"Recent posts
#1
26.1 Series / NGINX proxy reverse for an IIS
Last post by bulmaro - Today at 11:23:01 PMCould someone please share the procedure for configuring NGINX as a reverse proxy for an IIS backend that uses Windows authentication (NTLM/Negotiate)? I've tried, but it keeps asking me for my username and password repeatedly.
#2
26.1 Series / ntopng plugin issue (26.1.2)
Last post by seelk - Today at 10:54:03 PMI'm currently stuck in an endless loop to change the password for ntopng after initially logging in with admin/admin. I have reinstalled the plugin, including redis, to no avail. I have restarted the plugins, disabled them, deleted cookies, followed instructions from https://www.ntop.org/guides/ntopng/faq.html#cannot-login-into-the-gui but no success. Is anyone experiencing the same thing? I'm running out of options.
#3
Hardware and Performance / Re: Warning about RealTek adap...
Last post by nero355 - Today at 10:42:12 PMQuote from: meyergru on Today at 08:00:04 PMWanna buy my adapters?NOPE.AVI ^_^
Already got too much stuff hanging around here unused... LOL!
#4
25.7, 25.10 Series / Re: NetFlow + SIP strange prob...
Last post by ou1 - Today at 10:38:34 PMActually, I may have just found the issue. For some reason, I had unchecked "Disable hardware checksum offload" some time ago. Turning it back on fixes the SIP issues with NetFlow disabled.
Update: that's definitely it, I feel kinda stupid now for playing with settings like that and not trusting Deciso's default recommended settings.
Update: that's definitely it, I feel kinda stupid now for playing with settings like that and not trusting Deciso's default recommended settings.
#5
25.7, 25.10 Series / Re: Detections and blocking of...
Last post by nero355 - Today at 10:38:22 PMQuote from: BigFreddy on Today at 09:03:52 PMI took a look at the link you provided but the guide is broken as the images are not available anymore.I am guessing you are in a country that blocked IMGur.com since the first post of the thread contains images hosted there and work just fine here ?!
QuoteSo, to use Pi-Hole, I need to make additional changes within OPNSense while with the first two solutions (Zenarmor and Suricata) I don't need to make much of adjustments when it comes to DNS within OPNSense ?If you need to ask me that question I would suggest to take some time to read a lot and I do mean A LOT about all three and how they work, because nor ZenArmor nor Suricata are a so called "Turn it on and forget about it!" solution and you really need to know what you are doing !! ;)
#6
25.7, 25.10 Series / NetFlow + SIP strange problem
Last post by ou1 - Today at 10:28:36 PMI'm experiencing a very strange issue on OPNSense Business 25.10.2, running on a DEC750. I believe this was a problem also on previous versions, but I only disabled NetFlow just before upgrading to 25.10.2.
If I disable NetFlow (clear all interfaces, disable Capture Local, reboot), I can no longer make outgoing calls from my SIP phone. Incoming calls work fine. It remains this way until I re-enable NetFlow. I don't even need to enable it on my VOIP interface, it just needs to be enabled.
Looking at captured traffic, the client is sending large INVITE packets which are being fragmented. This happens both with NetFlow enabled and disabled. The only difference is that when it doesn't work (when NetFlow is disabled), there is no response from the server. It seems that the server is either silently dropping the packets, or they are not being delivered.
With NetFlow enabled, I get responses 100 Trying, 183 Session Progress, 180 Ringing.
With Netflow disabled, I get no responses, then client re-sends the INVITE, over and over until the call fails.
I have no static NAT rules, just Hybrid Outbound NAT, no SIP-specific OPNSense configuration whatsoever. I don't see any dropped packets in the firewall logs.
Any insight into this would be very appreciated.
If I disable NetFlow (clear all interfaces, disable Capture Local, reboot), I can no longer make outgoing calls from my SIP phone. Incoming calls work fine. It remains this way until I re-enable NetFlow. I don't even need to enable it on my VOIP interface, it just needs to be enabled.
Looking at captured traffic, the client is sending large INVITE packets which are being fragmented. This happens both with NetFlow enabled and disabled. The only difference is that when it doesn't work (when NetFlow is disabled), there is no response from the server. It seems that the server is either silently dropping the packets, or they are not being delivered.
