some questions and problems with opnsense

Started by Rout3rx, June 04, 2017, 09:49:07 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 04, 2017, 09:49:07 AM Last Edit: June 04, 2017, 10:49:55 AM by Rout3rx
Hello everybody

i want to add persian language in opnsense and i can't know how can i do this? i see just some files on github.
can i translate a file and send to the core developers to add it in language?

i want to install clamav on opnsense and use it in local, how can i do that? if i buy the commercial support they can help me?

i want to see some graphs for linke kibana. can i get a help to do this?

thanks
June 04, 2017, 01:41:35 PM #1
Quote from: Rout3rx on June 04, 2017, 09:49:07 AM
Hello everybody

i want to add persian language in opnsense and i can't know how can i do this? i see just some files on github.
can i translate a file and send to the core developers to add it in language?

You need access to the translation server. Instructions: https://docs.opnsense.org/contribute.html#translations

Quote from: Rout3rx on June 04, 2017, 09:49:07 AM
i want to install clamav on opnsense and use it in local, how can i do that? if i buy the commercial support they can help me?

It is in the FreeBSD repository. You can enable it if you like but you should not keep it enabled. If you are talking about scanning HTTP(S) traffic, you should use a separate server. Here is a tutorial from a 3rd party: http://www.tcptechs.com/opnsense-transparent-caching-filtering-proxy-with-virus-scanning/

Quote from: Rout3rx on June 04, 2017, 09:49:07 AM
i want to see some graphs for linke kibana. can i get a help to do this?

thanks

Why not use kibana? Just forward syslog messages to a logstash server and send it to elasticsearch. Can be the same server as the ICAP server but it should not for security reasons (for example you can make two different containers).
June 04, 2017, 01:43:20 PM #2
To see kibana graphs you need to send logs to elk stack. Enable syslog and point it at your elk installation. I don't know if elk supports netflow or not but if it does point netflow there.

June 04, 2017, 08:21:02 PM #3 Last Edit: June 04, 2017, 08:24:43 PM by Rout3rx
You need access to the translation server. Instructions: https://docs.opnsense.org/contribute.html#translations
need an invitation i think, registration was closed!

It is in the FreeBSD repository. You can enable it if you like but you should not keep it enabled. If you are talking about scanning HTTP(S) traffic, you should use a separate server. Here is a tutorial from a 3rd party: http://www.tcptechs.com/opnsense-transparent-caching-filtering-proxy-with-virus-scanning/

/usr/ports was not found on opnsense, how can i add this? and via pkg, package not found to install


Why not use kibana? Just forward syslog messages to a logstash server and send it to elasticsearch. Can be the same server as the ICAP server but it should not for security reasons (for example you can make two different containers).
thanks, i need an interface for show which country attacked and who blocked...

another question, why the GeoIP list is short? and many of country isn't there? how can i complete and fill up?

June 05, 2017, 04:43:45 AM #4
Elk stack can use geoip databases to show countries based on ip and display that information in kibana.

In opnsense you can start typing a country and it will filter. It doesn't display all countries in the dropdown menu.
June 05, 2017, 09:12:54 AM #5
Quote from: Rout3rx on June 04, 2017, 08:21:02 PM
You need access to the translation server. Instructions: https://docs.opnsense.org/contribute.html#translations
need an invitation i think, registration was closed!

No, accounts are created  when requested per mail.


Quote from: Rout3rx on June 04, 2017, 08:21:02 PM
/usr/ports was not found on opnsense, how can i add this? and via pkg, package not found to install

this is a /usr/ports is a repository that can be cloned from here: https://github.com/opnsense/ports

Quote from: Rout3rx on June 04, 2017, 08:21:02 PM
thanks, i need an interface for show which country attacked and who blocked...

Logstash: https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html
Sample for a web server log: https://www.digitalocean.com/community/tutorials/how-to-map-user-location-with-geoip-and-elk-elasticsearch-logstash-and-kibana
June 05, 2017, 09:00:20 PM #6
thanks for csmall and fabian.
Quote
No, accounts are created  when requested per mail.
sorry fabian, could you explain more? how can i request with my email?

another question,
why the first 4 ruleset can not installed? and always write not-installed!
and how can i add a custom rule? i found some field in user-defiend section...is it all that?
June 08, 2017, 05:29:00 AM #7 Last Edit: June 08, 2017, 05:49:17 AM by Rout3rx
a new question,
where can i see the blocked ip addresses? for IPS or firewall?

and a bug!
when i add a defined rule in IDS againest a country to block that, it's not worked!
should i do anything else?
June 08, 2017, 08:26:52 AM #8
Quote from: Rout3rx on June 08, 2017, 05:29:00 AM
a new question,
where can i see the blocked ip addresses? for IPS or firewall?

Both (IPS and firewall) have a log file.
June 09, 2017, 10:50:37 AM #9 Last Edit: June 11, 2017, 05:45:07 AM by Rout3rx
where can i see the blocked ip list by the IPS? and do unblocking
June 13, 2017, 06:05:12 AM #10
is there anyone to help me?
thanks
Print
Go Up Pages1
User actions