General Questions / OpenDNS not blocking sites
« on: January 01, 2018, 11:13:37 pm »
SO i have the pfsense setup to use opendns servers as DNS resolver and i do have a opendns account setup to block porn etc but it doesn't seem to be working. on the pfsense i get and than the on the clients all i get for dns is my pfsense ip addresss. everything local and on the internet is resolving just fine just no filtering.

right now i have a port forward rule but it is not working. if i try to go to my public ip address from the LAN it takes me to the pfsense and gives me an error that something funny might be going on. If i try to access my external ip via port 80 it keeps churning and doesn't go any where.

So is it possible to run the 80 redirecting to 443 on the LAN interface as i will never need to access pfsense from outside.

General Questions / bandwidthd and darkstat not working
« on: December 30, 2017, 01:43:18 pm »
i am trying to get some logs or stats from what hosts on my network are using how much bandwidth or what kind of traffic are the host generating net flow type of info.

I enabled the bandwidthd on the WAN interface and checked the LAN underneath and i see the bandwidthd service is enabled under services but nothing shows up in the charts. Do i need to setup a postures DB in order to get info or is that optional?

General Questions / New pfsense user have couple of questions
« on: December 23, 2017, 05:38:55 pm »
so i got the pfsense running on pretty decent hardware i7 with hyper threading at 3.4Ghz, 8 GB ram, 256GB ssd, one mini PCI Express Realtek NetExtreme Gigabit card with Broadcom chipset and one on board Gig nic. I am gonna get the intel nice after x mas.

I have enabled snort on the WAN port. Initially i had all the sources for rules enabled but than even facebook won't load so i went back to the first Snort VRT Rules.

Now sites load but they are not as fast as they were before. I ran couple of speed test using google and and i am getting about 4-500mbs down and 2-300mbps up. It should be close to 900down and 800up but i am thinking it could be the network cards. So i will hold my judgement till i get those.

My kids play Roblox and Minecraft etc and they had issues where their characters won't render till i cleared the block list in ips. It has not come back since but that kinda has me thinking what else is not working.

I also have OpenDNS account and i added it to dyndns but i am not getting blocked on the categories i am suppose to be blocked on. Not sure what the issue there is.

So far i have noticed that Logging leaves lots to be desired snort blocks the traffic but it won't tell me why?

firewall blocks rules which i am only guessing is because of the BOGON but it won't tell me which rule number in the firewall blocked the access.

Any one know if there is a splunk plugin for pfsense so it can make sense of logs? the raw logs are very hard to read and if you forward logs from pfsense it does not keep the pretty format unless i am missing something.

So first thing I am not a noob :) I have been in IT / Security for around 18 years + (which does not mean much but trust me I know what I am doing :)

So I want a decent firewall for home. I was using SonicWALL before but have upgraded to a Gig Internet and the old TZ could not keep up with the speed so I was looking at all the usual Palo Alto, Check point, Cisco 5525 etc. but the price for a gig speed jumps up pretty high so this brings me to PFSENSE.

I have this thing sitting on my desk that I planned to use as a HTPC but I am thinking about using it for this build instead. it is i7, 16gb ddr 4 ram, 256gb ssd (I got this as a giveaway from a vendor event so no need to worry about the cost of the thing). The only issue is it only has 1 Network port I can add a usb based network port but I am not sure how stable it is going to be and what kind of performance i am going to get? It has multiple USB 3.0 and 1 USB C 3.1.

So does it look like this will work?

