Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.1 Legacy Series
»
Proxmox/Virtio IPS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Proxmox/Virtio IPS (Read 6786 times)
dragon2611
Jr. Member
Posts: 94
Karma: 4
Proxmox/Virtio IPS
«
on:
July 03, 2016, 06:33:20 pm »
It seems that enabling IPS on a VM that's using virtIO drivers is a very bad idea, after about 30s or so all traffic stops flowing
Swap to E1000 virtual NIC's and the problem seems to dissapear.
Logged
franco
Administrator
Hero Member
Posts: 17668
Karma: 1611
Re: Proxmox/Virtio IPS
«
Reply #1 on:
July 03, 2016, 08:46:26 pm »
Thanks for the tip. We've had many reports with problems in IPS mode in FreeBSD that seems to stem from a lack of driver correctness. We hope things will be better with FreeBSD 10.3, but early testers have said it's not gotten much better.
Logged
dragon2611
Jr. Member
Posts: 94
Karma: 4
Re: Proxmox/Virtio IPS
«
Reply #2 on:
July 03, 2016, 08:50:12 pm »
The IPS module does seem a bit early days at the moment as in you can enable it and set deny but it would be nice to see better intergration to the firewall (I.e might want to use the IPS P2P rules but only for certian devices)
Also I forgot to set the Deny filter when I first loaded a lot of the rules and I can't see any easy way to bulk change it for the trojan ones.etc
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.1 Legacy Series
»
Proxmox/Virtio IPS