Search found 17 matches

by raffe
October 28th, 2019, 1:44 pm
Forum: IPFire in General
Topic: Looking for a new firewall software
Replies: 5
Views: 318

Re: Looking for a new firewall software

It may be that I don't understand, if so sorry :) But in the settings of both ipsec and openvpn you can setup local and remote subnets. See examples at https://wiki.ipfire.org/configuration/services/ipsec and https://wiki.ipfire.org/configuration/services/openvpn/config/glob_set Anyway, I suggest yo...
by raffe
August 28th, 2019, 9:22 am
Forum: IPFire in General
Topic: TCP and UDP OpenVPN at the same time
Replies: 6
Views: 4372

Re: TCP and UDP OpenVPN at the same time

Hi! Found out that some hotels seems to even stop port 443 via UDP, so I tried this. But I seem to do something wrong as I cant connect thru TCP. It stops at MANAGEMENT: >STATE:1566983916,TCP_CONNECT,,,,,, Step 1 to 6 no problem (but I use port 443) and I see the process running with ps aux | grep o...
by raffe
August 9th, 2019, 9:29 am
Forum: IPFire in General
Topic: Ipfblocklist (IP Blocklists for IPFire)
Replies: 16
Views: 2570

Re: Ipfblocklist (IP Blocklists for IPFire)

Hi! Is there some nifty way to uninstall ipdblocklist, similar to uninstall-idsupdate.sh etc?
by raffe
December 21st, 2018, 1:51 pm
Forum: IPFire in General
Topic: FTP NAT Port Forwarding on custom port fails
Replies: 1
Views: 341

Re: FTP NAT Port Forwarding on custom port fails

Maybe some new secure thingy in 125 or a bug? Anyway, to try to get around that. I am not an expert, but things you could try: A. Try to port forward both TCP and UDP to server 2 & 3 (start here as this is easiest to try ;) B. If that don't work, change Server2 internal ftp port from 21 to 2021 (and...
by raffe
November 9th, 2018, 10:13 am
Forum: IPFire in General
Topic: IPFire router doubling as NAS device. Safe bet?
Replies: 10
Views: 1895

Re: IPFire router doubling as NAS device. Safe bet?

It is about security, not reliability. I am against it because I don't want users to have access to the firewall. If it is open for user services (or host services like emailserver and webserver) it is also open for a number of different attacks. You should even disable SSH access and only enable it...
by raffe
November 8th, 2018, 9:22 am
Forum: IPFire in General
Topic: IDS Rule updater - with rule state persistance
Replies: 58
Views: 8892

Re: IDS Rule updater - with rule state persistance

Thanks for the answer! Have you spoken to one of the core developers about having your addons packaged as official IPFire addons? I agree with DNL, this is so good and important that it should really be included as an official addon! 8) Or are you waiting for this? https://forum.ipfire.org/viewtopic...
by raffe
November 8th, 2018, 9:16 am
Forum: IPFire in General
Topic: Ipfblocklist (IP Blocklists for IPFire)
Replies: 16
Views: 2570

Re: Ipfblocklist (IP Blocklists for IPFire)

Thanks for your very fast answers! :) Two more questions. 1. Do I have a problem with updates? Today it looks like this in my settings https://i.imgur.com/jMoCdKd.jpg " pkts ", " bytes " and "Last updated " are all empty and I thought that there would be some info there by now. 2. How do I see that ...
by raffe
November 8th, 2018, 8:11 am
Forum: IPFire in General
Topic: IPFire router doubling as NAS device. Safe bet?
Replies: 10
Views: 1895

Re: IPFire router doubling as NAS device. Safe bet?

Maybe instead find some hardware on which you install some free NAS software, some suggestions here: https://www.how2shout.com/tools/best-fr ... tware.html

And use IPfire to backup important files from that other NAS, like Deepcuts said.
by raffe
November 8th, 2018, 7:53 am
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 79
Views: 8044

Re: Ipfstatusmail (Status emails for IPFire)

I tried to re-install like this [root@ipfire ~]# wget https://github.com/timfprogs/ipfstatusmail/raw/master/install-statusmail.sh --2018-11-08 08:37:35-- https://github.com/timfprogs/ipfstatusmail/raw/master/install-statusmail.sh Resolving github.com... 140.82.118.4, 140.82.118.3 Connecting to githu...
by raffe
November 7th, 2018, 10:28 am
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 79
Views: 8044

Ipfstatusmail (Status emails for IPFire)

Hi! I tried to install https://github.com/timfprogs/ipfstatusmail but I cant' get it to work (well, I only tried to reinstall). If I in WUI go to IPFire - Status Emails I get: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. ...
by raffe
November 7th, 2018, 10:17 am
Forum: IPFire in General
Topic: Ipfblocklist (IP Blocklists for IPFire)
Replies: 16
Views: 2570

Ipfblocklist (IP Blocklists for IPFire)

Hi! I tried to install https://github.com/timfprogs/ipfblocklist and it seems to work. I think. I also have ipfidsupdate (see https://github.com/timfprogs/ipfidsupdate and https://forum.ipfire.org/viewtopic.php?f=27&t=20965 ) and one strange thing I have seen is that I have: IDS Update - Configurati...
by raffe
November 6th, 2018, 10:10 am
Forum: IPFire in General
Topic: IDS Rule updater - with rule state persistance
Replies: 58
Views: 8892

Re: IDS Rule updater - with rule state persistance

Hi! Thanks for an excellent script! I think I soon have tweaked the choices of rules and flowbits so I can start thinking about blocklists :) But before that, I have one question about the " Default policy " setting in https://ipfire:444/cgi-bin/idsupdate.cgi. I can choose Connectivity, Balanced, Se...
by raffe
October 2nd, 2018, 8:52 am
Forum: IPFire in General
Topic: IDS, Intrusion Detection System. What rule provider is best and what rules are best?
Replies: 7
Views: 2622

Re: IDS, Intrusion Detection System. What rule provider is best and what rules are best?

Thanks for an extremely good answer! ;D I am still digesting the content and planing how to proceed :D

I have added the answer to the Wiki: https://wiki.ipfire.org/configuration/services/ids (scroll down to 'What rule provider is best and what rules are best?')
by raffe
September 26th, 2018, 7:55 am
Forum: IPFire in General
Topic: IDS, Intrusion Detection System. What rule provider is best and what rules are best?
Replies: 7
Views: 2622

IDS, Intrusion Detection System. What rule provider is best and what rules are best?

Hi! I have two questions. What Snort Rules supplier is best for IPFire (and why)? Some examples of what I have read that make we wonder, and I don't feel I am capable of doing an educated choice because I know to little about these things. If I choose one or another, will the rules under "intrusion ...
by raffe
September 20th, 2018, 12:42 pm
Forum: IPFire in General
Topic: RED and GREEN on same NIC using VLAN?
Replies: 2
Views: 777

Re: RED and GREEN on same NIC using VLAN?

Thanks! You are right, if green0 = USB and red0 = "real" NIC and I only want to use the "real" NIC, maybe it should be something like this in /var/ipfire/ethernet/vlans GREEN_PARENT_DEV=red0 GREEN_VLAN_ID=222 GREEN_MAC_ADDRESS=54:a0:50:d6:3f:53 RED_PARENT_DEV=red0 RED_VLAN_ID=666 RED_MAC_ADDRESS=54:...