With NetFlow enabled, I get responses 100 Trying, 183 Session Progress, 180 Ringing.
With Netflow disabled, I get no responses, then client re-sends the INVITE, over and over until the call fails.
I have no static NAT rules, just Hybrid Outbound NAT, no SIP-specific OPNSense configuration whatsoever. I don't see any dropped packets in the firewall logs.
Any insight into this would be very appreciated.
#7
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by stef - Today at 10:25:00 PMQuote from: BrandyWine on Today at 08:34:47 PMThere is FreeBSD util in the Intel bundle, you need to dig it out of the I210 TGZ zip that's in the I210 folder.
\Release_30.6.zip\NVMUpdatePackage\I210\I210_NVMUpdatePackage_v2_00_Linux.tar.gz\I210_NVMUpdatePackage_v2_00_Linux.tar\I210\Linux_x64\
2nd, please post your nvm cfg file you are using with flash util.
3rd, with a hyper-v, do not flash from a vm, flash only from the host OS.
Thank you, I found it inside the i210 folder (the driver pack version is 31.0)
Will try again with OPNsense and that tool.
That's the nvm.cfg i've been using
Code Select
CURRENT FAMILY: 1.0.0
CONFIG VERSION: 1.20.0
; NIC device
BEGIN DEVICE
DEVICENAME: Intel(R) Ethenet Contolle I226-V
VENDOR: 8086
DEVICE: 125C
SUBVENDOR: 8086
SUBDEVICE: 0000
NVM IMAGE: FXVL_125C_V_1MB_2.32.bin
EEPID: 80000425
RESET TYPE: REBOOT
;REPLACES: 80000308
END DEVICEI just noticed the typo (Controlle instead of Controller) in the DEVICENAME, could it be that? I also tried with the 2MB (changing the EEPID with 422 at some point)
Yes, I haven't tried flashing it from a VM but only from host (proxmox), Windows (installed on a SSD) or a live OPNsense ISO.
#8
Hardware and Performance / Re: Warning about RealTek adap...
Last post by Bob.Dig - Today at 09:45:13 PMQuote from: meyergru on February 11, 2026, 11:16:30 PMI have an Aquantia here, as well. Never worked right.No problem here with the realtek or aquantia, although I am only using them with PCIe3 and as direct connections to each other, in Windows.
#9
German - Deutsch / Re: Fragen zu vnStat
Last post by Patrick M. Hausen - Today at 09:28:27 PMReporting - Netflow oder so ähnlich (aus dem Kopf).
#10
German - Deutsch / Re: Fragen zu vnStat
Last post by Zavinator - Today at 09:10:29 PMQuote from: Patrick M. Hausen on Today at 03:54:17 PMIch bin recht zufrieden mit Netflow und Elastiflow. Netflow ist ein Format von Cisco, mit dem ein Router (oder eine Firewall) Verbindungsdaten exportieren kann. In OPNsense ist das eingebaut. Man kann eingeschränkt die Visualisierung der Daten auch direkt auf der OPNsense und dann im Web UI laufen lassen, davon würde ich aber abraten. Netflow schreibt einfach verdammt viel. Man erzeugt mit dem Collector (das ist das Teil, wo die Daten zur Auswertung landen) extrem viel Last und schreibt sich unter Umständen seine SSD kaputt - je nach Hardware.
Besser ist m.E. nur den Exporter (das Teil, das die Daten generiert) auf der OPNsense zu aktivieren und die Daten an ein externes System wie Elastiflow zu schicken.
Elastiflow ist für kleine Installationen kostenlos. Man muss die Lizenz einmal im Jahr erneuern, aber es kostet halt nichts. Die möchten nur wissen, wer den Kram benutzt. "Klein" bedeutet bis zu 4000 Flows (Verbindungen) pro Sekunde. Das schafft nicht mal ein kleiner Hoster wie wir.
Du brauchst eine Linux-Maschine oder VM mit mindestens 16 GB RAM und idealerweise 4 Kernen für die Software.
https://www.elastiflow.com
Danke Patrick, werde ich mir ansehen. Wo bzw. wie aktiviere ich den Exporter auf der OPNsense?
LG Martin
