Topics

Versions
OPNsense 25.7.7_4-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

Services: Captive Portal: Sessions
is empty even if there are clients authenticating

Versions
OPNsense 25.7.5-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

I have captive portal issue started sometime 25.x, may free wifi is in vlan 15.
after a while it will randomly "crash" or block all access. DHCP works though ping to the
gateway ip returns timed out. ping to other devices within the network is ok.
there will be no Internet connection.

solution with no effect
1) restart or stop/start captive portal
2) restart or stop/start ubound
3) restart or stop/start DHCP
4) I think i have tried restart to no effect

solution to recover from issue
1) change IP of VLAN Interface, usually from 192.168.88.1 to 192.168.88.2 and vice versa if .2 does the same issue

captive portal functioning correctly

https://freeimage.host/i/KkEwhQV

captive portal blocking

https://freeimage.host/i/KkEOHOJ

I have tried to check other logs, but there are no mention of captive portal crashing or bad database. vene on the captive portal logs.
it is as if randomly it just blocks accesss. and restart of portal does not seem to have an effect.
only if I change the IP of vlan interface.

[Captive Portal] Whitelist URL

how to white list a external URL
so it will load and NOT be blocked by the captive portal?

I have address IP rules to allow and even alias to no avail, acess thos site ultimately load sa captive portal.

tried the new  Traffic shaping [experimental] in firewall
so much easier than creating rules in shaper rules which was complicated.
very nice!

but would like to report that the reverse rule is not being followed
download shaper is followed while the upload is not or is there a config issue?
EDIT:
if rule direct has shaper and reverse direction has none, then same as non for both or both uncapped
if rule direct has none and reverse direction has shaper (2mbps), then error not allowed to save
if rule direct has shaper (1mbps) and reverse direction has shaper(2mbps), internet will have 2mbps download and uncapped upload

Download pending updates keeps showing up
every time updates is checked.
it is always downlaoded but for some reason it will again show and dwnlaod in the next
click view pending updates

and it be cleared?

I tried to reinstall unbound to no avail, tried reintalling multiple times

OPNsense 24.1.6-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13


log error

2024-05-03T12:56:44   Error   configd.py   [92dc6ee1-e33b-4f22-958a-c0fee242834f] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.
2024-05-03T12:56:39   Error   configd.py   [c9d4e09c-4f10-40af-8778-94dc3845dc4b] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.

OPNsense 23.1.1-amd64

anyone having issues with captive portal after upgrade?
there was no obvious change to firewall settings but hen connecting
the portal does not show up, the dns is up and if portal is disable there is internet
firewall rules for portal is set up and has not been changed

captive portal seems running

connecting to the captive portal does not show the portal itself

I have already tried removing and recreating the zone to no avail

does Unbound DNS support safe search

Enable Google SafeSearch
Enable DuckDuckGo SafeSearch
Enable Youtube Adult Restrictions
Enable Strict Bing Search

can this be implemented like BIND?

console Update to firmware 32.1

how do I continue the update?

what keys to press in telnet?

sorry for the noob question
the web update is taking so long I dont have a clue

may 5G gateway disconnects alot, which may require it to reboot.
may issue is that if the modem is rebooted somehow the monitor IP, gets marked as down. what I do is replace it with another IP. or just hit edit and apply without changing the IP. it will then be marked as active.

supposed to be it should detect the modem to be active after some time right?

is it possible to run 2 instance of ubound?
or set ubound to serve to different network?

1 for forwarding to porn and malware block DNS
and 1 for no blocking?

or should this be simply done with 2 servers/opnsense entirely


or if dnsmasq at port 54, how do I set it so that my free wifi network will use that as DNS?
"local:54" in the DNS server list in DHCP?

[Change Log]

I manage to update 1 server but this one just doesnt

OPNsense 22.1.10_4-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1q 5 Jul 2022

in gui it only says no more updates

Firmware status requires to check for update first to provide more information.

"Your packages are up to date.
***DONE***"

Change Log
22.7   2022-07-28   
22.1.10 (installed)   2022-07-07

in console, after supposedly extracting 22.7, it says 22.1.10_4, like nothing happened.
did this 3 times already

Enter an option: 12

Fetching change log information, please wait... done

This will automatically fetch all available updates and apply them.

A major firmware upgrade is available for this installation: 22.7

Make sure you have read the release notes and migration guide before
attempting this upgrade.  Around 500MB will need to be downloaded and
require 1000MB of free space.  Continue with this major upgrade by
typing the major upgrade version number displayed above.

