Search found 482 matches

by bloater99
September 24th, 2019, 12:44 pm
Forum: IPFire in General
Topic: Can't find documentation on IPSec Dead Peer Detection
Replies: 3
Views: 940

Can't find documentation on IPSec Dead Peer Detection

Checking the wiki I can't find any definitions for the various settings under IPSec Dead Peer Detection. Under Action, Restart seems pretty obvious, but what do Clear and Hold do? What's the difference between Timeout and Delay? I assume Timeout is how long to wait before performing Action, but how ...
by bloater99
June 21st, 2019, 9:59 pm
Forum: IPFire in General
Topic: Pakfire not working. Cannot update core 120 to 121
Replies: 3
Views: 1178

Re: Pakfire not working. Cannot update core 120 to 121

Maybe the easiest would be to back up your settings, install core 132 from scratch, then import your settings? I recently reinstalled an ipfire from scratch and manually set it back up because I had done some command line tweaking and I wanted to start from a clean slate. It didn't take as long as I...
by bloater99
June 19th, 2019, 1:13 pm
Forum: IPFire in General
Topic: After upgrade to 132, firewall rule to force dns proxy blocks all internet traffic
Replies: 1
Views: 660

After upgrade to 132, firewall rule to force dns proxy blocks all internet traffic

I am using method 2 from IPFire's wiki: https://wiki.ipfire.org/configuration/firewall/dns#block_all_dns_traffic_except_through_ipfire_s_dns_proxy On Core update 131, it worked. After upgrading to core update 132, I lost all internet access until I disabled this rule. Did something change in 132 tha...
by bloater99
May 23rd, 2019, 9:38 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 54
Views: 10709

Re: Intrusion Prevention System - core 131

Did anybody of you found a way to use both ET and Talos? With the previous Snort IPS, this was possible. I couldn't figure out how to do it with this new system. I'd load the ET rulesets, then when I tried to load the Snort Community rules (it's just one rule and should show up as a single checkbox...
by bloater99
May 21st, 2019, 6:54 pm
Forum: IPFire in General
Topic: IPS: Who chooses the default enabled rules in a ruleset?
Replies: 6
Views: 1327

Re: IPS: Who chooses the default enabled rules in a ruleset?

I believe that the ruleset provider selects the rules that they consider safe and least likely to trigger false positives, but I'm not a dev here so I'm only guessing. I would hope that as ruleset are updated, that those get passed on to us during automatic updates. A related question: if we modify ...
by bloater99
May 21st, 2019, 6:41 pm
Forum: IPFire in General
Topic: Suricata vs Guardian: Loss of IP blocking
Replies: 6
Views: 1553

Re: Suricata vs Guardian: Loss of IP blocking

I noticed that too. It would be nice to regain the ability to blacklist IPs that trigger IPS rules.
by bloater99
May 1st, 2018, 12:58 pm
Forum: IPFire in General
Topic: OpenVPN error after updating to Core Update 120
Replies: 35
Views: 8331

Re: OpenVPN error after updating to Core Update 120

Interesting, I'll hold off upgrading my work ipfire until I see some resolution to this issue. Home ipfire was updated this morning, but I don't use vpn much at home, so this shouldn't be an issue. I did have to reboot my machine to get the web ui back though.
by bloater99
May 1st, 2018, 12:55 pm
Forum: IPFire in General
Topic: Core Update 120
Replies: 16
Views: 3956

Re: Core Update 120

Same here. After update installed I lost the web UI and could not get it back til I manually rebooted the firewall.
by bloater99
February 8th, 2018, 10:48 pm
Forum: IPFire in General
Topic: QOS issue
Replies: 4
Views: 1286

Re: QOS issue

Have you tried resetting it?

1) Stop QoS at the top of the page
2) To the right of Downlink/Uplink Speed, click the Modify button
3) Click the Reset button on the page that loads
by bloater99
January 8th, 2018, 8:47 pm
Forum: IPFire in General
Topic: Hand Super Tired Clicking Few Thousand Snort IDS Rules
Replies: 6
Views: 1971

Re: Hand Super Tired Clicking Few Thousand Snort IDS Rules

If I remember correctly, the IDS rules when updated default to certain rules in each ruleset being activated, and certain rules disabled. Here's the rub: each time you update the rulesets, they are RESET to these defaults. So it makes no sense to customize the rules within each set. Just click the r...
by bloater99
January 2nd, 2018, 4:09 pm
Forum: IPFire in General
Topic: [Solved]: Problem after 116 upgrde : can't reach GUI
Replies: 7
Views: 1793

Re: Problem after 116 upgrde : can't reach GUI

Is it a brand new install? Maybe faster to just reinstall from scratch?
by bloater99
December 29th, 2017, 2:23 pm
Forum: IPFire in General
Topic: Core Update 117 is available for testing.
Replies: 3
Views: 1145

Re: Core Update 117 is available for testing.

Sorry Roberto, I have no use for the Captive Portal in my two production installs, and I don't have any test installs. Hope someone can step up and help you!
by bloater99
December 12th, 2017, 4:39 pm
Forum: IPFire in General
Topic: Opinions on Quad9 DNS
Replies: 5
Views: 1650

Re: Opinions on Quad9 DNS

9.9.9.9 - I'm not sure this is actually "filtering". It does utilize a malware blacklist. But it does not redirect on non-existent domains, nor does it care about porn sites or any other type of site besides malware. I associate redirection with "filtering" and I view this as a separate behavior fro...
by bloater99
December 11th, 2017, 3:20 pm
Forum: IPFire in General
Topic: Opinions on Quad9 DNS
Replies: 5
Views: 1650

Opinions on Quad9 DNS

Interested in hearing opinions on the new Quad9 DNS server. Do you use it with IPFire? Do you trust them yet? (since they are new and haven't built up a reputation yet) If you do use it with IPFire, do you use something else as a secondary (since they do not have a secondary address of their own)? h...
by bloater99
November 27th, 2017, 11:00 pm
Forum: IPFire in General
Topic: DNS not returning names of DHCP clients sometimes
Replies: 2
Views: 1121

Re: DNS not returning names of DHCP clients sometimes

One thing I learned on here from one of the devs is that in IPFire a reserved IP MUST be outside of the DHCP pool. See this thread:
viewtopic.php?f=27&t=18329

Not sure if this applies to your situation, but I thought I'd offer it.