Sensei on OPNsense - Application based filtering

Started by mb, August 25, 2018, 03:38:14 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 12 13 14 15 16 ... 79
User actions
March 02, 2019, 02:38:46 PM #195
Hi Kruemel,

From Sunnyvale, California, greetings to you too :) Glad to hear that Sensei is of value to your OPNsense installation. Many thanks for sharing your experience.

We hope to bring some news with regard to less demanding hardware requirements. We're planning to employ an alternative less resource-intensive database engine for reporting.

QuoteBut I miss a feature: If something is blocked, it's just not loading, right?

Yep. This is so because, your Sensei policy configuration hits a TLS SNI or application rule. TLS and some app detection jump into the scene way too early before the HTTP protocol starts being conversed back and forth between your browser and the server. 

So when we decide that we need to apply filtering, neither server nor client does not yet know how to talk HTTP. They just know how to talk TCP. This is why we just do a TCP RST, and you see a blank page in your browser.

We'll have a feature called "delayed action" (requires TLS inspection) where we'll flag a particular connection as being blocked and will let them talk a little bit more so that they can handle a HTTP response. As soon as we get a HTTP request from the client, we'll send the landing page and just close the connection at that particular time.
March 03, 2019, 10:27:51 AM #196
Hi,

I just installed Sensei on my OPNsense and I think it's working great.
I found in the dashboard an interesting "HotSpot" I'd like to investigate further. However, the "Top Destinations Locations Heatmap" does not allow for a Drill Down, nor is there a geo location filter available.

Can you please advise on how to investigate on such hotspots?
Is it possible to retrieve DNS/IP for a certain geo location hotspot?

Regards
Alexander
March 04, 2019, 06:46:19 AM #197
@astoklas,

Many thanks for the feedback. Currently, drill-down is not possible with the map. We'll take this as a feature request. Will get you updated.
March 04, 2019, 06:56:07 AM #198 Last Edit: March 04, 2019, 06:58:44 AM by mb
Dear Sensei users,

After several months of field testing, we are super happy to announce the availability of Sensei 0.8.0 Beta.

Release 0.8 introduces long awaited support for IPv6 and virtual ethernet adapters. Below is the full list of features that are coming along with this release (from 0.7.0)


  • IPv6 Support
  • Virtio ethernet support *with OPNsense 19.1 new netmap kernel
  • Wireless ethernet support *with OPNsense 19.1.x
  • VLAN child interfaces support *with OPNsense 19.1.x
  • Better Cloud infrastructure support
  • Better reporting

For more information: https://www.sunnyvalley.io/blog/sensei-0-8-beta1-is-released

Currently we're shipping 0.8.0 beta1 from a separate package repository. So, if you are on 0.7, you'll not be able to see the software update as of now. When 0.8.0 rc1 is released, we'll move the packages to the main repository and you'll then be able to update to 0.8.0.

The reason behind this is that we want to allow 0.8.0 a bit more field testing before we make it an update for 0.7 stable users.

ETA for 0.8.0.rc1 is March 18, 2019.

If you don't want wait and want to see 0.8 in effect now, just uninstall Sensei from the UI and use the following one-liner command to re-install:

# curl https://updates.sunnyvalley.io/getsensei8 | sh
March 04, 2019, 08:46:19 PM #199
Thanks, mb, and keep up with good work!

Is "VLAN child interfaces support *with OPNsense 19.1.x" means that filtering on VLANs work without netmap kernel?
Proxmox enthusiast @home, bare metal @work.
March 04, 2019, 09:15:24 PM #200
Hi @antaris,

Many thanks. You're correct. It looks like FreeBSD 11.2 default kernel had some fixes with regard to that.
March 06, 2019, 06:45:49 AM #201 Last Edit: March 06, 2019, 08:14:53 AM by donatom3
I'm having a problem where elasticsearch won't start after a reboot. I have to clear the settings completely and re setup sensei to get elasticsearch to start.

Just seeing the below in the general log.

