Zenarmor and community repo (elasticsearch database)

Started by PaulePils, June 14, 2023, 06:19:16 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 14, 2023, 06:19:16 PM
Hello,

when I started using OPNsense I went through a lot of tutorials and videos for a basic setup which works quite well. Recently I started to think about IDS/IPS. Many sites recommend Suricata for WAN and Zenarmor for LAN. The WAN site is working (or at least there is no error  :) )
But Zenarmor says that I already have an elasticsearch database installed (which I haven't). I checked and found out that there is an incompability between the mimugmail-repo and a Zenarmor installation. The community repo is solely used for the Adguard plugin.

Is there a way to use both? Like change Adguard from plugin to "bare metal" installation?
June 14, 2023, 10:07:14 PM #1
You can lock the package and then disable the repo
June 14, 2023, 10:27:43 PM #2
Also if your number of clients don't require elasticsearch, you can opt out of using it in Zenarmor and get Zenarmor to use sqlite.
June 14, 2023, 11:00:20 PM #3
Quote from: mimugmail on June 14, 2023, 10:07:14 PM
You can lock the package and then disable the repo
What does "locking" do? If I understand it correctly, I can't update Adguard anymore. Or is the plugin just for the first installation because updates are handled by the GUI?

Quote from: cookiemonster on June 14, 2023, 10:27:43 PM
Also if your number of clients don't require elasticsearch, you can opt out of using it in Zenarmor and get Zenarmor to use sqlite.
It is just for home usage (and out of curiosity  ::) ), so sqlite should suffice, buuut I read that the log is only persistent for 2 days. Is this correct?
June 14, 2023, 11:06:02 PM #4

It is just for home usage (and out of curiosity  ::) ), so sqlite should suffice, buuut I read that the log is only persistent for 2 days. Is this correct?
[/quote]
I am using it at a home installation yes. I get the options of 1 hr, 1 day and 1 week with sqlite. Up to 50 devices.
I have limited storage and don't want to run an elasticsearch db on it for this.
June 15, 2023, 07:17:52 PM #5
One week should be fine for my use case. Thanks for the info  :)
August 20, 2023, 03:09:29 AM #6
Quote from: PaulePils on June 14, 2023, 11:00:20 PM
Quote from: mimugmail on June 14, 2023, 10:07:14 PM
You can lock the package and then disable the repo
QuoteWhat does "locking" do? If I understand it correctly, I can't update Adguard anymore. Or is the plugin just for the first installation because updates are handled by the GUI?


What did you end up doing? Did you lock the package? Are you able to update still?
I am in the same boat.
August 29, 2023, 10:59:51 PM #7
I just used sqlite which worked quite well.
But in the meantime a did a complete fresh install of opnsense to better fit my needs
Print
Go Up Pages1
User actions