KMJ 🇦🇹#Bird #BGP #Question Searching since days: UpstreamASN->MyASN-> #Wireguard Tunnel-> #Pfsense . Ipv4+IPv6 is announced to the upstream, Traffic comes in, IPv6 routes into the tunnel, all good. IPv4 route for prefix to tunnel is set. Ping works as long as bird 2.17.1 is startet. Tcpdump still shows traffic coming in from Upstream and through tunnel, But with bird package is lost and not routed out or into tunnel. Any idea is greatly welcome.
Schenkl | 🏳️🌈🦄Etwa eine halbe Stunde um aus einem GREP ein #Grafana #Dashboard zu bauen, dass das gleiche kann...
Das Log ist aus einer #pfSense
GREP:
zstdcat syslog-pfsense.log-2026* | grep :995 | awk '{ print $8; }' | awk -F ':' '{ print $1; }' | sort | uniq -c | sort -rn
#LogQL für #Loki:
sum by(from) (count_over_time({job="syslog", instance="pfsense"} |= `:995` | regexp `from (?P<from>[0-9.]+).+` [24h]))
Does somebody know if there is an uname bug in #pfsense 2.8.1 with #reply-to and IPv4 . I have 3 #wireguard interfaces wehre traffic comes in, but the packages are eturned via WAN Interface, default route. Outgoing policy routing to Gatway Group works. The IPv6 side works too
Martin Wüthrich 
time to puke in fountains!
migrating from #pfsense to #opnsense
I just want to dynamically assign an IP to a device, and then use the DNS Name to access the device. you might think this is an easy task? hahahaha, shut up, it's a pain in the arse.
the kea dhcp asks for an "TSIG Key Name", you would think the BIND plugin might show you one?
2026 and you are not able to use DHCP and DNS, what a disgrace :/
and no, I don't want to make a cource in hardcore networking, I just need a working DDNS infrastructure. but it seems everyone love to vcreate static reservations :D
migrating from #pfsense to #opnsense
I just want to dynamically assign an IP to a device, and then use the DNS Name to access the device. you might think this is an easy task? hahahaha, shut up, it's a pain in the arse.
the kea dhcp asks for an "TSIG Key Name", you would think the BIND plugin might show you one?
2026 and you are not able to use DHCP and DNS, what a disgrace :/
and no, I don't want to make a cource in hardcore networking, I just need a working DDNS infrastructure. but it seems everyone love to vcreate static reservations :D
Gabe Saltar#PfSense #BSD #Networking
Setup a Netgate 1100 PfSense appliance they said... Is going to be fun, they said... 14 hours later... ta! da! Habemus VLANS and VPN! 🤣
Setup a Netgate 1100 PfSense appliance they said... Is going to be fun, they said... 14 hours later... ta! da! Habemus VLANS and VPN! 🤣
Kirk ZurellHelp #pfsense #opnsense #network colleagues! My imagination is failing me.
I have two locations, each with its own special snowflake pfsense and WAN, also joined by a (meagre but reliable) link. These are the things I cannot change.
I have dreamed for years of allowing the locations to fail over between one another seamlessly: if one WAN goes down, limp-along traffic passes over the minimal link and out the other WAN.
Santiago 
Recientemente cambié el mecanismo por el cual el firewall bloquea IPs maliciosas, que me estaban medio que acalambrando todos los días. Ahora el sistema cada 1h, carga una lista de IPs bloqueadas por fail2ban que es publicada por el servidor principal. El cambio requirió que eliminara los bloqueos cumulativos anteriores, que eran de unas 1500 - 1800 IPs y dejar que ahora fail2ban las incorpore solo a la lista (independiente de las que pfSense ya bloquea y que baja de blocklists conocidas, que son otro tanto). Vamos 2 días de este sistema y en promedio el servidor está bloqueando unas 100 IPs por día, en forma lineal, hasta que se estabilice, calculo yo, cuando lleguemos a eso de 1000 IPs, porque supongo que algunas que las 1500 que estaban bloqueadas de antes, ya no eran maliciosas. Ahora todas las IP que bloqueaba fail2ban, eran bloqueadas por el servidor que está expuesto, ahora también están bloqueadas para toda la red de Undernet. Veremos como sigue...
Edit: Agregué bloquear todos los bot/scrappers IA Googlebot, SummalyBot, GPTBot, Amazonbot, ClaudeBot y la cosa aumentó dramáticamente...
Seguimos transmitiendo desde el bunker...
Jens@jhx using both #pfSense as well as #OPNsense
Multiple things to play around with actually :)
Stuff like new VPN with ZTNA like Netbird or Tailscale. Caddy or HAproxy as Reverse Proxies. VPN shenanigans, DNS & IP blocking, central LetsEncrypt point for internal stuff etc. etc. :) There are so many possibilities!
Multiple things to play around with actually :)
Stuff like new VPN with ZTNA like Netbird or Tailscale. Caddy or HAproxy as Reverse Proxies. VPN shenanigans, DNS & IP blocking, central LetsEncrypt point for internal stuff etc. etc. :) There are so many possibilities!
David NelsonAnd it’s actually out on the stable branch now. #pfSense #pfSensePlus #Netgate https://mastodon.social/@dmnelson/116330276181528928