OPNsense Forum
English Forums => 23.7 Legacy Series => Topic started by: biohax on November 08, 2023, 12:18:44 am
-
Hello Forum!
I am having issues accessing the administration page of my fresh OPNSense install. I just came from a PFSense install and imported a backup file I created from a Lab opnsense.
Every time I access the administation settings menu I get the following
Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/system_advanced_admin.php:69 Stack trace: #0 {main} thrown in /usr/local/www/system_advanced_admin.php on line 69
Output from the reporter
System:
User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 OPR/102.0.0.0
FreeBSD 13.2-RELEASE-p3 stable/23.7-n254818-f155405f505 SMP amd64
OPNsense 23.7.7_3 f464e1901
Plugins os-dmidecode-1.1_1 os-mdns-repeater-1.1_1 os-ntopng-1.2_2 os-redis-1.1_2 os-wireguard-go-1.13_7
Time Tue, 07 Nov 2023 16:13:01 -0700
OpenSSL 1.1.1w 11 Sep 2023
Python 3.9.18
PHP 8.2.11
PHP Error:
[07-Nov-2023 15:56:14 America/Denver] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/system_advanced_admin.php:69
Stack trace:
#0 {main}
thrown in /usr/local/www/system_advanced_admin.php on line 69
[07-Nov-2023 15:58:34 America/Denver] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/system_advanced_admin.php:69
Stack trace:
#0 {main}
thrown in /usr/local/www/system_advanced_admin.php on line 69
[07-Nov-2023 16:05:46 America/Denver] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/system_advanced_admin.php:69
Stack trace:
#0 {main}
thrown in /usr/local/www/system_advanced_admin.php on line 69
dmsg
Copyright (c) 1992-2021 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 13.2-RELEASE-p3 stable/23.7-n254818-f155405f505 SMP amd64
FreeBSD clang version 14.0.5 (https://github.com/llvm/llvm-project.git llvmorg-14.0.5-0-gc12386ae247c)
VT(vga): resolution 640x480
CPU: Intel(R) Xeon(R) CPU E3-1270 V2 @ 3.50GHz (3500.17-MHz K8-class CPU)
Origin="GenuineIntel" Id=0x306a9 Family=0x6 Model=0x3a Stepping=9
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Features2=0x7dbae3ff<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,TSCDLT,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
AMD Features2=0x1<LAHF>
Structured Extended Features=0x281<FSGSBASE,SMEP,ERMS>
Structured Extended Features3=0x9c000400<MD_CLEAR,IBPB,STIBP,L1DFL,SSBD>
XSAVE Features=0x1<XSAVEOPT>
VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
TSC: P-state invariant, performance statistics
real memory = 17179869184 (16384 MB)
avail memory = 16590565376 (15821 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table: <SUPERM SMCI--MB>
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s) x 2 hardware threads
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
random: unblocking device.
ioapic0 <Version 2.0> irqs 0-23
Launching APs: 1 2 4 5 3 7 6
random: entropy device external interface
wlan: mac acl policy registered
kbd1 at kbdmux0
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0.
vtvga0: <VT VGA driver>
smbios0: <System Management BIOS> at iomem 0xf04c0-0xf04de
smbios0: Version: 2.7, BCD Revision: 2.7
aesni0: No AES or SHA support.
acpi0: <SUPERM SMCI--MB>
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Event timer "HPET" frequency 14318180 Hz quality 550
atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0
atrtc0: Warning: Couldn't map I/O.
