doctorzeromd

joined 1 year ago
[–] [email protected] 1 points 6 months ago

That's for logging into the web GUI IIRC, not for authorizing a connection from wg client to wg server.

[–] [email protected] 7 points 6 months ago (1 children)

Source? I remember a follow up to a post about that saying it was a misinterpretation of their T&Cs

[–] [email protected] 1 points 7 months ago (1 children)

I have a reverse proxy, but that won't do ALL traffic, right? Just http or https?

Like if I want to ssh into the different servers, it won't handle that, will it?

[–] [email protected] 3 points 7 months ago* (last edited 7 months ago) (4 children)

I have a reverse proxy, but that won't do ALL traffic, right? Just http or https?

Like if I want to ssh into the different servers, it won't handle that, will it?

 

cross-posted from: https://lemmy.world/post/14180956

Hello all you lovely people!

I'm trying to figure out if I can port forward to different servers based on the destination domain.

I have a domain with a wildcard cert and I'd like to be able to route all traffic headed towards "1.domain.com" to a server I'm calling "1". I'd still like traffic headed to domain.com to go to where it's currently going, we can call this server "0", and to be able to have a 2.domain.com or 3 or 4 in the future.

I thought that having a port forward rule with: interface: WAN Protocol: any source: any destination: a url alias including 1.domain.com redirect target ip: local ip

Would work, but it doesn't seem to. Any tips?

[–] [email protected] 2 points 7 months ago

Final Update: it's the hardware, I think it was overheating in general, but also the SSD seems to have been dying and the ram wasn't particularly reliable, possibly due to the heat.

Good lesson not to buy the cheapest thing from AliExpress! My new box is working great.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

UPDATE: It crashed again today, and I was able to pull some logs and check the temperature at the time of the crash. (91 degrees which dropped to 71 degrees right before crashing?

From system log

<13>1 2024-03-13T18:30:44-04:00 OPNsense.my.home opnsense 44846 - [meta sequenceId="1192"] /usr/local/etc/rc.newwanipv6: No IP change detected (current: IPV6ADDRESSREDACTED, interface: wan)
<13>1 2024-03-13T18:30:53-04:00 OPNsense.my.home opnsense 60522 - [meta sequenceId="1193"] /usr/local/etc/rc.newwanipv6: No IP change detected (current: IPV6ADDRESSREDACTED, interface: wan)
<45>1 2024-03-13T22:12:44-04:00 OPNsense.my.home syslog-ng 10182 - [meta sequenceId="1"] syslog-ng starting up; version='4.6.0'
<13>1 2024-03-13T22:12:45-04:00 OPNsense.my.home kernel - - [meta sequenceId="2"] ---<>---
<13>1 2024-03-13T22:12:45-04:00 OPNsense.my.home kernel - - [meta sequenceId="138"] WARNING: / was not properly dismounted

From dmesg

arp: 192.168.1.61 moved from someMAC to anotherMAC on igc1
arp: 192.168.1.61 moved from anotherMAC to someMAC on igc1
WARNING: / was not properly dismounted
WARNING: /: mount pending error: blocks 40 files 4

I mean, I'm not saying that errors on the drive are the CAUSE of the problem, more likely a symptom, but it does look like it just straight up crashed, right?

[–] [email protected] 1 points 8 months ago

Dmesg doesn't go back very far, does it? I only see the current boot and the one before that, which was a normal shutdown.

I believe I was able to see the last logs before the system turned off last time, and the last messages were syncing discs and all buffers synced, which I would have expected to be part of a normal shutdown.

If it happens again I'll be sure to get the logs before the crash or shut down and save it to a file.

 

Hi all, I've got a cheap Celeron box running OPNSense and it's been pretty good so far, but I found twice that the device turned off at some point while I was at work, and I have been unable to figure out what's causing it.

The only change was that I enabled Monit to see if I could figure out what was causing crowdsec to stop sometimes but never ended up configuring anything. I've only been running it for a couple months though, so it's possible that that is not related.

I know that on a Mac (based on freebsd, right?) you can determine whether the shutdown reason was a hard shutdown, regular shutdown, or the power cable being unplugged. Is it possible to do that with OPNSense? I'd like to narrow it down to software or hardware ideally.

[–] [email protected] 1 points 8 months ago

Just wanted to update everyone that the wireless router does turn into a 5 port unmanaged switch when changed to AP mode, and that the topology of Modem -> AP's WAN (this is now a Lan port because it's a switch) -> devices is working great!

[–] [email protected] 1 points 8 months ago

Cool, that's exactly what my plan is currently. I will eventually run all the cables but I want to drop in this firewall and start learning it in the meantime.

I may even go the route of some managed switches and WANs that do support multiple SSIDs on different VLANs, but first I want to get comfortable with my new single network.

[–] [email protected] 1 points 8 months ago (1 children)

That is what I have been planning per my other comments.

[–] [email protected] 1 points 8 months ago (2 children)

Modem to WAN port of firewall, LAN port of firewall to wireless router in AP mode, other lan ports to other devices?

[–] [email protected] 1 points 8 months ago (3 children)

Could you please explain in more detail? The goal is to plug my firewall directly in, as I understand it.

view more: next ›