OPNsense Forum

English Forums => 21.7 Legacy Series => Topic started by: wuwzy on December 06, 2021, 06:47:37 am

Title: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 06, 2021, 06:47:37 am
The previously stable system was completely broken.
Irregularly, the WEN port will be displayed as offline, with a red warning.
This is really a life-threatening upgrade.
How do I return to 21.7.5? :'(
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: franco on December 06, 2021, 08:35:45 am
Can you be more specific please.


Thanks,
Franco
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: chemlud on December 06, 2021, 10:44:42 am
If you use suricata IPS I would try

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

first...
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 08, 2021, 05:51:32 am
Thanks for replying, I read your other related content, our question should be the same. I am summing up your experience and try another round. If there are results, I will report to you.

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 08, 2021, 05:52:13 am
If you use suricata IPS I would try

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

first...

Thanks for replying,
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: franco on December 08, 2021, 08:54:33 am
For anyone else wondering: no, this is not how to report an issue. It's impossible to support.


Cheers,
Franco
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 13, 2021, 06:39:41 am
After several days of testing, so far, it is still normal.
The problem is that there is no prompt for this crash, and I don't know how to describe it. The symptom is that the WAN port will go offline after a while. After restarting, it will be offline again after a period of time (the length of time may not be).
I refer to the reply from the enthusiastic chemlud above. I made a little change because I need IPS and cannot make IPS not work.
My approach is to remove the WAN from the IPS monitoring network card and only monitor other network cards. So far, everything looks normal.
I hope that friends who have the same problem can help you. Thanks again.
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 14, 2021, 09:17:15 am
Can you be more specific please.


Thanks,
Franco

thanks Franco.. look here.

https://forum.opnsense.org/index.php?topic=25968.0

Thanks.  ;D
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: franco on December 14, 2021, 09:53:25 am
Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to. ;)


Cheers,
Franco
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: pmhausen on December 14, 2021, 10:35:55 am
Just for the record: IDS/Alert only works fine with VLANs.
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: franco on December 14, 2021, 10:47:11 am
True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 15, 2021, 09:58:10 am
Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to. ;)


Cheers,
Franco

BOOS, i no have setup VLAN.  only use IPS to WEB LAN.
Title: Re: 21.7.5 up to 21.7.6 The previously stable system was completely broken.
Post by: wuwzy on December 16, 2021, 07:24:10 am
True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco

Report to the boss again. Remove the WAN port from the IPS list. The WAN port is no longer offline. It has been 5 days now. Everything returned to calm.