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
attimer0: <AT timer> port 0x40-0x43,0x50-0x53 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
apei0: <ACPI Platform Error Interface> on acpi0
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> irq 16 at device 1.0 on pci0
pci1: <ACPI PCI bus> on pcib1
ix0: <Intel(R) X520 82599ES (SFI/SFP+)> port 0xe020-0xe03f mem 0xde080000-0xde0fffff,0xde504000-0xde507fff irq 16 at device 0.0 on pci1
ix0: Using 2048 TX descriptors and 2048 RX descriptors
ix0: Using 4 RX queues 4 TX queues
ix0: Using MSI-X interrupts with 5 vectors
ix0: allocated for 4 queues
ix0: allocated for 4 rx queues
ix0: Ethernet address: a0:36:9f:a0:3a:d8
ix0: PCI Express Bus: Speed 5.0GT/s Width x8
ix0: Option ROM V1-b1018-p0 eTrack 0x800006d1 PHY FW V65535
ix0: netmap queues/slots: TX 4/2048, RX 4/2048
ix1: <Intel(R) X520 82599ES (SFI/SFP+)> port 0xe000-0xe01f mem 0xde000000-0xde07ffff,0xde500000-0xde503fff irq 17 at device 0.1 on pci1
ix1: Using 2048 TX descriptors and 2048 RX descriptors
ix1: Using 4 RX queues 4 TX queues
ix1: Using MSI-X interrupts with 5 vectors
ix1: allocated for 4 queues
ix1: allocated for 4 rx queues
ix1: Ethernet address: a0:36:9f:a0:3a:d9
ix1: PCI Express Bus: Speed 5.0GT/s Width x8
ix1: Option ROM V1-b1018-p0 eTrack 0x800006d1 PHY FW V65535
ix1: netmap queues/slots: TX 4/2048, RX 4/2048
pci0: <simple comms> at device 22.0 (no driver attached)
pci0: <simple comms> at device 22.1 (no driver attached)
ehci0: <Intel Cougar Point USB 2.0 controller> mem 0xdfe04000-0xdfe043ff irq 16 at device 26.0 on pci0
usbus0: EHCI version 1.0
usbus0 on ehci0
usbus0: 480Mbps High Speed USB v2.0
pcib2: <ACPI PCI-PCI bridge> irq 16 at device 28.0 on pci0
pci2: <ACPI PCI bus> on pcib2
pcib3: <ACPI PCI-PCI bridge> irq 16 at device 28.4 on pci0
pci3: <ACPI PCI bus> on pcib3
em0: <Intel(R) Gigabit CT 82574L> port 0xd000-0xd01f mem 0xdfc00000-0xdfc1ffff,0xdfc20000-0xdfc23fff irq 16 at device 0.0 on pci3
em0: EEPROM V2.1-2
em0: Using 1024 TX descriptors and 1024 RX descriptors
em0: Using 2 RX queues 2 TX queues
em0: Using MSI-X interrupts with 3 vectors
em0: Ethernet address: 00:25:90:d0:31:c2
em0: netmap queues/slots: TX 2/1024, RX 2/1024
pcib4: <ACPI PCI-PCI bridge> irq 17 at device 28.5 on pci0
pci4: <ACPI PCI bus> on pcib4
em1: <Intel(R) Gigabit CT 82574L> port 0xc000-0xc01f mem 0xdfb00000-0xdfb1ffff,0xdfb20000-0xdfb23fff irq 17 at device 0.0 on pci4
em1: EEPROM V2.1-2
em1: Using 1024 TX descriptors and 1024 RX descriptors
em1: Using 2 RX queues 2 TX queues
em1: Using MSI-X interrupts with 3 vectors
em1: Ethernet address: 00:25:90:d0:31:c3
em1: netmap queues/slots: TX 2/1024, RX 2/1024
pcib5: <ACPI PCI-PCI bridge> irq 18 at device 28.6 on pci0
pci5: <ACPI PCI bus> on pcib5
em2: <Intel(R) Gigabit CT 82574L> port 0xb000-0xb01f mem 0xdfa00000-0xdfa1ffff,0xdfa20000-0xdfa23fff irq 18 at device 0.0 on pci5
em2: EEPROM V2.1-2
em2: Using 1024 TX descriptors and 1024 RX descriptors
em2: Using 2 RX queues 2 TX queues
em2: Using MSI-X interrupts with 3 vectors
em2: Ethernet address: 00:25:90:d0:31:c4
em2: netmap queues/slots: TX 2/1024, RX 2/1024
pcib6: <ACPI PCI-PCI bridge> irq 19 at device 28.7 on pci0
pci6: <ACPI PCI bus> on pcib6
em3: <Intel(R) Gigabit CT 82574L> port 0xa000-0xa01f mem 0xdf900000-0xdf91ffff,0xdf920000-0xdf923fff irq 19 at device 0.0 on pci6
em3: EEPROM V2.1-2
em3: Using 1024 TX descriptors and 1024 RX descriptors
em3: Using 2 RX queues 2 TX queues
em3: Using MSI-X interrupts with 3 vectors
em3: Ethernet address: 00:25:90:d0:31:c5
em3: netmap queues/slots: TX 2/1024, RX 2/1024
ehci1: <Intel Cougar Point USB 2.0 controller> mem 0xdfe03000-0xdfe033ff irq 23 at device 29.0 on pci0
usbus1: EHCI version 1.0
usbus1 on ehci1
usbus1: 480Mbps High Speed USB v2.0
pcib7: <ACPI PCI-PCI bridge> at device 30.0 on pci0
pci7: <ACPI PCI bus> on pcib7
vgapci0: <VGA-compatible display> mem 0xdd000000-0xddffffff,0xdf800000-0xdf803fff,0xdf000000-0xdf7fffff irq 23 at device 3.0 on pci7
vgapci0: Boot video device
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
ahci0: <Intel Cougar Point AHCI SATA controller> port 0xf050-0xf057,0xf040-0xf043,0xf030-0xf037,0xf020-0xf023,0xf000-0xf01f mem 0xdfe02000-0xdfe027ff irq 19 at device 31.2 on pci0
ahci0: AHCI v1.30 with 6 6Gbps ports, Port Multiplier not supported
ahcich0: <AHCI channel> at channel 0 on ahci0
ahcich1: <AHCI channel> at channel 1 on ahci0
ahcich2: <AHCI channel> at channel 2 on ahci0
ahcich3: <AHCI channel> at channel 3 on ahci0
ahcich4: <AHCI channel> at channel 4 on ahci0
ahcich5: <AHCI channel> at channel 5 on ahci0
ahciem0: <AHCI enclosure management bridge> on ahci0
acpi_button0: <Power Button> on acpi0
acpi_tz0: <Thermal Zone> on acpi0
acpi_tz1: <Thermal Zone> on acpi0
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
uart2: <16550 or compatible> port 0x3e8-0x3ef irq 10 on acpi0
orm0: <ISA Option ROMs> at iomem 0xc0000-0xc7fff,0xc8000-0xc8fff pnpid ORM0000 on isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
est0: <Enhanced SpeedStep Frequency Control> on cpu0
Timecounter "TSC-low" frequency 1750012219 Hz quality 1000
Timecounters tick every 1.000 msec
ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Trying to mount root from zfs:zroot/ROOT/default []...
