Syslog server and other eventually missing features when migrating

Started by phil5623, June 02, 2025, 12:56:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 02, 2025, 12:56:34 PM
Hi,

I'm preparing to migrate my pfsense heavy setup to OPNSense
After searching, I don't find much details on specific parts I need as I am currently using them in pfsense:

1- a syslog-ng server equivalent. Firewall being online 24/7 and remotely accessible, I forward my switches logs to the firewall
2- floating states for firewall rules instead of strict interface bound states. Does OPNSense offer a per firewall rule setting in addition to a global  setting ?
3- ability to define a DNS server exception for DHCP server static leases ? That is a DNS server for teh static lease different from the one specified in DHCP pool setup
4- properly schedule some firewall rules
5- run crob jobs on the firewall with custom scripts at root level access

Thank you for the feedback



June 02, 2025, 05:51:36 PM #1
Hello,

1. There is syslog-ng running, but due to security hardening it only allows logs via unix sockets.
2. Firewall: Settings: Advanced - Bind states to interface
3. In dnsmasq you can tag static reservations and give them individual dns servers. In ISC it works too but deprecated upstream. In KEA not yet possible.
4. Go to schedule here https://docs.opnsense.org/manual/firewall.html
5. Dont know right now, though its freebsd so any cron job guide should apply.
Hardware:
DEC740
June 02, 2025, 09:51:18 PM #2
Quote from: Monviech (Cedrik) on June 02, 2025, 05:51:36 PMHello,

1. There is syslog-ng running, but due to security hardening it only allows logs via unix sockets.
2. Firewall: Settings: Advanced - Bind states to interface
3. In dnsmasq you can tag static reservations and give them individual dns servers. In ISC it works too but deprecated upstream. In KEA not yet possible.
4. Go to schedule here https://docs.opnsense.org/manual/firewall.html
5. Dont know right now, though its freebsd so any cron job guide should apply.

Thank you
1- are there limitations when sending from a Ciscou Switch ? Or is it just a matter of setting the target syslog server/port (OPNSense interface) in the remote server from which OPNSense will receive the logs ? At least it's how it works in pfSense

2- That's the global setting. Is there a per-rule override option for the floating / interface-bound states ?

3- Is it planned for Kea ? It's already implemented in current pfsense and really useful

Thank you for the clarifications
Print
Go Up Pages1
User actions