Topics

I'm getting this error message when I tried to import my old rules csv:

e1e633f9-c53c-4391-b640-adc9c7b82d65,1,keep,,451,pass,1,0,lo0,in,inet,any,,,,,0,0,0,0,0,,,,,,,,,,,,,,,,,,,,,,,,0,any,,0,any,
[interface] Option [lo0] not in list.

It looks like the other rules imported expect this one.  I'm not exactly sure what the problem is.  I've reviewed all the old rules and I don't have an lo0 interface.

Thanks!

I upgraded firewall from 24.7 to 24.10 and I've noticed resource usage has increased by a factor of 2 times.

The CPU load average was previously below 1 and now it bounces between 3 and 30.  I've disabled as many services as I can to debug this and I'm not having any success.  The GUI slows down to the point it's almost nonresponsive.  Services are Unbound, Kea DHCP, CrowdSec and ADGuardHome.

I'm not sure where to go next to solve this issue.  All suggestions are appreciated.

Thanks!

I'm currently running AdGuard on OPNsense along with intrusion detection, CrowdSec and some firewall rules to keep the nasties out.  I tried messing with Zenarmor but then OPNsense kept telling me there were updates to apply, when there was none and Zenarmor felt like overkill.  I had used the blocklists in Unbound, but it was duplicating what AdGuard does.

Is there something out there that would pull all these separate things into one, cohesive dashboard or something in Docker?  I'm getting tired of having to check four different places when something my wife needs is getting blocked.

Thanks!

I'm running 24.7.5 and it's always showing I have pending updates when I log in to Opnsense.  If I remove Zenarmor, I don't have any pending updates.

Anyone know why Zenarmor would cause this?

Thanks!

I initially upgraded to 24.7 with Zenarmor installed.  I'm at the current release of 24.7.4_1.  I keep having issues with pending updates, primarily for Zenarmor.

I keep seeing this update list:
New packages to be INSTALLED:
   alsa-lib: 1.2.11 [mimugmail]
   fontconfig: 2.15.0_2,1 [SunnyValley]
   freetype2: 2.13.2 [SunnyValley]
   giflib: 5.2.2 [SunnyValley]
   graphite2: 1.3.14 [mimugmail]
   jbigkit: 2.1_2 [SunnyValley]
   jpeg-turbo: 3.0.3 [SunnyValley]
   lcms2: 2.16_2 [mimugmail]
   lerc: 4.0.0 [OPNsense]
   libXext: 1.3.6,1 [mimugmail]
   libXfixes: 6.0.0_1 [mimugmail]
   libXi: 1.8_1,1 [mimugmail]
   libXrender: 0.9.10_2 [mimugmail]
   libdeflate: 1.20 [SunnyValley]
   libfontenc: 1.1.8 [SunnyValley]
   png: 1.6.43 [SunnyValley]
   tiff: 4.6.0 [OPNsense]
The update performs the download, install and deletes the old packages.

If I check updates again, the same list appears.  It doesn't matter if I reboot Opnsense or not.  Anyone know how to fix this?

Zenarmor keeps crashing on me.  I have the latest version of OPNsense and Zenarmor.  The error message is:

      zenarmor has detected a problem during operation and has shut down zenarmor services in order to prevent a network outage.

      It is because we detected high SWAP usage 82 % ( 6.62GB / 8GB )

      If you think this is something we should have a look, just click here to let us know about the details and we will investigate this further.

      You can re-enable the services from Status page.

I'm not sure how to fix this.

New user here.  I was using an old Cisco ASA 5505 at home.  Can't really do too much with it.  Cisco dropped support for it, and adding a new features required another payment to Cisco.  So I switched to OPNsense and not looking back.

I've been interested in using the transparent proxy with web & AV filtering.  Just using HTTP is worthless now that almost everything is using HTTPS.  From what I've read, I need to create a certificate for HTTPS.  After that I can add the web and AV filtering for all inbound/outbound requests.

I'm not interested in browsing the HTTPS traffic, just want to filter web traffic and use the AV scanner for additional protection at home.  Is there some way I can do this without needing a certificate.  I'm also do not want to add the CA to each computer/phone in the house.  I'm not even sure out this would affect Roku and Amazon devices.

Any suggestions are greatly appreciated.

Thanks!