ugen0.1: <Intel EHCI root HUB> at usbus0
ugen1.1: <Intel EHCI root HUB> at usbus1
uhub0 on usbus0
uhub1 on usbus1
uhub1: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
uhub0: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
ses0 at ahciem0 bus 0 scbus6 target 0 lun 0
ses0: <AHCI SGPIO Enclosure 2.00 0001> SEMB S-E-S 2.00 device
ses0: SEMB SES Device
ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0: <SHGS31-1000GS-2 90000Q00> ACS-3 ATA SATA 3.x device
ada0: Serial Number FJACT00011130C468
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 953869MB (1953525168 512 byte sectors)
ses0: ada0 in 'Slot 00', SATA Slot: scbus0 target 0
ada1 at ahcich1 bus 0 scbus1 target 0 lun 0
ada1: <SHGS31-1000GS-2 90000Q00> ACS-3 ATA SATA 3.x device
ada1: Serial Number FNABT00061050BA4F
ada1: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada1: Command Queueing enabled
ada1: 953869MB (1953525168 512 byte sectors)
ses0: ada1 in 'Slot 01', SATA Slot: scbus1 target 0
ses0: pass2 in 'Slot 05', SATA Slot: scbus5 target 0
cd0 at ahcich5 bus 0 scbus5 target 0 lun 0
cd0: <TEAC DV-28S-Y 1.4A> Removable CD-ROM SCSI device
cd0: Serial Number 12092121144437
cd0: 150.000MB/s transfers (SATA 1.x, UDMA5, ATAPI 12bytes, PIO 8192bytes)
cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
Root mount waiting for: usbus0 usbus1
ugen1.2: <vendor 0x8087 product 0x0024> at usbus1
uhub2 on uhub1
uhub2: <vendor 0x8087 product 0x0024, class 9/0, rev 2.00/0.00, addr 2> on usbus1
ugen0.2: <vendor 0x8087 product 0x0024> at usbus0
uhub3 on uhub0
uhub3: <vendor 0x8087 product 0x0024, class 9/0, rev 2.00/0.00, addr 2> on usbus0
Root mount waiting for: usbus0 usbus1
uhub3: 6 ports with 6 removable, self powered
uhub2: 6 ports with 6 removable, self powered
ugen0.3: <Winbond Electronics Corp Hermon USB hidmouse Device> at usbus0
ukbd0 on uhub3
ukbd0: <Winbond Electronics Corp Hermon USB hidmouse Device, class 0/0, rev 1.10/0.01, addr 3> on usbus0
kbd2 at ukbd0
ugen1.3: <Generic Mass Storage> at usbus1
umass0 on uhub2
umass0: <Generic Mass Storage, class 0/0, rev 2.00/1.12, addr 3> on usbus1
umass0: SCSI over Bulk-Only; quirks = 0x4101
umass0:7:0: Attached to scbus7
da0 at umass-sim0 bus 0 scbus7 target 0 lun 0
da0: <Generic Flash Disk 8.07> Removable Direct Access SPC-2 SCSI device
da0: Serial Number F03687D1
da0: 40.000MB/s transfers
da0: 7800MB (15974400 512 byte sectors)
da0: quirks=0x2<NO_6_BYTE>
ugen1.4: <Logitech USB Receiver> at usbus1
ukbd1 on uhub2
ukbd1: <Logitech USB Receiver, class 0/0, rev 2.00/12.09, addr 4> on usbus1
kbd3 at ukbd1
-
I'm having the same exact error... :(
I also used a converted pfsense backup.