Code Select
root: /usr/local/etc/rc.d/elasticsearch: WARNING: failed to start elasticsearch

This is in the backend log and it keeps adding to it.
Code Select
Mar 5 21:44:55 configd.py: [7d62e2b1-bcce-48d3-a80b-4b665aed6cb4] read sensei stats
Mar 5 21:44:54 configd.py: [a4351d00-f929-466b-a18d-1752f72e0a8c] read sensei stats
Mar 5 21:44:53 configd.py: [40ea2e8d-6574-4662-a135-a4c817bf7f0c] read sensei stats
Mar 5 21:44:52 configd.py: [86399ab0-e991-4493-b62f-d6a2b29d88b3] read sensei stats
Mar 5 21:44:51 configd.py: [b8bfc148-83a2-407f-91d3-7091c77b7832] read sensei stats
Mar 5 21:44:50 configd.py: [baf1dddc-39c6-49e4-aad3-f6d87d29a0da] read sensei stats
Mar 5 21:44:49 configd.py: [f08d4d14-f236-4d25-8011-8b25a848eeec] read sensei stats
Mar 5 21:44:48 configd.py: [571d2e9b-d0cb-402c-b5ac-8bf7ff72d811] read sensei stats
Mar 5 21:44:47 configd.py: [e77883ce-8f8b-4a2b-aebb-7c4125ed7e17] read sensei stats
Mar 5 21:44:46 configd.py: [18dd5adf-9437-4e15-90ba-1ee6e08c4bff] read sensei stats
Mar 5 21:44:45 configd.py: [105c9ddc-960b-4bff-98fa-3e202c9ac49e] read sensei stats
Mar 5 21:44:44 configd.py: [87cb6f2f-e3ca-42b0-8040-4cfacd647de8] read sensei stats
Mar 5 21:44:43 configd.py: [4228579b-7e43-4138-8ea8-414fc9ec1c1a] read sensei stats
Mar 5 21:44:42 configd.py: [a755740c-45d8-438c-99e4-a232bd02c661] read sensei stats
Mar 5 21:44:41 configd.py: [024f64e4-2fa6-4558-8482-d8330cbc7742] read sensei stats
Mar 5 21:44:40 configd.py: [327c339b-b0b2-484c-92f9-3c9e9364820e] read sensei stats
Mar 5 21:44:39 configd.py: [396bb45c-c1f1-4728-91d0-e33bbcaea1f5] read sensei stats
Mar 5 21:44:38 configd.py: [d6b674d1-dd2f-494b-927d-ad55791063e4] read sensei stats
Mar 5 21:44:37 configd.py: [40338097-db55-4b60-b45f-877a1ae76b7c] read sensei stats
Mar 5 21:44:36 configd.py: [304857d4-7d26-45aa-ae75-6c520958fba9] read sensei stats
Mar 5 21:44:35 configd.py: [13675e7f-5dc6-4457-b5c9-c4b4c21e8a58] read sensei stats
Mar 5 21:44:34 configd.py: [4f0f6ae9-f39f-48ae-a799-876c86cb3164] read sensei stats
Mar 5 21:44:33 configd.py: [f4a1bb7f-8d12-47bd-b7d3-403d159450b4] read sensei stats
Mar 5 21:44:32 configd.py: [9c67445c-4ffe-444e-ba3c-a5f444ffbf21] read sensei stats
Mar 5 21:44:31 configd.py: [1cfc4b5a-c263-4240-b627-938197d72afe] read sensei stats
Mar 5 21:44:30 configd.py: [adbefd78-9c10-45e9-9cad-8d6495388773] read sensei stats
Mar 5 21:44:29 configd.py: [ad4176d3-1c8a-4890-a90c-c9b734979673] read sensei stats
Mar 5 21:44:28 configd.py: [22ff41e4-fc8f-4ba7-9f27-63d6c2b23b7e] read sensei stats
Mar 5 21:44:27 configd.py: [1fe553d1-06c5-4db6-b950-7a71e5af7bd4] read sensei stats
Mar 5 21:44:26 configd.py: [c3252f98-b238-448a-af02-d311a6f75e49] read sensei stats
Mar 5 21:44:25 configd.py: [09153632-0bff-46ad-ad98-c45319cd5ff8] read sensei stats
Mar 5 21:44:24 configd.py: [0bbec0b1-6e86-4930-a57c-f57be9e83008] read sensei stats
Mar 5 21:44:23 configd.py: [dcf30e51-763b-4df9-9f53-239615912384] read sensei stats
Mar 5 21:44:22 configd.py: [49c214e7-9b60-44c8-9ded-b22ac257f02c] read sensei stats
Mar 5 21:44:21 configd.py: [463b3e7f-c8d6-48ae-8064-08a414fa7e5d] read sensei stats
Mar 5 21:44:20 configd.py: [6ead17e8-53b9-48aa-a6b7-a644d5f170d2] read sensei stats
