Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - stesin

#1
Thanks! Now I am feeling safe again  ::)
#2
Hi! Is anyone else seeing this? Is this a sign of something harmful, or I can ignore the error message?
[31/31] Upgrading opnsense from 23.7 to 23.7.1_3...
[31/31] Extracting opnsense-23.7.1_3: .......... done
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
>>> Invoking update script 'refresh'
Writing firmware setting...done.
Writing trust files...done.
Configuring login behaviour...done.
Configuring system logging...Error opening plugin module; module='examples', error='/usr/local/lib/syslog-ng/libexamples.so: Undefined symbol "random_choice_generator_parser"'
done.


Does it affect the actual system logging? Thanks in advance! Regards, Andreas
#3
Dear Franco,

thank you for the hint. Just one more question: in case I (maybe, who knows?) will someday enable DynDNS in the GUI, will it clobber my DNS configuration away, or not?

I took a brief look at unbound docs, it seems to me that I'll be more comfortable with good old named (which I'm familiar with since 1993) and rc.conf :) That's just my personal bias, of course.

WBR,
Andrii
#4
Dear colleagues,

OPNsense is a great and exciting product, millions of thanks for this great work! Being a nonprofit, we appreciate the availability of the free product with this kind of functionality, comparable to industry leaders.

However, we have a simple (maybe basic) question. What we need is to get our firewall to become a primary DNS server for some 2-3 domains for our projects. Yes we have bind910 package installed. But what is correct approach to achive the goal?

Now we have DNS Forwarder in operations. Is it really dnsmasq, what I guess?

What exactly is used as DNS Resolver - is it BIND itself, or whatever?

Which is a correct way to achieve the following setup:

1) a completely independent DNS Server (BIND) working as a service at WAN interface and serves as primary for our zones,

2) external (via WAN) queries for x.mydomain.org are resolved into visible official A records,

3) internal (via LAN) queries for x.mydomain.com are resolved into RFC#1918 A records with IPs from "grey", corporate range like 10.whatever

If anyone from the team give some suggestions about "what is OPNsense policy for this", I'd write a brief HOWTO on this for the community.

Thanks in advance!
WBR, Andrii