"
I get that dependency warning after I check for updates, post 21.7 upgrade. Reinstalling glib did not fix it.
Should I be concerned? Everything seems to be working.
Should I be concerned? Everything seems to be working.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#47
21.7 Legacy Series / Re: Upgrade to 21.7: is this normal?
July 29, 2021, 05:19:59 PM
Neverminded, it eventually completed
#48
21.7 Legacy Series / [SOLVED] Upgrade to 21.7: is this normal?
July 29, 2021, 05:09:52 PM
The upgrade on my lab VM went pretty smoothly and fast, but now my main box upgrade looks like this. It's been almost 10 minutes. Should I leave it?
#49
21.7 Legacy Series / Re: Unable to upgrade from OPNsense 21.1.9_1-amd64 to 21.7
July 28, 2021, 07:56:52 PM
So is the solution, running:
before upgrading to 21.7?
Code Select
# opnsense-revert -r 21.1.9_multi opnsense-updatebefore upgrading to 21.7?
#50
21.1 Legacy Series / Re: HTTPS support for Maltrail plugin
July 19, 2021, 08:52:22 PM
Yes, I could figure out how to do that, but it would be just switching one workaround for another. The underlying issue I wanted to highlight is the lack of config options for Maltrail.
#51
21.1 Legacy Series / HTTPS support for Maltrail plugin
July 16, 2021, 03:34:26 PM
I'm using the Maltrail plugin, but had to manually change the config file to enable https by creating the pem file from the acme certs. It would be great if the UI for Maltrail had an option for https and field to specify the pem file so I don't have to manually edit the conf file.
#52
21.1 Legacy Series / Re: Inter VLAN traffic working, vlan to lan traffic sent on default GW
July 12, 2021, 04:22:58 PM
I have notice a similar behavior on my home network. I posted about it here:
https://forum.opnsense.org/index.php?topic=23627.0;topicseen
Basically the default deny rule is capturing traffic originating from devices on a vlan with destination in the same vlan (subnet). The connection works, but to me it makes no sense for the GW to see and log that traffic.
https://forum.opnsense.org/index.php?topic=23627.0;topicseen
Basically the default deny rule is capturing traffic originating from devices on a vlan with destination in the same vlan (subnet). The connection works, but to me it makes no sense for the GW to see and log that traffic.
#53
21.1 Legacy Series / Re: Virtual IP and services binding to to it
July 09, 2021, 02:42:16 PM
Thank you, that's awesome! Much appreciated.
#54
21.1 Legacy Series / Re: Virtual IP and services binding to to it
July 08, 2021, 10:33:53 PM
Thank you Franco. I just submitted a feature request for it:
https://github.com/opnsense/core/issues/5086
Keeping my fingers crossed :)
https://github.com/opnsense/core/issues/5086
Keeping my fingers crossed :)
#55
21.1 Legacy Series / Virtual IP and services binding to to it
July 08, 2021, 03:32:14 PM
I noticed that if I add a virtual IP (alias or CARP) to an interface, services like sshd, lighthttp, undound automatically get bound to the it. Is there a way to prevent that from happing?
#56
General Discussion / Re: Announce: new OPNsense community repository
July 02, 2021, 04:27:06 PM
Is the Maltrail plugin still maintained and updated?
#57
General Discussion / Maltrail plugin: how to unhide threat?
July 02, 2021, 03:56:53 PM
I have bee using mailtrail for few days and it works great. Earlier I highlighted a threat on the list and right clicked on it trying to copy it, but I instead clicked "hide threat" by mistake. Now that item is not showing anymore, when I refresh the page, a message in the lower right corner pops up for a moment saying "1 threat hidden".
I've been trying to find a way to un-hide that item, but I could not find it anywhere in the barebone UI. The official documentation on github doesn't even mention the option. Does anybody know how?
I've been trying to find a way to un-hide that item, but I could not find it anywhere in the barebone UI. The official documentation on github doesn't even mention the option. Does anybody know how?
#58
21.1 Legacy Series / Re: Default deny rule started blocking things that it should not have
June 24, 2021, 06:40:00 PM
Not quite the same, but I noticed that the default deny rule started logging some traffic with src and dest in the same VLAN/Subnet. That traffic should not pass through the FW/GW, but somehow it gets picked up. I'm not talking about broadcast stuff, just straight ip to ip in the same broadcast domain. I posted about it few days ago. I ended up creating an allow rule just to clean the logs. Bizarre for sure.
#59
21.1 Legacy Series / Traffic Shaper Limiter and CPU usage
June 24, 2021, 06:32:11 PM
I have a 250/20 cable connection and I want to setup a basic shaper to limit the download bandwidth on my MEDIA VLAN (gaming console and streaming devices) to 200Mbit. This is to avoid the network to crawl whenever I download or update a large game on XSX or PS5.
I followed the documentation and it kind of works, but the CPU usage gets pegged at 100% when I start a large downloads on my Xbox. The download never gets past 130-150Mbits when the shaper is active. It seems to me that the CPU on my OPNsense (Celeron 3855U @ 1.60GHz) is the bottleneck.
For the record without the limiter I can download at full 250Mb. I know the CPU is not the latest and greatest, but I find it a bit puzzling that a simple limiter is taxing the CPU that much. It's a very simple operation that on PC is built right in all the gaming clients (Steam, Origin, BNet, etc).
Is this normal or am I missing something?
I followed the documentation and it kind of works, but the CPU usage gets pegged at 100% when I start a large downloads on my Xbox. The download never gets past 130-150Mbits when the shaper is active. It seems to me that the CPU on my OPNsense (Celeron 3855U @ 1.60GHz) is the bottleneck.
For the record without the limiter I can download at full 250Mb. I know the CPU is not the latest and greatest, but I find it a bit puzzling that a simple limiter is taxing the CPU that much. It's a very simple operation that on PC is built right in all the gaming clients (Steam, Origin, BNet, etc).
Is this normal or am I missing something?
#60
21.1 Legacy Series / Same VLAN traffic being logged (blocked) by the FW
June 21, 2021, 02:35:57 PM
In my home network I have a MEDIA VLAN I use for all kinds of devices (gaming consoles, STB, Google Home, Chromecasts, Smart TVs etc). Some are wired others are WiFi. I used Ubiqiti Unifi APs and switches.
Over the past few days I noticed in the FW logs entries of some Google devices trying to connect to my TV STB (Android TV based). Being on the same VLAN and broadcast domain (192.168.177.0/24) I would not expect to see any traffic "captured" by the log. Those devices should be able to connect to each other without going through OPNsense.
However in the logs (attached) I can see a bunch of 192.168.177.xx devices trying to reach my STB box (192.168.177.55) on UDP 10006. In order to keep the logs "clean" I added an allow rule for that traffic, but I do not understand why this is happening. It does not make sense to me.
Over the past few days I noticed in the FW logs entries of some Google devices trying to connect to my TV STB (Android TV based). Being on the same VLAN and broadcast domain (192.168.177.0/24) I would not expect to see any traffic "captured" by the log. Those devices should be able to connect to each other without going through OPNsense.
However in the logs (attached) I can see a bunch of 192.168.177.xx devices trying to reach my STB box (192.168.177.55) on UDP 10006. In order to keep the logs "clean" I added an allow rule for that traffic, but I do not understand why this is happening. It does not make sense to me.
