, same in both. Adding one address in manually through the UI lets the API work immediately so its not that big a deal (in my opinion).

This is on 18.7.9 and I didnt do the patch referenced a few posts up.
2
Development and Code Review / Re: Sensei on OPNsense - Application based filtering
« Last post by mb on Today at 06:53:21 pm »
Update to @manjeet's post: https://forum.opnsense.org/index.php?topic=9521.msg48451#msg48451

Spotted the problem. A typo avoided reporting criteria to be reflected for some reports.

Fix should arrive with 0.7.0 release.
3
Development and Code Review / Re: Sensei on OPNsense - Application based filtering
« Last post by mb on Today at 06:45:57 pm »
Hi @cgwork,

Quote from: cgwork on December 13, 2018, 01:53:12 pm
sure i'm using gmail for this setup

Gmail should be fine. Can you forward the email to sensei - at - sunnyvalley.io ? If you can forward as an attachment, that'd be perfect.

Are you using Gmail through a browser, or through an email client?
4
18.7 Production Series / Re: Nginx Plugin :: Log Viewer
« Last post by fabian on Today at 06:27:50 pm »
This would not help,  If you have around 400M  (just separate: 402_653_184) on server side, it will definitely also kill your browser even if I pass that through in smaller pieces. For such big log files I would not recommend to use them in a web interface. In your case I would recommend the ELK stack, which is better optimized for such problems (pagination is a problem here because the amount of entries is not fixed and new pages may come every second).
5
18.7 Production Series / Re: NGINX listen on WAN
« Last post by fabian on Today at 06:17:47 pm »
floating rules apply to multiple interfaces (you can select them or you can leave it empty for all) and the quick option defines if the rule is first (checked) or last match (unchecked). Quick rules override interface rules and not quick rules will be overridden by interface rules (if there is another for the same packet).
6
18.7 Production Series / Re: os-wol plugin
« Last post by fabian on Today at 06:14:17 pm »
Since the plugin has no logfile -> syslog
7
Development and Code Review / Re: Sensei on OPNsense - Application based filtering
« Last post by mb on Today at 05:51:11 pm »
Hi @kagou,

Looks like a problem with the backend indexes.

Can you try these if they fix the problem?

/usr/local/sensei/scripts/installers/elasticsearch/delete_all.py
/usr/local/sensei/scripts/installers/elasticsearch/create_indices.py


It it does not, can you share your /var/log/elasticsearch/elasticsearch-2018-12-13.log log file to sensei - at - sunnyvalley.io ?
8
German - Deutsch / Re: DNSCrypt-Proxy Plugin manuelle DNS-Resolver festlegen
« Last post by p1n0ck10 on Today at 05:04:19 pm »
fettes merci dir ;)

anscheinend haben da außer mir noch andere Bedarf die DNS-Resolver manuell auszuwählen. siehe
https://forum.opnsense.org/index.php?topic=10652.0

ich denke wenn ich wieder die Cisco (OpenDNS) Server auswählen möchte, die Option "nur Server die nicht loggen" deaktivieren muss. Cisco Umbrella basiert ja darauf die Anfragen zu protokollieren und man als Kunde entscheiden kann welche Kategorien ich blockieren will. Dieser Dienst wird gern von Firmen benutzt. Würd ich gern in Kombination mit DNSCrypt testen.

9
German - Deutsch / T-com hybrid, wifi, Einstellungen, qnap
« Last post by Superspatenone on Today at 04:37:45 pm »
Hi, ich bin neu hier und suche jemanden der mich durch mein Projekt begleitet.

Ich hab ein Telekom Hybrid Router,
Dieser macht ein Wlan auf,
Dann ein Qnap hier ist opnsense in der visualisation station installiert
Auf das Qnap greif ich per Lan zu (Vlan3), das händelt ein tp-link
Am qnap häng ein alfa wlan tool, durchgeschliffen in die opnsense für wan

So, lan geht das heißt ich komm auf das opnsense
Wan geht auch, ich konnte opensense schon ein Update machen

Ich komm nur nicht von lan zu wan ins Internet...
Hat jemand eine Idee?

Gruß
Andreas
10
18.7 Production Series / Re: Wireguard duplicate Firewall Rule after update
« Last post by racef@ce on Today at 04:35:41 pm »
Thanks for your explanation Franco.
So it should be like that.
Pages: [1] 2 3 ... 10
OPNsense is an OSS project © Deciso B.V. 2015 - 2018 All rights reserved
  • SMF 2.0.15 | SMF © 2017, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2