Messages

Thx, will check further if i found something.. :)

Yes, it would be great if someone else could give some advice to accomplish this...

If i figure it out, i will of course share it.., if ..;)
br

run the script by putting it in a txt file and changing the permissions to allow it to be executable.   then run it by ./scriptname.sh or whatever its called.

Would be the correct path for the Script /usr/local/etc/rc.d where the other Scripts are defined, for example clamav-freshclam, unbound and suricata? If yes, would the created script there survive future updates?
Thx!

Please see here

Thanks, if i check the Cron Settings in the Gui, which command to use, to execute the custom script?
Thx!

Hi,

thanks for the information. Can you please explain me detailed how you run the script yet?

Also how to run it via cron?

Thx!

Perfect, thanks Franco

Hello,

i found in the Netgate Forum the following Script related to the Issue to update the outgoing address via cron job

Code Select Expand


#!/bin/sh

# Variables
VPN_IFACE=ovpnc1
SQUID_CONFIG_FILE=/usr/local/etc/squid/squid.conf

# Get current IP address of VPN interface
VPN_IFACE_IP=$(ifconfig $VPN_IFACE | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+')

# Check if VPN interface is up and exit if it isn't
if [ -z "$VPN_IFACE_IP" ]
then
        exit 0;
fi

# Check current IP for VPN interface in squid.conf file
VPN_CONFIG_IP=$(grep -m 1 "tcp_outgoing_address" $SQUID_CONFIG_FILE | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+')

# Check if the config file matches the current VPN interface IP, and if so exit script
if [ "$VPN_IFACE_IP" == "$VPN_CONFIG_IP" ]
then
        exit 0;
fi

# Replace the previous IP address in the squid.conf file with the current VPN interface address
sed -ie 's/'"$VPN_CONFIG_IP"'/'"$VPN_IFACE_IP"'/' $SQUID_CONFIG_FILE

# Force reload of the new squid.conf file
/usr/local/sbin/squid -k reconfigure



As im no developer, how can this script be implemented via Cron Job in Opnsense?

Or can this Script be implemented in a other better way?

Thx!

Hello,

updated to 22.1.2_1 same issue here.

@Franco is there a Fix available?

Thx

Hi Franco,

thanks for the information. Just to understand, this means the messages get fixed in a new release?
Thx!

Hi,

now i get it to work, with the 2 lines of code added to custom.conf in /post-auth and pre-auth folder, and with the suggested interface IP of the ovpnc1 interface:)

@thefunkygibbon would you please share the script what checks the interface ip?

Thank You!
br

Same issue here, after Update to 22.1

Hi,

thanks for the Information
br

Hello,

Updated to 22.1. ZFS Install with LAGG. Checking dmesg:

Code Select Expand


debugnet_any_ifnet_update: Bad dn_init result from igb1 (ifp 0xfffff800031f3000), ignoring.
igb1: link state changed to DOWN
lagg0: link state changed to DOWN
debugnet_any_ifnet_update: Bad dn_init result from igb2 (ifp 0xfffff8000505d800), ignoring.
igb2: link state changed to DOWN
debugnet_any_ifnet_update: Bad dn_init result from igb3 (ifp 0xfffff80003f25000), ignoring.
igb3: link state changed to DOWN

igb1: link state changed to UP
igb3: link state changed to UP
igb2: link state changed to UP
lagg0: link state changed to UP


Get the Bad dn_init on all Interfaces (Intel Interfaces), after the Update to OPNsense 22.1.

How to fix?
Thx!

The netmap message is not an error. Netmap unfortunately has a number of this debug/informational message that don't make much sense to anyone but the authors / those who know the internals by heart most likely.


Cheers,
Franco

Get as well still the 809.618885 [ 849] iflib_netmap_config       txr 4 rxr 4 txd 1024 rxd 1024 rbufsz 2048 messages...

If they are not errors, how to disable them permanently?

Thx!

Removed today the Sensei Plugins, till i found out that the local Elasticsearch db is not removed automatically.

Removed the Elasticsearch DB in Console:

Code Select Expand


pkg remove elasticsearch5

cd /usr/local/etc

rm -rf elasticsearch



Installed Sensei Plugins again, recovered the zenarmor configuration backup and the Issue is fixed now:)


Just wondering while sensei still create /usr/local/sensei/output/active/temp in ufs and not in zfs file system ...