|
Size: 1483
Comment:
|
Size: 5076
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 8: | Line 8: |
| . [[ https://opnsense.org/ | OPNsense 21.x ]] (current version 25.7 Visionary Viper ]] FreeBSD 14.3 | . [[ https://opnsense.org/ | OPNsense 21.x ]] (current version [[ https://docs.opnsense.org/releases/CE_25.7.html| 25.7 Visionary Viper ]] FreeBSD 14.3 |
| Line 18: | Line 18: |
| .p007 [[ Intrusion detection system | Intrusion Detection System (IDS) ]] | .p007 [[ https://en.wikipedia.org/wiki/Intrusion_detection_system | Intrusion Detection System (IDS) ]] |
| Line 25: | Line 25: |
| .p010 [[ https://en.wikipedia.org/wiki/PF_(firewall) | pf ]] OpenBSD's PF Firewall (better than iptables) .p010 rule error There were error(s) loading the rules: /tmp/rules.debug .p010 [[ https://nlnetlabs.nl/projects/unbound/about/ | Unbound service ]] [[ https://www.digicert.com/blog/understanding-dns-forwarding | DNS forwarder ]] .p010 [[ https://www.howtogeek.com/866573/what-is-dynamic-dns-ddns-and-how-do-you-set-it-up/ | DDNS ]] .p011 [[ https://www.geeksforgeeks.org/ethical-hacking/intrusion-prevention-system-ips/ | Intrusion Prevention System ]] .p011 [[ https://en.wikipedia.org/wiki/Suricata_(software) | Suricata ]] .p011 [[ https://en.wikipedia.org/wiki/Proofpoint | Proofpoint ]] Support . better to block single site than entire internet .p011 [[ https://docs.opnsense.org/manual/proxy.html | Forward Caching Proxy ]] .p011 [[ https://en.wikipedia.org/wiki/Virtual_private_network | VPN ]][[ https://en.wikipedia.org/wiki/IPsec | IpSec ]] [[ https://en.wikipedia.org/wiki/OpenVPN | OpenVPN ]] . can [[ https://en.wikipedia.org/wiki/WireGuard | Wireguard ]] be used for VPN? .p011 [[ https://en.wikipedia.org/wiki/Captive_portal | Captive Portal ]] .p011 [[ https://en.wikipedia.org/wiki/NetFlow | Netflow ]] .p012 [[ https://en.wikipedia.org/wiki/IPsec | IPSec ]] .p012 CARP [[ https://en.wikipedia.org/wiki/Cache_Array_Routing_Protocol | Cache Array Routing Protocol ]] [[ https://en.wikipedia.org/wiki/Common_Address_Redundancy_Protocol | Common Address Redundancy Protocol ]] .p012 [[ https://en.wikipedia.org/wiki/Intrusion_detection_system | IDPS ]] .p012 [[ https://opnsense.org/about/features// | features ]] .p013 [[ https://en.wikipedia.org/wiki/ZeroTier | ZeroTier VPN ]] .p013 [[ https://en.wikipedia.org/wiki/OSI_model | OSI Layer 3 and 4 ]] .p013 [[ https://en.wikipedia.org/wiki/Proxy_server#Web_proxy_servers | web proxy ]] .p013 [[ https://en.wikipedia.org/wiki/Captive_portal | captive portal ]] .p013 [[ https://en.wikipedia.org/wiki/Certificate_authority | Certificate Authority ]] .p013 [[ https://en.wikipedia.org/wiki/Squid_(software) | Squid ]] .p013 [[ https://en.wikipedia.org/wiki/SD-WAN | SD-WAN ]] .p017 [[ https://en.wikipedia.org/wiki/Hypervisor | hypervisor ]][[ https://en.wikipedia.org/wiki/VirtualBox | VirtualBox ]] .p018 [[ https://www.bsdsrv.se/openssl-cryptography-and-ssl-tls-toolkit/ | OpenSSL TLS/SSL Toolkit ]] .p019 SD or CF memory cards, [[ https://www.snia.org/node/13837 | mSATA SSD wearout ]] .p019 [[ http://www.howto.stankey.com/BSD_hints/nano.html | OpenBSD nano ]] [[ https://forum.opnsense.org/index.php?topic=45035.0 | pkg install nano ]] .p019 [[ https://man.freebsd.org/cgi/man.cgi?query=netmap&sektion=4 | netmap ]] network framework .p019 [[ | VGA install ]] USB media .p019 [[ https://forums.freebsd.org/threads/installing-freebsd-over-serial-console.62005/ | Serial ]] USB Media installer .p019 [[ https://docs.opnsense.org/vendor/sunnyvalley/zenarmor.html | Sensei plugin ]] .p020 Intel em? interface [[ https://www.reddit.com/r/intel/comments/al6m6r/intel_i211_gigabit_unreliable_and_disconnecting/ | Intel I211-AT ethernet ]] on APU dropped packets at 1 Gbps, perhaps OK at 500 Mbps or below, Ziply currently 200 Mbps .p020 Min hardware: . 1 GHz dual core -- APU is 1GHz quad core . 2 GB ram -- APU is 4GB . [[http://www.howto.stankey.com/BSD_hints/nano.html | nano image installation? ]] .p020 [[ https://docs.opensense.org/manual/hardware.html#throughput | appropriate hardware ]] |
|
| Line 26: | Line 64: |
.p007 [[ | ]] |
OPNsense
Glossary:
- OPNsense Beginner to Professional
- Julio Cesar Bueno de Camargo 2022 Packt 437 pages
OPNsense 21.x (current version 25.7 Visionary Viper FreeBSD 14.3
Ubuntu and VirtualBox???
p004 m0n0wall founder Manuel Kasper
p005 Model View Controller MVC-based interface
p005 OpenSSL
p005 configd
p007 m0n0wall
- p007 Intrusion Prevention System (IPS)
p008 WebGUI
p008 SquidGuard
p008 Snort
p009 IEEE 802.1Q Dot1Q
p009 VLAN support
p010 pf OpenBSD's PF Firewall (better than iptables)
- p010 rule error There were error(s) loading the rules: /tmp/rules.debug
p010 DDNS
p011 Suricata
p011 Proofpoint Support
- better to block single site than entire internet
can Wireguard be used for VPN?
p011 Captive Portal
p011 Netflow
p012 IPSec
p012 CARP Cache Array Routing Protocol Common Address Redundancy Protocol
p012 IDPS
p012 features
p013 ZeroTier VPN
p013 OSI Layer 3 and 4
p013 web proxy
p013 captive portal
p013 Squid
p013 SD-WAN
p017 hypervisorVirtualBox
p019 SD or CF memory cards, mSATA SSD wearout
p019 netmap network framework
p019 VGA install USB media
p019 Serial USB Media installer
p019 Sensei plugin
p020 Intel em? interface Intel I211-AT ethernet on APU dropped packets at 1 Gbps, perhaps OK at 500 Mbps or below, Ziply currently 200 Mbps
- p020 Min hardware:
- 1 GHz dual core -- APU is 1GHz quad core
- 2 GB ram -- APU is 4GB
p020 appropriate hardware