Mar 5 21:44:19 configd.py: [12378048-9b6d-4c5c-852d-6575fab78706] read sensei stats
Mar 5 21:44:18 configd.py: [bc415b0c-fe6c-404e-a5fb-a99e6b2646bc] read sensei stats
Mar 5 21:44:17 configd.py: [2b46da7d-1325-4e1c-aba0-20bc12e7e4b3] read sensei stats
Mar 5 21:44:16 configd.py: [720bebee-2387-4735-b794-085b94f5b505] read sensei stats
Mar 5 21:44:15 configd.py: [829b4c54-6629-4ae1-81fc-5a3255ba1c91] read sensei stats
Mar 5 21:44:14 configd.py: [80d84ec1-5cee-4f60-9290-bcaba50a351d] read sensei stats
Mar 5 21:44:13 configd.py: [6b233cd4-81d2-4569-99f6-2989332cb14b] read sensei stats
Mar 5 21:44:12 configd.py: [31706105-d805-41bf-b201-8f75e72fe5b3] read sensei stats
Mar 5 21:44:11 configd.py: [e0f1c395-db7e-4ee1-bdd7-e20ee8ff1dfa] read sensei stats
Mar 5 21:44:10 configd.py: [3f704530-859b-4e1f-95dd-136f85219d4b] read sensei stats
Mar 5 21:44:09 configd.py: [ab29e24e-2146-49e3-9bb6-fb6064233ff2] read sensei stats
Mar 5 21:44:08 configd.py: [645ca172-5629-4ea5-ad1f-8538c1b1ea06] read sensei stats
Mar 5 21:44:07 configd.py: [f8b70f86-0bee-4880-9306-bb4450d7db4d] read sensei stats
Mar 5 21:44:06 configd.py: [8bd95d71-bd13-4ec0-8f27-ed3932579bd3] read sensei stats
Mar 5 21:44:05 configd.py: [be4feb64-ef8e-4756-9e0c-0bbe00f5d4d0] read sensei stats
Mar 5 21:44:04 configd.py: [1aa6cf3a-da0e-473c-b710-553aa1287d69] read sensei stats
Mar 5 21:44:03 configd.py: [12d70d27-8724-477b-a274-99e795bcac42] read sensei stats
Mar 5 21:44:02 configd.py: [91adebc2-e1ee-4cf8-87c2-e1d8a5e8eee1] read sensei stats
Mar 5 21:44:01 configd.py: [ac505fe1-4ebb-4c68-99a7-a684c7f43a99] read sensei stats
Mar 5 21:44:00 configd.py: [7acfc145-9a17-40eb-be37-841d034621e7] read sensei stats
Mar 5 21:44:00 configd.py: [92b767af-81f1-4a5e-9e00-25219f89c715] check sensei engine health
Mar 5 21:43:59 configd.py: [d32f3278-e509-4969-b4a8-7ae7c79c700c] read sensei stats
Mar 5 21:43:58 configd.py: [ad2a102f-b1e0-4bb5-a593-09df77d04bac] read sensei stats
Mar 5 21:43:57 configd.py: [b92813e9-1cef-4b7f-8480-87b49d02d4f6] read sensei stats
Mar 5 21:43:56 configd.py: [d54e5bf2-f367-428a-a8d6-831488f4023e] read sensei stats
Mar 5 21:43:55 configd.py: [189af746-8852-4feb-bc24-2a13da1ff032] read sensei stats
Mar 5 21:43:54 configd.py: [dc2193ce-51c2-451e-917e-ebd56814ad1a] read sensei stats
Mar 5 21:43:53 configd.py: [08950c34-f59e-4fa5-95d5-0af61c02bdd1] read sensei stats
Mar 5 21:43:52 configd.py: [ea882489-9044-4768-b09c-ed6a0d5edd6d] read sensei stats
Mar 5 21:43:51 configd.py: [a4beae9e-0848-46df-bfd2-9e884d455d64] read sensei stats
Mar 5 21:43:50 configd.py: [66bc19f1-867a-4cff-bd31-e21221374c82] read sensei stats
Mar 5 21:43:49 configd.py: [1cff607f-dfba-4adb-8839-82dc49b1b83f] read sensei stats
Mar 5 21:43:48 configd.py: [7fee0851-b848-48d8-8d26-bc84b8bdce1b] read sensei stats
Mar 5 21:43:47 configd.py: [a5261abd-d409-4b27-921c-4f7f7ec41b90] read sensei stats
Mar 5 21:43:46 configd.py: [b8b7127a-5d56-408d-b7dd-902dd95e9ea2] read sensei stats
Mar 5 21:43:45 configd.py: [48a32138-cf91-4641-be4f-045f04ec7af6] read sensei stats
Mar 5 21:43:44 configd.py: [8c4ef497-2b33-4144-ba5b-4ef31a654070] read sensei stats
Mar 5 21:43:43 configd.py: [37cfb408-8ef5-408b-9348-53bcbb5bd089] read sensei stats
