Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - franco

Pages1 2 3 ... 1309
#1
26.1 Series / Re: Firewall rules migration
Today at 07:31:37 PM
That's because the old rules don't have as much integrity checks. "opt2" is gone I think so you don't need these rules?


Cheers,
Franco
#2
26.1 Series / Re: upgrade from 25.7.11_9 and ISC
Today at 04:15:10 PM
Yeah, that's the issue that can happen where the plugin doesn't update. I'm working on it. Sorry for the trouble.


Cheers,
Franco
#3
General Discussion / Re: external ip was blocked by forum.. ended up being a good learning experience
Today at 03:00:02 PM
It's going to be configurable in 26.1.2, see https://github.com/opnsense/core/issues/9767

Yay for tickets :D


Cheers,
Franco
#4
25.7, 25.10 Series / Re: Update trouble 25.10.2
Today at 02:58:45 PM
If you run the command on the shell you can see if it's still stored ;)


Cheers,
Franco
#5
26.1 Series / Re: Unbound: dynamic hostname mapping/KEA & ISC cannot be enabled back
Today at 02:56:33 PM
I think it's working as described, but it doesn't work on reboots (by initial design).

We discussed it here https://github.com/opnsense/core/issues/9774

Cheers,
Franco
#6
26.1 Series / Re: IPv6 downstream router (FritzBox) requires OPNsense to behave like ISP
Today at 11:36:07 AM
For a static IPv6 prefix in Kea yes. For a dynamic one no. We'll be discussing some things related to Kea in the upcoming roadmap discussion for 26.7.


Cheers,
Franco
#7
Development and Code Review / Re: IGMP version in freebsd
Today at 10:16:21 AM
This will be changed in a future 26.1.x, see https://github.com/opnsense/src/issues/280


Cheers,
Franco
#8
25.7, 25.10 Series / Re: Update trouble 25.10.2
Today at 09:48:21 AM
Do you have the update log?

# opnsense-update -g


Cheers,
Franco
#9
26.1 Series / Re: 26.1.1: Unbound: Option "query forwarding"->"Unexpected error, check log for."
Today at 09:45:06 AM
Can you paste the PHP error from System: Firmware: Reporter here?


Thanks,
Franco
#10
26.1 Series / Re: upgrade from 25.7.11_9 and ISC
Today at 09:44:00 AM
FWIW, the pkg bug could also be a kernel bug. We're adding a soft-retry along the lines of https://github.com/opnsense/pkg/commit/94e5e97a5 which should help and gather a bit more data.

@jmcgee do you have the upgrade log (firmware audit) for me?


Cheers,
Franco
#11
26.1 Series / Re: Divert mode "Write to ipfw divert socket failed: Permission denied"
Today at 08:21:49 AM
Still no idea on "permission denied". It indicates insufficient permission, but Suricata runs as root and there should be no restrictions placed on a default install GUI only use regarding what Suricata can do.


Cheers,
Franco
#12
25.7, 25.10 Series / Re: System: Settings: General - unique DNS server required?
February 10, 2026, 02:38:47 PM
Yes, you only need this when you already have manual servers listed there. DNS servers (and monitoring IPs) should not overlap between gateways. This ensures that each DNS server stays on its own WAN connection. The underlying cause is that host routes are set up for each one and you cannot connect the same IP over two different gateways.


Cheers,
Franco
#13
25.7, 25.10 Series / Re: Gateway Group - confusing help text
February 10, 2026, 07:55:20 AM
Hi Evert,

You're right. The VIP support was removed a while back and the "Link Priority" really refers to the tier selection. I've cleared that up in

https://github.com/opnsense/core/commit/53d61b9d


Cheers,
Franco
#14
25.7, 25.10 Series / Re: python -- several vulnerabilities CVE: CVE-2025-13836 CVE: CVE-2025-12084
February 10, 2026, 07:21:38 AM
25.10.2 is out since yesterday. We're planning for 26.1.2 at the end of this week to pick up the newer Python batch into community as well.


Cheers,
Franco
#15
26.1 Series / Re: zfs and sqlite
February 09, 2026, 08:10:08 PM
Yes, it's opnsense-revert, not opnsense-update. Thanks!


Cheers,
Franco
Pages1 2 3 ... 1309