-
File a bug on Github, this error occurs because the ssh port cannot be parsed in the configuration. You should also provide your /conf/config.xml, specifically the <ssh> section.
This and other problems reported lately stem from the fact that now everybody tries to get away from pfSense because of the licensing problems and expects to be able to migrate their previous configurations to OpnSense despite the two products but having the same root now differ considerably. I am not sure if it was wise to "automagically" convert these configurations.
-
https://github.com/opnsense/core/blob/23.7.7/src/www/system_advanced_admin.php#L69
A bit strange... can you dump the following for us?
# pluginctl -g system.ssh
Cheers,
Franco
-
This and other problems reported lately stem from the fact that now everybody tries to get away from pfSense because of the licensing problems and expects to be able to migrate their previous configurations to OpnSense despite the two products but having the same root now differ considerably. I am not sure if it was wise to "automagically" convert these configurations.
I did a little research beforehand and I realized that importing a backup directly from PFSense wasn't going to happen so I took the extra step and setup a virtual OPNsense on VMware and imported settings one by one, checking each as I went. From there I exported the clean OPNSense backup. This page worked fine over there.
-
https://github.com/opnsense/core/blob/23.7.7/src/www/system_advanced_admin.php#L69
A bit strange... can you dump the following for us?
# pluginctl -g system.ssh
Cheers,
Franco
Thanks Franco,
Sorry for the N00b question. But how can I accomplish this with no SSH access?? Will I have to console in and save this to a USB drive somehow?
-
Question for you, did you use this conversion tool? https://github.com/mwood77/pf2opn
Just trying to determine if our use cases were due to the same tool.
-
Question for you, did you use this conversion tool? https://github.com/mwood77/pf2opn
Just trying to determine if our use cases were due to the same tool.
I did see the tool but I did not use it. I just used the PFsense export and imported only the sections I needed, Firewall rules, DHCP settings, interfaces, and OPENVPN settings. Those took me the longest to configure so I wanted to save my time in manually entering all that back into OPNSense.
-
Thanks for responding.
That is interesting. That means you and I have the same issue yet have different use cases that caused it. I used that tool and then imported it into a clean opnsense. So I wonder what the underlying connection is...
-
Question to all, I'm not against reinstalling fresh again as long as I can import interface, DHCP, and Firewall settings from the export without breaking it again.
Would this be the best path forward? Seems like the consensus is that my import from PFsense might have broken it.
-
Question to all, I'm not against reinstalling fresh again as long as I can import interface, DHCP, and Firewall settings from the export without breaking it again.
Would this be the best path forward? Seems like the consensus is that my import from PFsense might have broken it.
Well, importing configuration from incompatible FW solutions blindly sounds like a horrible idea, THB. Take your time to reconfigure things properly.
-
Well, this is hardly an issue in this particular case. Either dropping the whole SSH config or fixing the offending value should be easy enough.
For all things debug we prefer the console and we removed GUI tools that mimic "developer" access. It prevents the GUI from being exploited, because raw file access and arbitrary command execution would make that too easy.
Cheers,
Franco
-
Question to all, I'm not against reinstalling fresh again as long as I can import interface, DHCP, and Firewall settings from the export without breaking it again.
Would this be the best path forward? Seems like the consensus is that my import from PFsense might have broken it.
If you use vlans on the pfSense , note this - pfS IF name adaptation you have to do , before the IF import
https://forum.opnsense.org/index.php?topic=36683.msg179265#msg179265
My pfS to OPN journey (still WIP)
https://forum.opnsense.org/index.php?topic=36683.msg179176#msg179176
I haven't had any php exceptions, doing the steps described in the journey.
-
I'm just going to throw this out there as a possible fix (someone else pointed me in this direction).
Add the port in your backup of this section and then restore.
<ssh>
<port>2223</port>
</ssh>
YMMV
-
I have no port set in my ssh section , and have no issues.
That said, i didn't import any ssh stuff from pfSense
-
Ok I figured out that <ssh/> was being treated as a string so it needed a small fix... and then I found several PHP warnings on that page that should be addressed so here it is...
https://github.com/opnsense/core/commit/25620da2f86
Not part of 23.7.8 today. A bit too much for now but it works.
Cheers,
Franco
-
I'm just going to throw this out there as a possible fix (someone else pointed me in this direction).
Add the port in your backup of this section and then restore.
<ssh>
<port>2223</port>
</ssh>
YMMV
This did the trick!! I added the lines in the backup file freshly exported from OPNSense and reimported and BAM!
Thank you!
-
I'm just going to throw this out there as a possible fix (someone else pointed me in this direction).
Add the port in your backup of this section and then restore.
<ssh>
<port>2223</port>
</ssh>
YMMV