Mar 5 21:43:42 configd.py: [939282e0-234c-4b5f-ab00-9113bd803c96] read sensei stats
Mar 5 21:43:41 configd.py: [2989a365-034b-4aa6-b69f-a11ad3bd61c9] read sensei stats
Mar 5 21:43:40 configd.py: [5264a79b-1cf0-4d63-83a7-01129eead1ce] read sensei stats
Mar 5 21:43:39 configd.py: [3a8b90d3-46eb-494f-a19f-78817048cd12] read sensei stats
Mar 5 21:43:38 configd.py: [950f188d-26bd-4e9c-ac76-d65cdb48e212] read sensei stats
Mar 5 21:43:37 configd.py: [cea553fe-507d-492d-ab6d-f4318a600400] read sensei stats
Mar 5 21:43:36 configd.py: [f5b111b5-b585-4843-83bb-0a1bbfb2c1cd] read sensei stats
Mar 5 21:43:35 configd.py: [606ca68b-d3c0-4331-b410-afd4fef1a96c] read sensei stats
Mar 5 21:43:34 configd.py: [995954f6-fa00-4a3a-b32a-5638fa5eaffc] read sensei stats
Mar 5 21:43:33 configd.py: [3a856c39-6a60-4c23-83d7-15e7a00c2472] read sensei stats
Mar 5 21:43:32 configd.py: [3cfda134-4227-4c55-bcca-8ee10229e527] read sensei stats
Mar 5 21:43:31 configd.py: [9e43feed-c461-47fa-b692-8d445f317f4f] read sensei stats
Mar 5 21:43:30 configd.py: [02568a2b-6285-4431-bd2e-081b6bc3d77e] read sensei stats
Mar 5 21:43:29 configd.py: [72dbb649-88a3-4991-b51a-47c698256ce4] read sensei stats
Mar 5 21:43:28 configd.py: [1473e74d-fce9-4173-a6fa-bf54eb577778] read sensei stats
Mar 5 21:43:27 configd.py: [4a6222fc-465d-4528-9dcc-c906a5de1855] read sensei stats
Mar 5 21:43:26 configd.py: [b82dd2a5-8c9a-4a02-be10-6ad52bbaac5e] Show system activity
Mar 5 21:43:26 configd.py: [670749ac-91e3-4643-a9c4-5b9fd44f94da] read sensei stats
Mar 5 21:43:25 configd.py: [30d3970c-86fe-4d91-bca6-7353c654df63] read sensei stats
Mar 5 21:43:25 configd.py: [9a8daded-b8e5-4f51-bc56-d016e8ac7c02] read sensei stats
Mar 5 21:43:24 configd.py: [ebb18255-5159-4ab9-b641-b88821bf1e7d] read sensei stats
Mar 5 21:43:24 configd.py: [5120fa8d-e8ef-48a4-96e9-ffe553f81d30] read sensei stats
Mar 5 21:43:23 configd.py: [b727b40c-13ef-4d1e-b251-bf71c98a5b2f] read sensei stats
Mar 5 21:43:23 configd.py: [3634a274-5368-48a6-8867-b9932cd4809d] read sensei stats
Mar 5 21:43:22 configd.py: [0fb20dcf-c03b-4582-9c36-535207c9fa7f] read sensei stats
Mar 5 21:43:22 configd.py: [7d93ab3c-e1d8-452a-9863-c048ca11e7ff] view elasticsearch disk size
Mar 5 21:43:22 configd.py: [f09b62e6-cbf1-41be-97ae-56cce24ed05f] control services
Mar 5 21:43:22 configd.py: [e52be1cb-68be-4eea-b9e1-6c7b0f4e583c] check sensei ui version
Mar 5 21:43:22 configd.py: [02277005-468d-418c-aeea-5f26e03a016a] check sensei db last modified
Mar 5 21:43:22 configd.py: [5d851b8a-fda4-41cc-9967-7fe8ac178622] check sensei db version
Mar 5 21:43:22 configd.py: [99541288-f562-4f59-aa05-8a9b326cac81] check sensei db last modified
Mar 5 21:43:22 configd.py: [a29ac723-7f8f-41c0-8f73-26d60fc2493e] check sensei db version
Mar 5 21:43:22 configd.py: [37de4a96-014a-47fb-b12c-9c6c6aef5f37] check sensei last modified
Mar 5 21:43:22 configd.py: [7b58d2c8-5505-4df3-8a36-c4a6cf63c70b] check sensei version
Mar 5 21:43:22 configd.py: [9f2677fa-a66d-4e81-9d48-3191f60db682] control services
Mar 5 21:43:21 configd.py: [271b39f0-44fd-4ca1-9a0d-57e074e2ac8c] read sensei stats
Mar 5 21:43:20 configd.py: [8be4d78e-c447-4ff4-92b9-8d2de2a0b9a1] view license
Mar 5 21:43:20 configd.py: [ed3ffc6c-13a6-4468-b09d-2c2cba7469d6] read sensei stats
