sysadmin at grouchysysadmin.com
Sat Jan 12 17:06:24 UTC 2019
On 1/11/19 1:21 PM, James B. Byrne via freebsd-questions wrote:
> The weekend I am experimenting with an OPNsense firewall/router at one
> of our sites. I have been having mixed success with testing so far
> and decided to take the whole network down while the user traffic is
> negligible. Since it is only a matter of a few plugs if things go
> terribly wrong then I will just cut the test machine out and restore
> the normal cabling configuration.
> However, I have a few reservations about the OPNsense appliance even
> before I test it. Specifically the apparent lack of any way to
> black-hole repetitive logon attempts to various exposed services.
> Does anyone here employ OPNsense as their corporate firewall? What
> are the best and worst features of the product? Are there ways to
> configure OPNsense to block repetitive initiations of new connections?
I used it for around six months and it worked fine. The firewall rules
should allow you to block by IP, or write a custom rule for Suricata
with the built in IPS.
More information about the freebsd-questions