Privacy

41917 readers

1181 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Where Are All My Firewall People? (lemmy.world)

submitted 3 days ago by irmadlad@lemmy.world to c/privacy@lemmy.ml

61 comments fedilink hide all child comments

What do you run; Opnsense, pfsense, Smoothwall, maybe a WAF like wazuh?

Today was update/audit firewall day. I'm running a standalone instance of pFsense on a Protectli Vault FW4B - 4 Port - Intel Quad Core - 8GB RAM - 120GB mSATA SSD with unbound, pfBlockerNG, Suricata, ntopng, and heavily filtered. I did bump the swap to 8 GB as I've previously noticed a few 'out of swap' errors under load.

Before I signed off, I ran it through a couple porn sites to see if my adblocking strategy was working. Not one intrusive ad. Sweet!

Show me what you got.

(page 2) 11 comments

sorted by: hot top controversial new old

[–] kalpol@lemmy.ca 3 points 3 days ago* (last edited 3 days ago) (2 children)

Pfsense with pfblocker in a VM. Works wonders. Pipe fail2ban to pfblocker for extra goodness.

[–] irmadlad@lemmy.world 3 points 3 days ago (1 children)

Pipe fail2ban to pfblocker for extra goodness.

The thought has crossed my mind on several occasions. If you don't mind me asking and take up your time, how do you integrate f2b with pFsense? I'm running f2b on several VPS I have, and it just downright works. So, my thought was, what would f2b do to enhance pFsense's capabilities, and how would you make that all homogenate?

[–] kalpol@lemmy.ca 2 points 2 days ago (1 children)

Been a while since I set it up but as I recall it's a 5-minute from job that runs a command that just dumps the pf block list fail2ban manages into a text file in my public_html directory. Then I just add a feed in pfblocker with the address of the text file and it loads from that feed.

[–] irmadlad@lemmy.world 1 points 2 days ago

I'll see if I can dig up some info. I started searching, then got busy. So I put the few I had time to find in a selfhosted Readeck instance. I use it for 'read it later' kind of bookmarks.

Thanks for the share.

[–] umbrella@lemmy.ml 2 points 2 days ago* (last edited 1 day ago) (1 children)

another advantage of running VMs is the flexibility of changing stuff whenever you decide to try something new. like shuffling new hardware around but you don't need to get up from the couch, or buy new hardware.

load more comments (1 replies)

[–] Nightlight17776@lemmy.ca 3 points 3 days ago

We're behind our firewalls of course 😋 I'm using a random no root android firewall but I'm probably just going to root it and use something good

load more comments