@andyrh ah sorry I thought that it ran the same is as the 2930m switches.

6000-WATT AC Power Supply for the Cisco Catalyst 6500 Series Chassis

Cisco Astec Aa23200 Power Supply 341-0077-04 Catalyst 6500 Series

@digiguy

pfSense Documentation

You could have a look in, if you find something you may interested or it is matching your needs or fitting the rest of
your network. If you find something configure it out following that docu.

@noplan said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.:

time based rules

4ef62a83-acbd-41c2-a9ca-b04a60e9379e-grafik.png

configure your time range and add
looks like something like that
63cd6497-a933-4056-b845-7c965b2ea1a3-grafik.png

save

lets go build a firewall rule

but 1st set up an alias for all your kids devices if you have em put not togehter in a VLAN

90e4be13-0378-4f14-837d-72bd779846d9-grafik.png

then
7672a23d-3b1e-4284-90bd-0959cea50e21-grafik.png

Action= Pass
Source = ALIAS of your devices
DESTINATION = the pfB Alias pfB created
f4d9a175-3d18-4237-9fb2-c14e3f38f53d-grafik.png

Fire and forget !

could be usefull but think about it carefull
6c4c2155-1a73-4208-baf8-e54f29276800-grafik.png

if needed or not

17de044f-4c94-4be7-97c6-837b34d70a9a-grafik.png

**BUT IMPORTANT TO CHECK **

666900a9-6ef1-49e8-8f18-36f24d0948f7-grafik.png

db4967b4-ad2a-4043-9e5f-d140c4a55c43-grafik.png

so that should do teh magic

have fun and keep us posted !

@patch ok

Firewall Micro Appliance, 6 Port i225 2.5GbE LAN Fanless Mini PC Celeron N5105, No Ram No SSD Gigabit Ethernet AES-NI VPN Router Openwrt Barebone

£ 212.34

Micro Appliance 4 Port i226 2.5G LAN Fanless Mini PC Celeron N6005,8GB 2666Mhz DDR4 128GB NVMe SSD Gigabit Ethernet AES-NI VPN

£ 350.14

@keyser

@keyser said in ntopng helping you troubleshoot:

so it’s not worth much when it comes to forensics.

Oh i absolutely agree. Im just trying to see how much i can do on a budget of nothing. :)
Considering NTOPNG is the community edition and there really isnt much in the way of usefulness that can really be gathered by the traffic identification i figured it was neat that the flows Suricata saw NTOP saw and reported it. That certainly wont be the case all the time.

From what i can tell, ntop is really good at figuring out current top talkers.
For more historical data im looking at NFSEN but i cant get that to run on Ubuntu 20.04. Documentation is very dated.

I use PVE. Everything is very stable and no problems.

@backspacemild Thank you.

@yasa Instead of a prepackaged FreeBSD, couldn't you download and install pfSense ISO on the VM? I planned on doing this (just waiting to buy a bare metal Lenovo) with OpenStack on VMware ESXI. If your project is for your home/lab, alternatively, you could try TNSR since it's based on Linux and the cloud version (AWS & Azure) starts at $0.127/hr.

@afcarvalho said in Help on rules:

If I check the reverse option I am doing what?

This is, at least on the english language side, called "Invert" meaning the switcher of NOT.

Check the box and it will say the IP is NOT the value of what you entered then do something.

If you're using a language translation and it is stating something that does not mean 'opposite' or 'invert' or 'not' then please let us know by opening a redmine :)

@stephenw10 I have just watched the video and its actually might help another issue with a raid card I have been having problems with as well so again extremely appreciated now

Ooops! 😉

@keyser said in IPS external logging:

but rather just have full monitoring and alerting of usage, issues and downtime.

I use a combination of Zabbix and Graylog for email notifications. You're right, pfelk was more for visualization as i had more than one pfsense out there and wanted a central dashboard. In the end, to be honest, its more cumbersome to get it all set up and sorted out.

There is a project out there that i use personally.
https://github.com/VictorRobellini/pfSense-Dashboard

I got a nice visualization in Grafana. My current dashboard

42b3c220-d41f-4b48-8d35-8977d05de613-image.png

@peterkrautle I suggest comparing the .xml config file backups from each to see if there’s a difference.

@danielayer said in DNS Whitelist Project:

DNS Whitelist project

Easy answer : you can't.
Making a list with allowed DNS hosts is impossible as it will take unimaginable resources to store this file (or even creating it).
And the moment you have it, it's already outdated, as thousands of new hosts have been created, and some have expired.
"whitelisting" the Internet is like managing a list with all the phone numbers on planet earth.

The way doing things is using lists with sites you don't want to access 😊
( I know, I knew you meant to do that )

The good news is : these lists already exist.
That's one of the reasons why the pfBlockerng-devel pfSense project has been created.

Btw : small detail :

3fb52aa8-ffba-4b1c-b3a4-87e5f4a3ec92-image.png

Go for "Null blocking (logging).
Like this :

ca458a55-7caa-40b1-a421-1508be5a35c2-image.png

The idea of showing a web page that informs the user he wanted to visit a site that is blocked doesn't work for 99,99 % of all cases.
The 0,001 % are the sites that are still http (not https). The number tells you : they don't exist anymore.