Messages

What's your goal? Breaking access?

The <password/> entry has been compatible across versions forever.

The only thing that could change are:

1. authentication settings
2. console keyboard mapping


Cheers,
Franco

Uh, not this "security" related issue again. ;)

https://github.com/opnsense/src/issues/213


Cheers,
Franco

I have

> 532520       1024  nda0p2  freebsd-boot  (512K)

Which basically means at some point FreeBSD changed the partition size to account for the larger boot manager.

Unfortunately this can only be solved by reinstall. But it's rather easy from the install media using the config import step to retain the existing settings.


Cheers,
Franco

Not working in the console but working in the GUI? Likely a keymap issue.


Cheers,
Franco

The commit in question is likely https://github.com/opnsense/core/commit/8c9c56f9b504f992fd

But I'm not sure where the issue is since you haven't published your MTU settings (both interface and PPP device).

If MRU is accepted but not set I'm not sure we can do much as we never see it and MPD5 should likely enforce it.


Cheers,
Franco

Thanks all for the feedback! There's also this one now.

https://github.com/opnsense/core/commit/87345016d4fe9aee1

And we're probably shipping all later this week in 25.7.7.


Cheers,
Franco

Are these categories shown as is? They do not look like a category created through the GUI.

Here's an example:

Code Select Expand

% pluginctl -g OPNsense.Firewall.Category
{
    "@attributes": {
        "version": "1.0.0"
    },
    "categories": {
        "category": {
            "@attributes": {
                "uuid": "ebdbc9a8-7a43-47e3-b35f-098a77950d5f"
            },
            "name": "Foobar",
            "auto": "0",
            "color": "ff0000"
        }
    }
}
There's both auto and color here.


Cheers,
Franco

@Kg6hbh N100 perhaps?

@wstemb yep, that's the fixed version

Test kernel here https://github.com/opnsense/src/issues/259#issuecomment-3438932613

You can also put your feedback in this thread.


Thanks,
Franco

From the console run:

# pkg install opnsense

or

# opnsense-bootstrap

if the first command doesn't work, but normally it should.


Cheers,
Franco

The health audit will likely tell you that the core package is not installed. This happens when the local package database is corrupt and the system thinks no packages are installed. Then it finds no updates when you check for them.

Please provide the health audit first.


Cheers,
Franco

It's been about 24 hours since the hotfix went live and I haven't heard the issue is still happening. Incidentally, FreeBSD released pkg 2.4.0 which also includes this particular fix. So all of this went as expected.


Cheers,
Franco

Thanks, all! Feedback has been awesome.

There will be more patches soon and we'll batch the shipment of all fixes for 25.7.7 to avoid a series of confusing hotfixes and games of is-this-still-opnsense-patch-able-or-not.


Cheers,
Franco

Hi Alan,

Hotfixes belong to the release they are issued for. Treating them es separate versions is tedious so only the package manager knows them by the _x annotation (which is called a "port revision" in FreeBSD which also doesn't change the actual version number of the software).

If you want to have the latest version in the remote you can do:

# pkg rquery %v opnsense

or

# # pkg rquery %v opnsense-business

for the BE version.

Note this only brings you to each series end of life release, but not beyond. Every approach has advantages and disadvantages.


Cheers,
Franco

The syntax error rules should just be discarded, but your more pressing issue seems to be netmap (IPS) mode not working. I believe this is in conjunction with Suricata 8, but we found no direct evidence that it changes the way it works. There are a couple more threads about this to find here.


Cheers,
Franco