Sensei on OPNsense - Application based filtering

Started by mb, August 25, 2018, 03:38:14 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 67 68 69 70 71 ... 79
User actions
August 07, 2020, 09:45:12 PM #1020
You're welcome. Here's a quick hack to bypass the check:

Open /usr/local/opnsense/mvc/app/controllers/OPNsense/Sensei/Api/ToolsController.php with your favorite editor and comment below lines:

Code Select
if ((substr($interface, 0, 5) == 'vtnet') && (floatval($netmapVersion) < 13 or floatval($opnsenseInfo['product_version']) >= 20.7)) {
            $filterflag = true;
}

August 08, 2020, 08:26:30 AM #1021
Thanks! This allowed me to configure sensei. I see the packetengine is detecting traffic. However I seem to be having the same issue I had when I first upgraded to latest opnsense, the reports no longer work and dont see any live sessions.
August 10, 2020, 08:49:35 PM #1022
Hi @actionhenkt, that's good to hear, thanks for the update. For the reporting, send a PR and team will have a look.
August 11, 2020, 01:11:44 PM #1023
Even if I uninstall sensei via the uninstall button and then upgrade to 20.7 the system keeps crashing as if there is still something sensei related remaining.

Any hints?
August 11, 2020, 06:37:31 PM #1024
Hi @nines, if you've uninstalled Sensei, it's very unlikely that it'll interfere with the system.

Having said that, you can also issue the following commands:

pkg remove os-sensei
pkg remove elasticsearch5|mongodb40 (choose your database here)
pkg remove os-sunnyvalley
pkg autoremove -y
rm -rf /usr/local/sensei


Are there any errors reported? If you have any error reports or screenshots, feel free to send a PR and we'll have a look.
August 11, 2020, 08:00:50 PM #1025 Last Edit: August 12, 2020, 08:06:01 AM by nines
//EDIT: my issues seems not to have something to do with sensei but with the problem described here:
https://forum.opnsense.org/index.php?topic=18552.msg84503#msg84503

@mb: are you able to help anyway by having a look into the dmesg log?

did that, no errors, seems like the gui installs button is doing the same.
would love to share a crash log but the whole vm crashes instantly after finished booting which makes it difficult (with just a vmware console) to copy logs etc.

strange at least ...

Code Select
root@OPNsense:/home/shelladmin # pkg remove os-sensei
No packages matched for pattern 'os-sensei'

Checking integrity... done (0 conflicting)
1 packages requested for removal: 0 locked, 1 missing
root@OPNsense:/home/shelladmin # pkg remove mongodb40
No packages matched for pattern 'mongodb40'

Checking integrity... done (0 conflicting)
1 packages requested for removal: 0 locked, 1 missing
root@OPNsense:/home/shelladmin # pkg remove os-sunnyvalley
No packages matched for pattern 'os-sunnyvalley'

Checking integrity... done (0 conflicting)
1 packages requested for removal: 0 locked, 1 missing
root@OPNsense:/home/shelladmin # pkg autoremove -y
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 1 packages:

Installed packages to be REMOVED:
        ubench-0.32

Number of packages to be removed: 1
[1/1] Deinstalling ubench-0.32...
[1/1] Deleting files for ubench-0.32: 100%
root@OPNsense:/home/shelladmin # rm -rf /usr/local/sensei
August 12, 2020, 06:31:16 PM #1026
Hi @nines, disable Suricata IPS mode, and you should be fine.

We're working with netmap maintainers to fix the problem. Crash is resolved for now, but it'll take a bit more to get it fully functional (vmware vmx + netmap).
August 13, 2020, 07:07:36 AM #1027
anyone running 20.7 and sensei with chelsio 10gig (cxgbe) nics? good? bad?
thanks,
R.


August 14, 2020, 08:14:42 PM #1028
Hi @robvanhooren,

We don't have any feedback on cxgbe+netmap duo. If you have a test system and give it a try, it'd be much appreciated:

https://docs.google.com/spreadsheets/d/1RVj8K3XOzWi-Bkjq6hUxWudu7Cxd8FFTqjLiBMzZWEM/edit#gid=0


August 15, 2020, 06:41:25 PM #1029
hi all,

after a fresh install under Sensi-> Reports -> Bloks section is absolutely empty. After 2 weeks is still not populated considering the app control is enabled and under security, everything is checked.
any ideas?
DEC750 Deciso
August 15, 2020, 08:22:27 PM #1030
I'm getting an issue with Sensei telling me to disable Suricata when enabling Bridge mode. The thing is, it isn't enabled. All Hardware interfaces are off as well. Bit of a strange thing this is.

Thanks ::)
August 15, 2020, 08:26:34 PM #1031 Last Edit: August 15, 2020, 08:31:06 PM by mb
Hi @nikkon, can you do a re-install and see if this helps? I guess a post-install check did not get through for you.

Below command will do the trick:

pkg install -f -y os-sensei

If not, send a PR and team will have a closer look.
August 15, 2020, 08:30:32 PM #1032
Hi @myzar495, Sensei will complain if you configured Suricata on one of its interfaces (even if Suricata is not running yet).

Reason is, later on users might start Suricata with the saved configuration forgetting that Sensei is running on the same interface.
August 15, 2020, 08:33:09 PM #1033
Quote from: mb on August 15, 2020, 08:30:32 PM
Hi @myzar495, Sensei will complain if you configured Suricata on one of its interfaces (even if Suricata is not running yet).

Reason is, later on users might start Suricata with the saved configuration forgetting that Sensei is running on the same interface.

I don't remember ever even using it on this particular OPNSense setup. It's off now. I can't really uncheck WAN as it doesn't let me save without an interface assigned.

Is there a workaround? Can I assign it to another interface? Can I remove the config file?
August 15, 2020, 09:12:22 PM #1034
Thanks for the tip! Reinstall worked just fine
DEC750 Deciso
Print
Go Up Pages 1 ... 67 68 69 70 71 ... 79
User actions