Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
What's Blocking my Programs' Access to the Internet?
« previous
next »
Print
Pages: [
1
]
Author
Topic: What's Blocking my Programs' Access to the Internet? (Read 2014 times)
r0b0ty
Newbie
Posts: 4
Karma: 0
What's Blocking my Programs' Access to the Internet?
«
on:
November 06, 2020, 06:46:29 pm »
Hi everyone. I am new to opnSense and quite the beginner with firewalls and networking. Nevertheless, I have opnSense running happily on an old PC with a quad-port NIC. The version I'm running is below:
OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
My problem is that I have two programs (TrueNAS and MATLAB) that are being denied access to the internet by one the opnSense services I have enabled and I have no clue which one it is. What's interesting to me is that for TrueNAS, it's allowed to check for updates just fine, but is prevented from installing plugins from pkg.freebsd.org (I even white-listed it in the web proxy ACL with no success).
Is there a smarter, more methodical way to figure out who is blocking them and how to allow their access?
So far, I've completely disabled the web proxy, with no luck.
These are the services I have enabled:
- C-ICAP server
- ClamAV Daemon
- freshclam daemon
- Universal Plug and Play (although I don't think it's properly set up, or set up at all)
- Squid Web Proxy
- Suricata Intrusion Detection
Thanks in advance for your help, guys!
Logged
littlepepper
Jr. Member
Posts: 55
Karma: 0
Re: What's Blocking my Programs' Access to the Internet?
«
Reply #1 on:
November 06, 2020, 11:31:19 pm »
There are a lot of variables.. what blocking lists have you installed? Unbound? Suricata / Snort? Unfortunately it is one of those open ended, no right answer type questions.
Best way is probably to disable all the blacklists and enable them one by one.
A systematic way is to run Wireshark for the app in question and see what goes through / not by seeing if the sites in question is sending back ACK.
Logged
r0b0ty
Newbie
Posts: 4
Karma: 0
Re: What's Blocking my Programs' Access to the Internet?
«
Reply #2 on:
November 07, 2020, 01:41:35 am »
I have Unbound enabled, but just realized that Blacklists are disabled, so it seems to take Unbound out of the equation. For IDS, Suricata is used and I have 11 rulesets under the "Download" tab that are enabled for "Download and Update Rules", but there are over 78,700 actual rules that are enabled (didn't realize that either). It's not feasible to go through every one, obviously.
I was hoping that I could look at some log to see who/what is blocking these programs and go from there.
I guess I can try to disable IDS entirely (momentarily) to see if that does anything. As mentioned earlier, I had tried that with the web proxy, but didn't resolve the problem.
I know of Wireshark, but haven't actually used it. I might try to see if I can figure it out. Thanks for the feedback so far.
Logged
r0b0ty
Newbie
Posts: 4
Karma: 0
Re: What's Blocking my Programs' Access to the Internet?
«
Reply #3 on:
November 07, 2020, 02:22:02 am »
OK... solved one of the issues.
I disabled the Web Proxy "Traffic Management" which had a default
Maximum Download Size (kb)
of 2048. This allowed TrueNAS to download and install the plugin.
Now to solve the issue with MATLAB.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
What's Blocking my Programs' Access to the Internet?