"
Have you tried entering 192.168.100.1 into Reject Leases From? That's specifically to prevent cable modems from assigning a private address to OPNsense.
Cheers
Maurice
Cheers
Maurice
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#212
German - Deutsch / Re: Umstieg Sophos UTM 9 (VM) zu OPNsense (VM)
October 24, 2025, 07:27:26 PM
OPNsense mit nur einem Interface ist kein Problem. Eine so konfigurierte Instanz habe ich als VM bei einem Hoster laufen. Darauf läuft Unbound als über DoT und DoH erreichbarerer Resolver mit Werbeblocker (für meine Mobilgeräte). Außerdem fungiert sie als WireGuard-Gateway. Falls das heimische OPNsense bei Festnetzausfall auf Mobilfunk zurückfällt (und daher keine eingehenden Verbindungen möglich sind), dann komme ich auf diesem Weg dennoch ins Heimnetz.
Die VM einfach mit einem Interface konfigurieren und dieses beim initialen OPNsense-Setup dem WAN(!) zuweisen. Ein LAN-Interface gibt es dann nicht. Und wie die Kollegen schon sagten: Das ist kein Use Case für eine Filtering Bridge, denn Du hast ja nur ein Interface.
Grüße
Maurice
Die VM einfach mit einem Interface konfigurieren und dieses beim initialen OPNsense-Setup dem WAN(!) zuweisen. Ein LAN-Interface gibt es dann nicht. Und wie die Kollegen schon sagten: Das ist kein Use Case für eine Filtering Bridge, denn Du hast ja nur ein Interface.
Grüße
Maurice
#213
Tutorials and FAQs / Re: OPNsense aarch64 firmware repository
October 24, 2025, 12:47:26 PM
Realtek drama...
Some starting points for further reading:
https://forum.opnsense.org/index.php?topic=35828.msg243738#msg243738
https://github.com/matheusber/opnsense
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275882
Some starting points for further reading:
https://forum.opnsense.org/index.php?topic=35828.msg243738#msg243738
https://github.com/matheusber/opnsense
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275882
#214
25.7, 25.10 Series / Re: Problems setting up PPPoE connection
October 23, 2025, 08:22:45 PM
VLAN configuration should be performed on the Hyper-V host, not in the guest OS.
Cheers
Maurice
Cheers
Maurice
#215
Tutorials and FAQs / Re: OPNsense aarch64 firmware repository
October 23, 2025, 03:35:55 AM
OPNsense 25.7.6 aarch64 packages and sets released.
#216
German - Deutsch / Re: UnBound DNS Problem mit ti-dienste.de
October 17, 2025, 03:56:06 PM
ti-dienste.de als private Domain einzutragen sollte ausreichen.
Läuft Unbound als rekursiver Resolver? Oder leitet nur an einen anderen Resolver weiter, der eventuell filtert?
Oder wird evtl. Dnsmasq statt Unbound verwendet?
Grüße
Maurice
Läuft Unbound als rekursiver Resolver? Oder leitet nur an einen anderen Resolver weiter, der eventuell filtert?
Oder wird evtl. Dnsmasq statt Unbound verwendet?
Grüße
Maurice
#217
Hardware and Performance / Re: Yet another frustrated Realtek RTL8125 operator
October 16, 2025, 10:59:30 PM
You can download realtek-re-kmod and os-realtek-re from the OPNsense repo and install them from a flash drive.
https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/latest/All/
Cheers
Maurice
https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/latest/All/
Cheers
Maurice
#218
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 16, 2025, 04:48:23 PMQuote from: Q-Feeds on October 16, 2025, 02:26:28 PMHere you can find the latest package with the bug fixes for Unbound and the Events page
Both fixes work as intended, thanks!
(In the Unbound settings, I had to reapply the DNSBLs and restart the service for it to merge and load the lists.)
#219
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 15, 2025, 06:18:50 PM
Yes, qfeedsctl.py logs also outputs duplicates. Not sometimes, but always. And always exactly two times the same entry, never more.
I'm pretty sure this happens when the Q-Feeds plugin parses the firewall logs; the raw logs in /var/log/filter/ don't contain duplicates.
I'm pretty sure this happens when the Q-Feeds plugin parses the firewall logs; the raw logs in /var/log/filter/ don't contain duplicates.
#220
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 15, 2025, 11:43:35 AMQuote from: Q-Feeds on October 15, 2025, 08:51:22 AMWe're investigating the double events although we're not able to reproduce yet.
Let me know if you need more details. The affected firewall rule is:
Interface: WAN (not floating)
Action: Block
Quick: Enabled
Direction: in
TCP/IP Version: IPv4+IPv6
Source: __qfeeds_malware_ip
Log: Enabled
Category: Q-Feeds
A typical match in Firewall: Log Files: Plain View looks like this:
Code Select
66,,,22be69e209c065d36d4e0f11865de1dd,vtnet0,match,block,in,4,0x0,,241,2711,0,none,6,tcp,44,202.93.142.22,10.0.0.194,62182,443,0,S,486549660,,1025,,mss
#221
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 15, 2025, 04:52:53 AMQuote from: Q-Feeds on October 14, 2025, 03:48:15 PMQuoteThis could be improved - show both or show the identifier if the interface doesn't have a description.
Thanks for catching this!
This is now fixed in 1.1. The events list displays interface identifiers for interfaces without a description.
All events showing up twice is not fixed yet.
#222
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 15, 2025, 04:38:47 AMQuote from: Q-Feeds on October 14, 2025, 08:58:12 PMThere's no need to select a list within the Unbound plugin but you can always select extra lists.
The last part doesn't work for me. Registering the domain feed in the Q-Feeds plugin prevents the DNSBLs selected in Services: Unbound DNS: Blocklist: Type of DNSBL from getting added to /var/unbound/data/dnsbl.json. Q-Feeds seems to override the Unbound DNSBLs, not augment them.
#223
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 14, 2025, 03:29:35 PM
Turns out the Interface column in Security: Q-Feeds Connect: Events only shows the interface's (optional) description, not its identifier (lan / wan / opt[n]). If there is no description, the column remains empty.
This could be improved - show both or show the identifier if the interface doesn't have a description.
This could be improved - show both or show the identifier if the interface doesn't have a description.
#224
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 14, 2025, 02:11:54 AM
Pretty basic setup.
The firewall rules are:
block drop in log quick on vtnet0 inet from <__qfeeds_malware_ip:667695> to any
block drop in log quick on vtnet0 inet6 from <__qfeeds_malware_ip:667695> to any
Events are only duplicated in Security: Q-Feeds Connect: Events. They show up correctly (only once) in Firewall: Log Files: Plain View.
vtnet0 is the WAN interface:
You cannot view this attachment.
The firewall rules are:
block drop in log quick on vtnet0 inet from <__qfeeds_malware_ip:667695> to any
block drop in log quick on vtnet0 inet6 from <__qfeeds_malware_ip:667695> to any
Events are only duplicated in Security: Q-Feeds Connect: Events. They show up correctly (only once) in Firewall: Log Files: Plain View.
vtnet0 is the WAN interface:
You cannot view this attachment.