Minor updates may be available, answer 'y' to run them instead.

Proceed with this action? [22.7/y/N]: 22.7

Fetching packages-22.7-OpenSSL-amd64.tar: ................................................................................................. done
Fetching base-22.7-amd64.txz: ................... done
Fetching kernel-22.7-amd64.txz: ......... done
!!!!!!!!!!!! ATTENTION !!!!!!!!!!!!!!!
! A critical upgrade is in progress. !
! Please do not turn off the system. !
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Extracting packages-22.7-OpenSSL-amd64.tar... done
Extracting base-22.7-amd64.txz... done
Installing kernel-22.7-amd64.txz... done
Please reboot.
>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
Stopping API dispatcher
Stop : zone 0
stop captiveportal background process
Stopping mongod.
Waiting for PIDS: 74761.
Stopping flowd.
Stopping flowd_aggregate...done
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
Shutdown NOW!
shutdown: [pid 64578]

*** FINAL System shutdown message from root@OPNsense.localdomain ***

System going down IMMEDIATELY

System shutdown time has arrived

Can anyone help, NTP just does not work when setting conencting to the opnsense server. there is internet. the logs in NTP look ok. but setting windows to the opnsense server failes to get the time.

how do I trouble shoot? ad fix the issue, restarting the server does not fix the issue

OPNsense 22.1.4_1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022

Opnsense 22.1

Captive Portal logs

2022-02-05T08:54:12   Error   api   [2022-02-05T08:54:12+08:00][error] no active session, user not found   
2022-02-05T08:07:19   Error   api   [2022-02-05T08:07:19+08:00][error] no active session, user not found   
2022-02-03T18:22:33   Error   api   [2022-02-03T18:22:33+08:00][error] no active session, user not found

above keeps repeating

captive portal seems to be working though
just cant see the logs and last log updates

also could an easier way to reset or delete the database be added? or may a regular backup, last known good.

changing type in firemware setting to community
then update returns error

cant I go back to community build?



***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 22.1.b_85 (amd64/OpenSSL) at Tue Dec 14 02:02:04 -08 2021
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.txz: .......... done
Processing entries: .......... done
OPNsense repository update completed. 685 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
pkg: No packages available to install matching 'opnsense' have been found in the repositories
***DONE***



Type   opnsense-devel   
Version   22.1.b_85   
Architecture   amd64   
Flavour   OpenSSL   
Commit   8250ad50c   
Mirror   https://pkg.opnsense.org/FreeBSD:13:amd64/22.1   
Repositories   OPNsense   
Updated on   Wed Dec 8 02:44:20 -08 2021   
Checked on   Tue Dec 14 02:02:04 -08 2021

using the following
System Information
Name    OPNsense.onghocgan.net
Versions    OPNsense 21.1.5-amd64
FreeBSD 12.1-RELEASE-p16-HBSD
OpenSSL 1.1.1k 25 Mar 2021
CPU type    Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz (8 cores)

going to captive portal session
select the chexkbox and click the trash icon
show a dialog box confirimng the action but click yes does nothing.
does not rove the user/ip

also having constant disconnect even if i set the hard idle timedout at 600minutes...
so mow I set it to zero for the moment.

is there a plugin or could facebook wifi login be accepted as an authentication mode.
this is not really a authentication but rather a "recording" of login via wifi

https://www.facebook.com/facebook-wifi

OPNsense 20.7.7_1-amd64
FreeBSD 12.1-RELEASE-p11-HBSD
OpenSSL 1.1.1i 8 Dec 2020

old templates and modified templates are being rejected without any error even in logs, just closes the template upload window.

downloading the default template and uploading is ok (no changes). adding even a single image file in /image somehow destroys the template.

I have 4 system, all are the same cant upload modified templates. all have been update to 20.7.7_1

anywya to manually upload the files? without using the upload GUI? and would it work?

is there an option to automatically install new DBs?
I ask this because in my case it does not uodate on its own.

considering another thread here wherein customization to the DB, are remove after DB update.

at the very least there should be a marking warning that there is an update...
or maybe in the daily email report
there should be a mention in the start
that there is an update available


btw running check, says no new version...

how to clear the update log?
A message system is rebooting always show...

have tried ti more than 5 times, it goes to the main screen but going to update will show the same...

I also tried rebooting more than 4 time the system but still the same...

some how it detect a marker or sort that the system need to reboot
(this was after the OPNsense 20.7.4-amd64 update...
how to solve?