Greetings,
OPNsense has been running and working fine for the last couple of years. I haven't touched it in a couple of weeks; it just works.
Today try to visit the web interface, and I'm seeing the following:
Fatal error: Uncaught OPNsense\Core\ConfigException: file not found in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php:400 Stack trace: #0 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(606): OPNsense\Core\Config->load() #1 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(342): OPNsense\Core\Config->restoreBackup('/usr/local/etc/...') #2 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(51): OPNsense\Core\Config->init() #3 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(72): OPNsense\Core\Singleton->__construct() #4 /usr/local/etc/inc/config.inc(110): OPNsense\Core\Singleton::getInstance() #5 /usr/local/etc/inc/config.inc(353): parse_config() #6 /usr/local/www/guiconfig.inc(39): require_once('/usr/local/etc/...') #7 /usr/local/www/index.php(31): require_once('/usr/local/www/...') #8 {main} thrown in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php on line 400
Rather disturbing as no changes were made on my end. All I can assume is that a bad actor may have been attempting to compromise my OPNsense firewall.
Can anybody point me in the right direction, or have they seen a similar situation?
What would be my next steps to recover and hunt down what exactly would cause a spontaneous failure such as this? The best I can tell, everything is still working (traffic seems to be flowing, there's a number of sites, HAProxy, internet access, behind it).
Thanks in advance to anyone willing to point me in the right direction.
Seems there's no SSH in either.