Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - chunky

Pages1
#1
19.1 Legacy Series / Feature request : adding TAP interfaces management
March 19, 2019, 01:34:10 AM
It would be very nice to have the possibility (via the GUI) to create TAP interfaces by adding a new section in Interfaces / other types / TAP

Right now, it's pretty straightforward to create them via the console, but they don't survive a reboot unless you have a method to recreate them at each boot.

It should be simple to add this, I mean, I bet a few hours of coding or less for opnsense devs.

looking forward to it
#2
18.7 Legacy Series / New suspend to ram plugin
November 16, 2018, 11:57:14 PM
I've made a simple new plugin called suspend2ram whose function as the name suggest is to put the machine under suspend to ram mode or S3. It use the already installed command acpiconf.

You can either go into suspend with the GUI (see the new option in power menu) or via the API by sending a POST http request. Exemple with curl from another network computer :

Code Select

curl -XPOST -d '{}' -H "Content-Type: application/json" -k -u "your user api key":"your user api key" https://your_router_ip/api/suspend2ram/service/gosuspend

Personnaly, I use the excellent home automation server FHEM to automate tasks with other devices, so opnsense can now be easily put to sleep or wake up via wake on lan on specifics event, like presence detection in the house...

this is my first attempt to write a plugin for opnsense, so I may have missed things or there may be other ways to do this. Anyway, I thought it could serve other people, so feel free to use it if needed.

to install, put the file in your filesystem and :
Code Select
pkg install os-suspend2ram-1.0.txz

#3
18.7 Legacy Series / Can't switch back on via WOL after power off
November 12, 2018, 01:37:52 AM
hello there

I've an issue where if I power off opnsense machine with web gui or via the api, I can't switch it back on remotely with WAKE ON LAN packet. The hardware is capable and the bios is setup to switch on by WOL. Tested Windows and linux on the same machine, WOL works ok after regular power off.
As a side note, if (instead of powering it off) I put it to S3 sleep, it wake up nicely via WOL.
Unfortunately, acpi sleep (tested with command: acpiconf -s 3) is not available via the api, only poweroff is. May be it could be possible to add this option (s3sleep) in the api ? Can anyone could tell me how to do this ?

opnsense 18.7.6-amd64 on a zotac nano CI321
#4
General Discussion / how to block by process userid with pf firewall ?
July 23, 2018, 07:44:53 PM
How do I block outbound access of services running on the firewall itself ? With packet filter, I found that we can block a user with it's UID or name but I've haven't found this option in opnsense firewall settings. For exemple, using this rule
Code Select
block out on em0 proto tcp from me to any port 80 user myuser
should block process running with uid myuser

How can I do it on opnsense ?
#5
General Discussion / Persistent users across reboot ?
July 17, 2018, 11:31:15 PM
Hi there

I've compiled vsftpd server from ports because I need a ftp server running on my lan only. It was not straightforward, especially the part while configuring virtual users, but I succeded, somehow. Now, I rebooted my opnsense machine and the virtual account I just created (with command adduser -v) was gone. I don't really understand the mecanisms for opnsense users management, the gui doesn't show the system's groups and users. So, is there a preferred way to keep manually created users across reboots?

Is there plans to add an ftp server as a  service, I guess it would be very welcome for many people. I used to run tomato firmware on a consumer router and I miss many features of it since I've been running opnsense. That's too bad because, otherwise, opnsense have a nice base.

Another question : whats will happen to my compiled / customized programs in /usr/local/ when I'll make a firmware upgrade ? is it deleted ? If so, I guess I would have no other choice to stop upgrading the os.
#6
General Discussion / Whats wrong with Bhyve ??
April 23, 2018, 01:13:49 AM
Hi there

I'm trying to run a linux distro (debian 9.4.0 amd64) under bhyve but I'm facing very serious issues with keyboard. Many keys appear to be shifted or non existant, for example, I can't use certain numerical key, the dot (.) etc. Moreover, hitting specifics key return a completly different one, that's a killer feature but not a very safe nor usable one...
It seem's also that grub2-bhyve is not installed, nor available as a pkg ?

For now, I run this command to launch bhyve :

Code Select
bhyve -c 1 -m 1024M -H -A -w \
  -s 0:0,hostbridge \
  -s 4:0,virtio-blk,./ubuntu-server.img \
  -s 5:0,virtio-net,tap10 \
  -s 29,fbuf,tcp=0.0.0.0:5900,w=1280,h=720,wait \
  -s 30,xhci,tablet \
  -s 31,lpc -l com1,stdio \
  -l bootrom,../uefi-firmware/BHYVE_UEFI.fd \
  ubuntu

It appear also that bhyve doesn't retain the boot order after installing an OS, I always get dropped the uefi shell, forcing me to boot from the file grubx64.efi at each boot.

Is bhyve completely broken or I'am missing something ?

For the keyboard issues, I tried the null modem way (-s 31,lpc -l com1,/dev/nmdm0A) but endup with error msgs like
Code Select
bhyve error: no suitable video mode found. Booting in blind mode

and stuck there

Please help
Pages1