"
Yep, I already agreed. I'll bring it up tomorrow.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 08:35:44 PM
Yes, that was how it always was. There was a point in time where they were editable but it also led to strange results so at some point it was disabled. Now in theory the edit could be re-enabled.
I'm not sure what the issue was. Only remember that the associated rules were very partial rules and this lead to expectation vs. reality situations too during the time edits were allowed.
Cheers,
Franco
I'm not sure what the issue was. Only remember that the associated rules were very partial rules and this lead to expectation vs. reality situations too during the time edits were allowed.
Cheers,
Franco
#3
25.7, 25.10 Series / Re: IPv6 link-local route does not survive reboot
January 22, 2026, 08:31:12 PM
If there's a bug it will come back to be looked at. We can wait. :)
Cheers,
Franco
Cheers,
Franco
#4
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 08:04:53 PM
> The thing with the manual rule is that with 25.7.11, you saw the associated firewall rule name there, so you would know which one it was. This gets lost immediately upon update, you do not have to use the migration assistant. That means I see that there is an associated rule:
Yes true but it's now disassociated (manual) and the display of the firewall rules is exactly the same as before and still has the same description. Functionally after the upgrade it's the same. It only starts behaving differently when modifications are being made to destination NAT rules.
We don't have a lot of leeway leaving this concept behind other than making this cut. I can make sure to add this to the migration notes.
Cheers,
Franco
Yes true but it's now disassociated (manual) and the display of the firewall rules is exactly the same as before and still has the same description. Functionally after the upgrade it's the same. It only starts behaving differently when modifications are being made to destination NAT rules.
We don't have a lot of leeway leaving this concept behind other than making this cut. I can make sure to add this to the migration notes.
Cheers,
Franco
#5
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 05:19:17 PM
> I tried to understand how the NAT rule linkage relates to new/old rules, but failed.
The old page added a separate "association rule" which is a bit of a broken firewall rule.
The new system will create a shadow rule in in "Register rule" mode somewhat resembling the old approach but without injecting a real firewall rule. Manual and pass are still the same.
Cheers,
Franco
The old page added a separate "association rule" which is a bit of a broken firewall rule.
The new system will create a shadow rule in in "Register rule" mode somewhat resembling the old approach but without injecting a real firewall rule. Manual and pass are still the same.
Cheers,
Franco
#6
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 05:05:08 PM
Scratch that, here's the fix for the enabled https://github.com/opnsense/core/commit/94081fd82f
And this is for categories: https://github.com/opnsense/core/commit/d1519593
Thanks!
Edit: Since were at the topic Stephan found this earlier today as well https://github.com/opnsense/core/commit/ba8194de
And this is for categories: https://github.com/opnsense/core/commit/d1519593
Thanks!
Edit: Since were at the topic Stephan found this earlier today as well https://github.com/opnsense/core/commit/ba8194de
#7
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 04:56:06 PM
Uwe, can you check the CSV if the enable flags and categories are exported correctly for you?
Thanks,
Franco
Thanks,
Franco
#8
25.7, 25.10 Series / Re: IPv6 link-local route does not survive reboot
January 22, 2026, 03:31:05 PM
> When it comes up, the route for <prefix48>fff0::/60 to FE80::2%vtnet3 is missing from the routing table until I click the 'Apply' button on the routing config screen on the main router.
Maurice, could this overlap with the blackhole route we added for the delegated prefix?
Cheers,
Franco
Maurice, could this overlap with the blackhole route we added for the delegated prefix?
Cheers,
Franco
#9
26.1 Series / Re: Upgrade to RC1 successful
January 22, 2026, 03:16:24 PM
Ah, oui, naturellement. ;)
I added a note about the plugin situation in the forum announcement post.
The "https://192.168.1.1" is a bit of a hardcoded relic.
https://github.com/opnsense/core/blob/e75192ca461dfa/src/sbin/opnsense-installer#L53
From an imported config where "lan" may not exist it can be difficult to extract the correct value from. Let's call it an artefact for now.
Cheers,
Franco
I added a note about the plugin situation in the forum announcement post.
The "https://192.168.1.1" is a bit of a hardcoded relic.
https://github.com/opnsense/core/blob/e75192ca461dfa/src/sbin/opnsense-installer#L53
From an imported config where "lan" may not exist it can be difficult to extract the correct value from. Let's call it an artefact for now.
Cheers,
Franco
#10
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 improvements!
January 22, 2026, 01:59:44 PM
So https://github.com/opnsense/ports/commit/a1996a8fe27 is coming to 26.1-RC2 soon. That more or less concludes 1.)
For 2.) I'll publish new patch instructions after 26.1 is out. I think they don't apply cleanly in all cases anymore since there were more moving parts and some things from the patch have been extracted and moved to the master branch because they were safe as is.
Thanks,
Franco
For 2.) I'll publish new patch instructions after 26.1 is out. I think they don't apply cleanly in all cases anymore since there were more moving parts and some things from the patch have been extracted and moved to the master branch because they were safe as is.
Thanks,
Franco
#11
25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100% CPU
January 22, 2026, 01:38:43 PM
https://github.com/opnsense/hostwatch/commit/482b45ce is on the way but not in 1.0.6.
For specific issues it may make sense to raise a ticket, but multiple versions are in flight now so it would be better to wait for the final one that's going into 26.1 to make reports on.
Cheers,
Franco
For specific issues it may make sense to raise a ticket, but multiple versions are in flight now so it would be better to wait for the final one that's going into 26.1 to make reports on.
Cheers,
Franco
#12
Announcements / Re: OPNsense 26.1-RC1 released
January 22, 2026, 01:00:56 PM
The upgrade path from the development version was successfully tested and unlocked now.
To go to 26.1-RC1 from 25.7.11 switch firmware settings type to "Development", save, check for updates and install. Then check for updates again to do the upgrade. After successful upgrade switch back to "Community" and save and check for updates and install to land on 26.1-RC1.
You can then either remove the ISC-DHCP plugin altogether (if you are sure you don't use it -- it provides automatic DHCPv6 servers to LANs in some cases) or switch the plugin to the non-devel version from the plugins tab.
Please note we do not vet upgrades with third party plugins and repositories.
To go to 26.1-RC1 from 25.7.11 switch firmware settings type to "Development", save, check for updates and install. Then check for updates again to do the upgrade. After successful upgrade switch back to "Community" and save and check for updates and install to land on 26.1-RC1.
You can then either remove the ISC-DHCP plugin altogether (if you are sure you don't use it -- it provides automatic DHCPv6 servers to LANs in some cases) or switch the plugin to the non-devel version from the plugins tab.
Please note we do not vet upgrades with third party plugins and repositories.
#13
25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100% CPU
January 22, 2026, 11:19:26 AM
Thanks for testing! <3
sqlite db is /var/db/hostwatch/hosts.db
latest symlink is added by a cron job or
# configctl syslog archive
Cheers,
Franco
sqlite db is /var/db/hostwatch/hosts.db
latest symlink is added by a cron job or
# configctl syslog archive
Cheers,
Franco
#14
Documentation and Translation / Re: Catalan Translation
January 22, 2026, 10:20:45 AM
Yes, but always keep "%s" around the text being translated to retain context. This is mostly used to inject HTML links into the text.
Cheers,
Franco
Cheers,
Franco
#15
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 improvements!
January 22, 2026, 10:12:13 AM
-L is important to view the remaining lifetime :)
