"Recent posts
#81
General Discussion / Re: WOL Over Different Subnets
Last post by tomtom25 - January 26, 2026, 03:10:40 PMThe only thing you need to do is add a neighbor under "Interfaces: Neighbors" with the following entries:
MAC address: ff:ff:ff:ff:ff:ff
IP address: choose an IP from the destination subnet you want to reach.
Once this is done, you can use a WoL tool to send UDP packets at Layer 3 using the chosen IP address and the destination MAC address of the device you want to wake up.
MAC address: ff:ff:ff:ff:ff:ff
IP address: choose an IP from the destination subnet you want to reach.
Once this is done, you can use a WoL tool to send UDP packets at Layer 3 using the chosen IP address and the destination MAC address of the device you want to wake up.
#82
Tutorials and FAQs / Re: HOWTO - use Monit to monit...
Last post by larsvader - January 26, 2026, 02:32:57 PMQuote from: pppp12 on October 24, 2025, 08:43:09 PM...Does someone knows how to achieve this in OPNsense 25.7 where "Custom options" has been removed from OpenVPN Instances configuration?
This means Step-1 cannot be done.
You can skip step one and use the following log file in step 3:
/var/log/audit/latest.log
In step 2 I use the following:
content = "authenticated using"
With this changes I can even see who is logging in to the VPN.
Hope this helps
#83
German - Deutsch / IPS/Suricata dropt nichts (opn...
Last post by MojoMC - January 26, 2026, 02:10:48 PMHallo zusammen,
ich nutze OPNsense momentan, um ein Testnetzwerk vom Intranet zu trennen.
Momentan hadere ich mit der erfolgreichen Konfiguration von IDS/IPS/Suricata, speziell scheitert es schon am Test mit Eicar in der unverschlüsselten Variante, also HTTP.
Meine Konfiguration für IDS/IPS/Suricata sieht wie folgt aus:
Die Regel "OPNsense-App-detect/test" ist enabled und heruntergeladen.
In den Rules ist die Regel opnsense.test.rules auch mit der Standard-Action "Alert" enabled.
Eine Policy für diese Regel mit Action "Alert" & "Drop" sowie New Action "Drop" ist erstellt und angewendet.
Mache ich aus dem Testnetzwerk einen "curl http://pkg.opnsense.org/test/eicar.com.txt", geht das problemlos durch und ich sehe das unter den Alerts, leider mit "Action: Allowed" - trotz der aktiven Policy, die aus "Alert" ein "Drop" machen sollte.
Ändere ich per Hand die Testregel auf "Drop", dann wird auch sofort gedropt - selbst ohne Policy.
Bin ich irgendwo falsch abgebogen, übersehe ich die ganze Zeit etwas?
Vielen Dank für jeden Denkanstoß.
ich nutze OPNsense momentan, um ein Testnetzwerk vom Intranet zu trennen.
Momentan hadere ich mit der erfolgreichen Konfiguration von IDS/IPS/Suricata, speziell scheitert es schon am Test mit Eicar in der unverschlüsselten Variante, also HTTP.
Meine Konfiguration für IDS/IPS/Suricata sieht wie folgt aus:
- Enabled √
- IPS mode √
- Interfaces LAN & WAN
- in Home networks sind WAN und LAN erfasst
Die Regel "OPNsense-App-detect/test" ist enabled und heruntergeladen.
In den Rules ist die Regel opnsense.test.rules auch mit der Standard-Action "Alert" enabled.
Eine Policy für diese Regel mit Action "Alert" & "Drop" sowie New Action "Drop" ist erstellt und angewendet.
Mache ich aus dem Testnetzwerk einen "curl http://pkg.opnsense.org/test/eicar.com.txt", geht das problemlos durch und ich sehe das unter den Alerts, leider mit "Action: Allowed" - trotz der aktiven Policy, die aus "Alert" ein "Drop" machen sollte.
Ändere ich per Hand die Testregel auf "Drop", dann wird auch sofort gedropt - selbst ohne Policy.
Bin ich irgendwo falsch abgebogen, übersehe ich die ganze Zeit etwas?
Vielen Dank für jeden Denkanstoß.
#84
25.7, 25.10 Series / Re: After updating Opnsense fr...
Last post by allenlook - January 26, 2026, 02:08:32 PMAfter disabling IPS my memory utilization goes from 83% and climbing to 30%.
#85
25.7, 25.10 Series / Re: ISC to Dnsmasq breaks some...
Last post by allenlook - January 26, 2026, 02:07:10 PMThe nslookup command when run on the firewall returns NXDOMAIN for LAN PCs.
I've read the instructions quite a few times and I have tried different iterations of the Unbound -> Dnsmasq pointer because the instructions are not clear to me for that step.
My internal network is home.arpa, not lan.internal, so I used that at first, then I added lan.internal just for grins thinking it might be a reserved domain the firewall knows about and it did not help so I removed it and went back to just home.arpa and 1.168.192.in-addr.arpa being redirected from 53 to 53053.
I've read the instructions quite a few times and I have tried different iterations of the Unbound -> Dnsmasq pointer because the instructions are not clear to me for that step.
My internal network is home.arpa, not lan.internal, so I used that at first, then I added lan.internal just for grins thinking it might be a reserved domain the firewall knows about and it did not help so I removed it and went back to just home.arpa and 1.168.192.in-addr.arpa being redirected from 53 to 53053.
#86
Portuguese - Português / Re: Identidade de usuários
Last post by juliocbc - January 26, 2026, 02:05:18 PMObrigado por compartilhar!
#87
25.7, 25.10 Series / Re: After updating Opnsense fr...
Last post by allenlook - January 26, 2026, 01:52:49 PMI'm also seeing high memory utilization, over 83% and climbing as of right now. Usually 50%-ish.
#88
26.1 Series / Re: RC1: hundreds of rc.newwan...
Last post by franco - January 26, 2026, 01:23:58 PM# opnsense-patch https://github.com/opnsense/core/commit/9a80c6ddb29
This should make it behave as before on 25.7.x, best done with a reboot right after apply.
If that's the case we found a very old bug in dhcp6c.
Cheers,
Franco
This should make it behave as before on 25.7.x, best done with a reboot right after apply.
If that's the case we found a very old bug in dhcp6c.
Cheers,
Franco
#89
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by meyergru - January 26, 2026, 01:11:03 PMIt seems there is no way I can disable the Qfeeds domain blocklist - the content of dnsbl.json is still there and used after uninstalling the Qfeeds plugins completely.
The only way I found is to recreate an empty dnsbl.json and restart Unbound.
The only way I found is to recreate an empty dnsbl.json and restart Unbound.
#90
26.1 Series / Re: Upgrade to RC1 successful
Last post by Maurice - January 26, 2026, 01:10:06 PMThanks for the fixes, Franco. ISC DHCPv6 menu is indeed back in RC2.
Cheers
Maurice
Cheers
Maurice