Mar 5 21:43:19 configd.py: [8483e0c4-6b9e-4cb6-a9ff-ac0cceed2488] read sensei stats
Mar 5 21:43:19 configd.py: [eb9e9a55-1aa1-4ece-a8cb-f71a0b1e3d0c] control services
Mar 5 21:43:18 configd.py: [caaf4bb7-d2af-4258-bba1-960e1b3b3bcb] read sensei stats
Mar 5 21:43:17 configd.py: [77b7f220-2a12-4238-a4f4-622639abb5a2] read sensei stats
Mar 5 21:43:16 configd.py: [fbb0669d-a17f-4918-b158-f28d2cc86aae] read sensei stats
Mar 5 21:43:15 configd.py: [f22ac12a-fdbe-45aa-9e2e-cd75abbc5c68] read sensei stats
Mar 5 21:43:14 configd.py: [04bf4e69-7021-48d4-a14c-429bad0bcd9e] read sensei stats
Mar 5 21:43:13 configd.py: [7f0bca65-1c34-45a5-9816-192eedcadc21] read sensei stats
Mar 5 21:43:13 configd.py: [cde48204-6443-48be-93b8-5c57c8d3cb4b] read sensei stats
Mar 5 21:43:12 configd.py: [d9669127-1ec6-482b-9800-34bf1090604d] read sensei stats
Mar 5 21:43:12 configd.py: [9fd1971a-e907-4704-b0b6-9ef8c193b4a0] read sensei stats
Mar 5 21:43:11 configd.py: [7e084ad4-bd04-40b7-a269-f86b030d470b] read sensei stats
Mar 5 21:43:11 configd.py: [e2f40c45-1449-4eaa-adad-392535ab65b9] read sensei stats
Mar 5 21:43:10 configd.py: [c06c00d0-29c3-424c-805a-624b8bb86c2c] read sensei stats
Mar 5 21:43:10 configd.py: [d44777a5-aede-4403-9963-65f5caf835f8] read sensei stats
Mar 5 21:43:09 configd.py: [5d031005-ce3b-4ddb-b119-c15818b64d7c] read sensei stats
Mar 5 21:43:09 configd.py: [4aaab29d-dd26-499b-8a94-114f728d447c] read sensei stats
Mar 5 21:43:08 configd.py: [32811901-60a5-41fb-8a70-23df003b409a] read sensei stats
Mar 5 21:43:08 configd.py: [e7f2cf0d-5ba4-4b5e-bb0f-6483884c55a7] read sensei stats
Mar 5 21:43:07 configd.py: [7e830b6f-f83d-417e-ad4c-a9ed577644dc] read sensei stats
Mar 5 21:43:07 configd.py: [997cb509-1145-43ea-a461-ed291432856c] read sensei stats
Mar 5 21:43:06 configd.py: [54e86060-313f-4c37-b7c8-ce55f24c5363] read sensei stats
Mar 5 21:43:06 configd.py: [b580155d-f96d-4c35-a94a-19b784208558] read sensei stats
Mar 5 21:43:05 configd.py: [eeddf8f5-89b1-491e-a627-aa879133e63a] read sensei stats
Mar 5 21:43:05 configd.py: [4beb04bf-4103-48ae-86ed-98c9ee7f96d0] read sensei stats
Mar 5 21:43:04 configd.py: [08eac025-5388-4807-9da7-f1d6004c4926] read sensei stats
Mar 5 21:43:04 configd.py: [106e18d5-ee88-4dba-b5e7-6d0d4921d065] read sensei stats
Mar 5 21:43:03 configd.py: [3532ac59-95e9-4439-9837-7a1ab5188a8a] read sensei stats
Mar 5 21:43:03 configd.py: [966fa7d7-c5f7-4809-b72f-fafd7e230bf0] read sensei stats
Mar 5 21:43:02 configd.py: [c87d2a2b-3b5c-44be-8e78-5fc89b1ee7b4] read sensei stats
Mar 5 21:43:02 configd.py: [fbc26fe4-dfc6-4991-bf26-6fa726d28c13] read sensei stats
Mar 5 21:43:01 configd.py: [2cfd5f28-21ce-4651-8a6f-68d7bc4ee5bf] read sensei stats
Mar 5 21:43:01 configd.py: [ad503b54-302c-4534-961b-7f4ffd830022] read sensei stats
Mar 5 21:43:00 configd.py: [edd42365-060e-4e8f-8bfb-9022ae8630e2] read sensei stats
Mar 5 21:43:00 configd.py: [9dc39d58-07bd-443d-bd2d-781a88573d10] read sensei stats
Mar 5 21:43:00 configd.py: [bf2bdcc2-2775-40c7-98c9-512ff7032409] check sensei engine health
Mar 5 21:42:59 configd.py: [ef64a92c-1456-4c26-92fd-72d259adfb70] read sensei stats
Mar 5 21:42:59 configd.py: [bd987828-89f8-46c4-8104-1f78e2c395da] read sensei stats

