OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: zaggynl on May 02, 2019, 06:22:56 pm

Title: OPNsense 19.1.7 release thread
Post by: zaggynl on May 02, 2019, 06:22:56 pm
 19.1.6 to 19.1.7 Update went OK for me, reboot was quick.

Edit: it rebooted twice? showed rebooting in UI, then dashboard 19.1.7, then rebooted again, second time took longer.
Title: Re: OPNsense 19.1.7 release thread
Post by: muchacha_grande on May 02, 2019, 06:59:41 pm
Updated from 19.1.6 to 19.1.7 and all went OK with only one reboot.
Title: Re: OPNsense 19.1.7 release thread
Post by: Mr.Goodcat on May 02, 2019, 07:10:28 pm
For me DHCPv6 Server and NTP don't come back up. Meanwhile the log keeps repeating the messages given below:

Any ideas?

Edit: never mind, it seems to have fixed itself. :D
Title: Re: OPNsense 19.1.7 release thread
Post by: glasi on May 02, 2019, 07:42:45 pm
Successfully updated from 19.1.6 to 19.1.7.

Just one reboot for me. It looked like two reboots because after the update process the webbrowser jumped back to the dashboard before the reboot.

Start of ntpd, squid and strongswan services takes a bit longer than usual (up to 90 secs on my system). Apart from this everything seems te be okay.
Title: Re: OPNsense 19.1.7 release thread
Post by: Andreas_ on May 03, 2019, 08:51:50 am
removed bind912 for me without installing bind914, posted a github issue.
Title: Re: OPNsense 19.1.7 release thread
Post by: franco on May 03, 2019, 09:38:30 am
The issue is https://github.com/opnsense/update/issues/51 and we're unable to do anthing there as this was a behavioural issue of pkg and FreeBSD ports change carving out bind91X servers and directly linking it to a slave bind-tools package (which holds nsupdate amongst others).

All our plugins update correctly and we can't guess for manual use of transient dependencies.


Cheers,
Franco
Title: Re: OPNsense 19.1.7 release thread
Post by: dinguz on May 03, 2019, 09:46:29 am
In Intrusion Detection > Rules:

Error at /usr/local/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php:137 - count(): Parameter must be an array or an object that implements Countable (errno=2)

also submitted a bug report from the firewall itself.
Title: Re: OPNsense 19.1.7 release thread
Post by: network72 on May 06, 2019, 01:31:17 pm
the same error on IDS section at Alert tab. Any solution suggested ?

Error at /usr/local/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php:137 - count(): Parameter must be an array or an object that implements Countable (errno=2)
Title: Re: OPNsense 19.1.7 release thread
Post by: Aloist on May 07, 2019, 04:13:19 pm
Updated from 19.1 to 19.1.7 without problem.
Hardware is Dell R410
Title: Re: OPNsense 19.1.7 release thread
Post by: FingerlessGloves on May 07, 2019, 06:46:57 pm
So I upgraded to 19.1.7 from 19.1.6 (Not sure if the problem below is a bug or not)

Rebooted, everything worked expect internet. I could ping other networks, which are on different interfaces etc, so rules are working.

I couldn't ping 1.1.1.1 or 8.8.8.8 on any network, although I could if I went in to OPNsense and set the ping interface to WAN.

I do use a lot of Aliases in my setup. Each NAT rule uses an Alias, so I set it to automatic NAT from Manual. Still no internet. So I set it back to Manual few minutes later.

OPNSense DNS set to 127.0.0.1 which is unbound.
unbound upstream DNS is inside the LAN network (192.168.2.7)

192.168.2.7 is Stubby DNS (https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby) which of course can't resolve anything because there's no internet on any network.

So as a test I set unbound's upstream to 1.1.1.1,  10 seconds later internet kicks in again.

1.1.1.1 and 8.8.8.8 is now pingable on any network which it wasn't before the DNS upstream change.

I have now moved to using Dnscrypt plugin which isn't DNSoverTLS but does the same job, and should stop this happening in the future.

I'm not sure if this problem was a bug or not but I thought I best report it.

I have Aliases that use GeoIP and TLD domains (eg domain.com).
Title: Re: OPNsense 19.1.7 release thread
Post by: rainerle on May 13, 2019, 12:46:06 pm
Upgraded from 19.1.4 to 19.1.7. First the secondary firewall, then disabled the Virtual IPs on the primary firewall and upgraded the primary firewall. Then enabled the Virtual IPs on the primary again.

Only the Mobile IPsec users experienced a service disruption. Seems the clients do not autoreconnect.

Maybe https://wiki.strongswan.org/projects/strongswan/wiki/HighAvailability could be a solution for this.