OPNsense Forum
English Forums => General Discussion => Topic started by: directnupe on January 10, 2020, 02:03:03 am
-
Dear franco and any who can assist -
Hello and I hope that you have been well. I am writing to you because I am having a slight issue with GETDNS and STUBBY - particularly this problem happens after I upgraded OPNsense to 19.7.9 ( HardenedBSD derivative ). The only issue I can possibly think of is that UNBOUND was recently upgraded to Unbound 1.9.6 -
In full disclosure I installed GETDNS and STUBBY on fresh VM and everything worked well and as expected.
I followed and wrote this guide :
https://forum.opnsense.org/index.php?topic=13487.0
Maybe the issue is with the custom /etc/rc.conf.d/stubby start up script needed
by OPNsense as I see that on REAL HARDWARE - the start up script does not
activate properly at boot time. Anyway, I hope to find the answer on this - the OPNsense Forum.
Thanks and God Bless,
directnupe
-
Hi directnupe,
What's the contents of /etc/rc.conf.d/stubby ? Are you using our binary package with LibreSSL or OpenSSL? Have you checked against the FreeBSD binary package?
Cheers,
Franco
-
Dear franco,
Thanks for your reply - so I want to bring you up to speed. I have been in touch with Ryan Steinmetz aka zi - the port maintainer and developer of GETDNS. I am going to include what I wrote to him below along with the answers to your questions. Also, I am going to build my own GETDNS package and see how that works. My message to Zi ( aka Ryan ) below :
Dear Zi ( aka Ryan ),
Hello and thanks for your swift reply. I will do my best to
explain the issue which I am encountering on OPNsense 19.7.9
( a HardenedBSD derivative ). Please note that I am not an
expert and I am unable to send you any screen shots as this issue
only occurs when I install OPNsense on actual hardware computer.
From my best determination - the problem is that the start up script
( stubby.in ) which you were kind enough write - DOES NOT execute
( read run ) at boot time.
What I see on the screen on boot up are the full contents of the
/usr/local/etc/stubby/stubby.yml file being displayed on the screen instead
of the screen stating the message that the /usr/local/etc/rc.d/stubby.sh
is being stated and read. This did not happen up until I upgraded to
OPNsense 19.7.9 -
If you would - please read through my tutorial found here:
https://forum.opnsense.org/index.php?topic=13487.0 - the reason I ask
you to do this is so that you can see how I exactly set up GETDNS on
OPNsense from start to finish. From this overview, you might be able to see
where I may be making any errors. However, as I said this worked up until now.
So, maybe a new start up script ( stubby.in ) is needed - perhaps - I will leave
that up to you. I do run Unbound 1.9.6 on OpenWrt with no issues at all.
Lastly, I contacted Franco - chief developer at OPNsense - and asked his
assistance with issue and he wrote back with this reply ( and I quote ) :
Hi directnupe,
What's the contents of /etc/rc.conf.d/stubby ? Are you using our binary package with LibreSSL or OpenSSL?
Have you checked against the FreeBSD binary package?
Cheers,
Franco
Answer Part 1
To answer his questions the contents of my /etc/rc.conf.d/stubby is:
A -
stubby_enable="YES"
stubby_bootup_run="/usr/local/etc/rc.d/stubby.sh"
and
B -
I also tried modifying /etc/rc.conf.d/stubby contents as follows below :
from guide here https://docs.opnsense.org/development/backend/autorun.html
stubby_enable="YES"
stubby_opnsense_bootup_run="/usr/local/etc/rc.d/stubby.sh"
Neither of these worked even though choice A above worked flawlessly up until
OPNsense 19.7.9 -
Answer Part 2
Are you using our binary package with LibreSSL or OpenSSL?
Yes I am using OPNsense binary package with OpenSSL
Answer Part 3
Have you checked against the FreeBSD binary package?
Honestly I do not know how to do this - if you advise me how to do so
I will.
Thanks for all you do and God Bless,
directnupe