I attached the elasticsearch log. This only happens after a reboot with sense .8 beta 1 installed.

Here is the error I get when I start elasticsearch from the shell

Code Select
root@OPNsense:~ # service elasticsearch start
Starting elasticsearch.
Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME
/usr/local/etc/rc.d/elasticsearch: WARNING: failed to start elasticsearch



Looks like the java env variable isn't being saved in the elasticsearch file or getting overwritten on a startup.

I ran this part of the sensei-init.sh script manually and elasticsearch started with no error now.

Code Select
echo -n "Setting up elasticsearch..."
mkdir -p /usr/local/lib/elasticsearch/plugins
chmod -R 755 /usr/local/lib/elasticsearch/plugins
sysrc elasticsearch_login_class="root" >/dev/null 2>&1
sed -i '' -E '/auto_create_index/d' /usr/local/etc/elasticsearch/elasticsearch.yml
echo "action.auto_create_index: false" >> /usr/local/etc/elasticsearch/elasticsearch.yml
/usr/bin/sed -i '' 's/opt\/eastpect\/run\/elasticsearch/var\/run\/elasticsearch/g' /usr/local/etc/rc.d/elasticsearch
/usr/bin/sed -i '' 's/Xms512m/Xms2g/g' /usr/local/etc/elasticsearch/jvm.options
/usr/bin/sed -i '' 's/Xmx512m/Xmx2g/g' /usr/local/etc/elasticsearch/jvm.options
echo 'elasticsearch_enable="YES"' > /etc/rc.conf.d/elasticsearch
echo 'elasticsearch_env="JAVA_HOME=/usr/local/openjdk8"' >> /etc/rc.conf.d/elasticsearch
echo "done"

I'm fairly certain it's the second to last line that's fixing elasticsearch. Just why that isn't surviving past a reboot is beyond my skill set with this.
March 06, 2019, 02:09:11 PM #202
donatom, thanks for the detailed report.

You are right, it's:

echo 'elasticsearch_env="JAVA_HOME=/usr/local/openjdk8"' >> /etc/rc.conf.d/elasticsearch

that's fixing it. JAVA_HOME variable should be set to openjdk8 directory.

