Search found 21 matches

by Mentalic
June 13th, 2019, 2:16 pm
Forum: IPFire in General
Topic: gaming access block
Replies: 6
Views: 206

Re: gaming access block

Perhaps the Game has coded in DNS servers addresses and your firewall DNS block rules are are stopping it. Try disabling your DNS blocks. Also from your drawing the ipfire Nic-1 DNS info seems odd, shows it pointing to itself 192.168.2.1, also has DNS set to auto? What does Ipfire's gui show for DNS...
by Mentalic
May 26th, 2019, 3:15 pm
Forum: IPFire in General
Topic: Configuring firewall rules for Cloudflare DNS
Replies: 4
Views: 281

Re: Configuring firewall rules for Cloudflare DNS

Cloudfare and the new IPS don't play well together at the moment, resulting in some sites getting blocked and rDNS fails. Another indicator is ping by name stops working to the blocked sites. Perhaps this issue is affecting your configuration. I set my rules to block all external DNS access from Gre...
by Mentalic
May 23rd, 2019, 8:36 pm
Forum: IPFire in General
Topic: Blocking External IPs manually
Replies: 9
Views: 212

Re: Blocking External IPs manually

Already tried the Rule method via GUI, and it did not work, so went with the iptables method. But, that's not working either. Just tested it and I can block an specific IP with a rule. Source: Standard Networks GREEN Destination Address: xxx.xxx.xxx.xxx I'm also blocking all DNS traffic to RED and ...
by Mentalic
May 23rd, 2019, 7:40 pm
Forum: IPFire in General
Topic: Blocking External IPs manually
Replies: 9
Views: 212

Re: Blocking External IPs manually

Could make a firewall rule to block a single ip easy enough.

Here's another way that allows for blocking url's via dns. If you go this route I've noticed that the IPS service needs to be stopped while setting this up.
https://github.com/sfeakes/ipfire-scripts
by Mentalic
May 23rd, 2019, 7:03 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2505

Re: Intrusion Prevention System - core 131

Thanks for the that explanation, makes sense. Agreed, 108MB (Talos) compared to 2.3MB (EM), big difference. Now I'll switch back to Talos :) One thing I noticed about the Talos rules are that while there large files they have very few actual sub-rules selected if you hit the "show" target. So you h...
by Mentalic
May 23rd, 2019, 2:46 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2505

Re: Intrusion Prevention System - core 131

Did anybody of you found a way to use both ET and Talos? With the previous Snort IPS, this was possible. I couldn't figure out how to do it with this new system. I'd load the ET rulesets, then when I tried to load the Snort Community rules (it's just one rule and should show up as a single checkbox...
by Mentalic
May 20th, 2019, 12:41 am
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2505

Re: Intrusion Prevention System - core 131

Switched dns to verisign and so far its not failing like cloudfare dns was. Cloudfare would begin to fail fairly quickly.
by Mentalic
May 19th, 2019, 11:09 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2505

Re: Intrusion Prevention System - core 131

I'm also using cloudfares dns. Sometimes the rDNS status looks good but ping by name fails, don't know how often that status page updates.. Also there's never anything logged in IPS.
by Mentalic
May 19th, 2019, 1:46 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2505

Re: Intrusion Prevention System - core 131

I'm having trouble connecting with some sites as well and noticed that some DNS query's are being blocked. Take a look at your rDNS status on tabs STATUS>NETWORK(External) . My rDNS was showing failed and takes a while to even load that status page. Another way to test is to try to ping your blocked...
by Mentalic
May 11th, 2019, 4:36 pm
Forum: IPFire in General
Topic: Fixed IP assignment under DHCP
Replies: 37
Views: 2012

Re: Fixed IP assignment under DHCP

Also ran across this issue in core 131. Found a method to work around the bug that is preventing addition of more than one fixed lease before finding this thread. Couple of extra steps but I only had a dozen to add. DHCP manual lease addition after first is entered by add/update. 1-Disable existing ...
by Mentalic
March 31st, 2019, 7:49 pm
Forum: Development
Topic: Core 130 test
Replies: 0
Views: 288

Core 130 test

Loaded the nightly build of 130 and managed to break IPS every time I restore a backup to the machine. Tried several rebuilds, off line or online loading but restoring backup from version 129 results in the IPS service no longer running. Tried a number of things, rebooting, stop/start IPS with no lu...
by Mentalic
March 20th, 2019, 2:52 pm
Forum: Development
Topic: IPFire 2.21 Core update 129 SpecterMeltdownChecker
Replies: 4
Views: 639

IPFire 2.21 Core update 129 SpecterMeltdownChecker

Loaded up the 129 build without issues. Saw on the blog that the spectre-meltdown-checker script is now available as an add-on, only I don't see it listed in packfire?
by Mentalic
February 2nd, 2019, 3:57 pm
Forum: IPFire in General
Topic: QoS to throttle traffic by interface?
Replies: 3
Views: 301

Re: QoS to throttle traffic by interface?

Not aware of a method to use the ipfire qos for what you describe. I too have my iot on blue network and a security cam system (wired). A quick and dirty method would be simply to limit your blue wifi device speeds which is easy to set on box's running ddwrt, possibly not easy on others.
by Mentalic
January 24th, 2019, 3:33 am
Forum: IPFire in General
Topic: Update CORE 127 Issue.
Replies: 9
Views: 1101

Re: Update CORE 127 Issue.

Tried a test version a couple of days ago. I had the GeoIP enabled but the gui kept locking up on me randomly it seemed. Maybe I'll try the latest build tomorrow if I get time.
by Mentalic
December 31st, 2018, 4:01 pm
Forum: Addons
Topic: Problems update Guardian 2.0.2
Replies: 28
Views: 2187

Re: Problems update Guardian 2.0.2

Looks like there are additional problems with Guardian/intrusion detection because I experienced a number of odd things last night while trying to tune my setup. -Intrusion detection filter check box's selections disappear by themselves yet I suspect there still active because memory load did not ch...