"Recent posts
#81
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by DEC740airp414user - January 25, 2026, 09:15:03 PMAt this time I do not see them listed under block list or extended block list.
If I am looking in the wrong area let me know
If I am looking in the wrong area let me know
#82
General Discussion / Re: WAN failover DNS problem
Last post by pinpoint - January 25, 2026, 09:11:43 PMI enabled query forwarding and DNS over TLS using 8.8.8.8, 8.8.4.4. Also added custom forwarding:
8.8.8.8 port 853
8.8.4.4 port 853
Unfortunately this did not help, same problem occurs
8.8.8.8 port 853
8.8.4.4 port 853
Unfortunately this did not help, same problem occurs
#83
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by meyergru - January 25, 2026, 09:10:47 PMOh, I never used those, didn't not know they exist. Are they in a useable format for Unbound?
#84
German - Deutsch / Re: letsencrypt DNS Problem
Last post by meyergru - January 25, 2026, 09:09:26 PMMachst Du DNS-01 Verifikation? Falls ja, die DNS Updates werden weder durch Unbound noch durch DNSmasq durchgeleitet - beide Server können nur DNS-Queries verarbeiten. Ich habe das gemerkt, als ich versucht habe, mit einem Server "hinter" OpnSense einen DNS-01 update per RFC2136 durchzuführen, während ich alle DNS-Requests über den lokalen Unbound geforwardet hatte. Ich musste für den betroffenen Host eine Ausnahme eintragen.
#85
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by DEC740airp414user - January 25, 2026, 09:09:26 PMSo the malware domains are listed/ downloaded but ignored?
#86
German - Deutsch / Re: Welches DSL-Modem für VDSL...
Last post by s.meier68 - January 25, 2026, 09:08:38 PMQuote from: k0ns0l3 on January 25, 2026, 07:16:03 PMprivate Netzwerke blockieren und bong Netzwerke blockieren bei pppoe0Ja
Quote from: k0ns0l3 on January 25, 2026, 07:16:03 PMModem vlan01Wenn Du auf der Opnsense ein Vlan angelegt hast > deaktivieren
Wenn Du auf der Opnsense kein Vlan angelegt hast > aktivieren und Vlan id auf 7 setzen
Bzw. Wenn das Internet schon läuft nicht ändern;-)
#87
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by meyergru - January 25, 2026, 09:05:25 PMProbably. The Qfeeds list contain IPs, not domains, so you have to use the alias in a firewall rule, not in a DNS blocklist.
#88
German - Deutsch / Dauer Major Upgrade 24.7.12_4 ...
Last post by danielhainich - January 25, 2026, 09:04:45 PMHallo,
das Extracting der Packages dauert jetzt schon knapp eine Stunde... Da ist doch was faul, oder?
Einfach weiter warten, oder hat jemand eine sinnvolle Idee?
Danke
Daniel
das Extracting der Packages dauert jetzt schon knapp eine Stunde... Da ist doch was faul, oder?
Quote***GOT REQUEST TO UPGRADE***
Currently running OPNsense 24.7.12_4 (amd64) at Sun Jan 25 20:12:42 CET 2026
Fetching packages-25.1-amd64.tar: ......................................... done
Fetching base-25.1-amd64.txz: ......... done
Fetching kernel-25.1-amd64.txz: .... done
Extracting packages-25.1-amd64.tar...
Einfach weiter warten, oder hat jemand eine sinnvolle Idee?
Danke
Daniel
#89
Q-Feeds (Threat intelligence) / Re: Testing firewall rules wit...
Last post by DEC740airp414user - January 25, 2026, 09:00:16 PMThanks
I exported both malware ip and malware domains to my device as a txt file.
As a free account. My device is running business edition opnsense and I am using Nextdns as my provider. DNS over tls.
All ip address visited within Firefox focus listed are blocked and show up as blocked in the console
If I choose and visit a malware domain they are not blocked. And my test device running Firefox focus warns me about the site could be malicious
I changed unbound to non forwarding, standard unbound
I am seeing the same issue.
I setup a floating rule
Block
Chose all interfaces utilized
Direction in
Destination malware ip which is all that is available
And log
Gateway is default
Are my expectations incorrect that it should be blocking domains from what I exported and viewed?
I exported both malware ip and malware domains to my device as a txt file.
As a free account. My device is running business edition opnsense and I am using Nextdns as my provider. DNS over tls.
All ip address visited within Firefox focus listed are blocked and show up as blocked in the console
If I choose and visit a malware domain they are not blocked. And my test device running Firefox focus warns me about the site could be malicious
I changed unbound to non forwarding, standard unbound
I am seeing the same issue.
I setup a floating rule
Block
Chose all interfaces utilized
Direction in
Destination malware ip which is all that is available
And log
Gateway is default
Are my expectations incorrect that it should be blocking domains from what I exported and viewed?
#90
German - Deutsch / Re: letsencrypt DNS Problem
Last post by Simaryp - January 25, 2026, 08:05:46 PMWenn ich den Forward für meine domain auf dnsmasq deactiviere, dann kann letsencrypt die challenges einrichten. Wenn ich es dann wieder aktiviere und zusätzlich in dnsmasqs die adressen als hosts konfiguriere, dann werden die gerouted und die zertifikate sind dann da.
Aber das ist natürlich nicht so wie gedacht.
Ich will ja nicht permenanent dort etwas umkonfigurieren und aktivierung togglen.
Aber das ist natürlich nicht so wie gedacht.
Ich will ja nicht permenanent dort etwas umkonfigurieren und aktivierung togglen.