We're having a look at it why it is not persisting.
March 06, 2019, 03:57:19 PM #203
Mb,

Beyond the elasticsearch issue everything else is working so far. IPv6 is definitely working and blocking categories.
With .7 my ram usage would hover around 4.8gb. With .8 it started around 4.8 but when I went in this morning dropped down to 2.7gb. The only time ram dropped on .7 was when elasticsearch had crashed.

I don't know if it's from enabling ipv6 again on my lan or something with .8 but web pages are loading quicker by a noticeable margin as well. I did also turn on cloud threat intel so it could be that too.
March 07, 2019, 02:28:48 AM #204
Hi donatom3,

Many thanks for the detailed feedback. Very good to see 0.8 with IPv6 is running good.

We've fixed a bug with regard to the Elasticsearch rc script. Our configuration manager was overriding it under a condition. Now elasticsearch starts on boot with no problem.

Wait for 0.8.0.beta2 update. It should be arriving momentarily.

March 09, 2019, 02:27:36 AM #205

Good day to all  :),

Recently I'm trying out the sensei package at OPNsense and I thought it was very good, it left me surprised. My questions are:

I would like to know if the primium subscription option is available?

How can I apply filtering for certain IPs?

Thanks
March 09, 2019, 02:46:22 AM #206
Hi cfsl1994,

Many thanks for sharing your feedback. Great to see that Sensei is up to your expectations.

Yep, premium subscription will be available and will come with source IP/network based filtering. You'll be able to create custom policies and apply them to different user groups.

We expect to have Sensei 1.0 in early April and will start offering Premium subscription beginning early May.

Beginning with 1.0 version, Sensei will be directly instalable from OPNsense plugin manager.

March 09, 2019, 10:10:53 AM #207
Quote from: mb on March 09, 2019, 02:46:22 AM
Hi cfsl1994,

Many thanks for sharing your feedback. Great to see that Sensei is up to your expectations.

Yep, premium subscription will be available and will come with source IP/network based filtering. You'll be able to create custom policies and apply them to different user groups.

We expect to have Sensei 1.0 in early April and will start offering Premium subscription beginning early May.

Beginning with 1.0 version, Sensei will be directly instalable from OPNsense plugin manager.

I would wish to incorporate a function that may have fewer features, but also works on low end cpu's better or at all works.
Because in order to really use sensei you need a cpu that consumes a lot of electricity and therefore generates a lot of costs for the private user.
I would be very happy about such a feature and certainly others as well.

Thanks for the great product! Regards rené
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
March 09, 2019, 02:22:25 PM #208
Hi rené,

Many thanks for sharing your suggestion.

I'd like to happily tell that we have two ongoing projects which involve:

1. To make Sensei run on very low end devices, which have weak CPU and memory under 1GB. 
2. To make Sensei run on very large deployments e.g. sites with thousands of users.

For the former, the hurdle is the backend database. Although it's very efficient for medium to large settings, Elasticsearch is heavy for small deployments. It simply does not successfully run under 4GB memory. We're currently evaluating and testing several other databases which will do the job for small settings.

Expect to hear more on this late fall this year.

With regard to the latter, also this year, we'll announce a solution which will be able to handle many thousand concurrent users.
March 09, 2019, 04:03:52 PM #209
Quote from: mb on March 09, 2019, 02:22:25 PM
Hi rené,

Many thanks for sharing your suggestion.

I'd like to happily tell that we have two ongoing projects which involve:

1. To make Sensei run on very low end devices, which have weak CPU and memory under 1GB. 
2. To make Sensei run on very large deployments e.g. sites with thousands of users.

For the former, the hurdle is the backend database. Although it's very efficient for medium to large settings, Elasticsearch is heavy for small deployments. It simply does not successfully run under 4GB memory. We're currently evaluating and testing several other databases which will do the job for small settings.

Expect to hear more on this late fall this year.

With regard to the latter, also this year, we'll announce a solution which will be able to handle many thousand concurrent users.

if you really want to do that and really do it, some users would be very grateful to you. Me too of course! ;-)

How can I or how can others keep an eye on the development of this feature?
Is there a kind of roadmap or something similar?

Greetings René
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
Print
Go Up Pages 1 ... 12 13 14 15 16 ... 79
User actions