Messages

A reboot of the server fixed things for me. I was on 23.1.7_3 when the error occurred. I've since upgraded to 23.1.8 and all seems well for now.

There were some error messages on the local console but I didn't record them. After the reboot I could see that there were also some errors in the backend log from when I upgraded to 23.1.7_3 (see attached image)

I was mistaken about ssh not being enabled, whatever crashed the http server also brought down the ssh server.

You and I have encountered exactly the same problem.

WebUI 503 Service Unavailable  :'(

That seems like it may be a different problem, I'm not seeing a 503 error code just the PHP "fatal error" I quoted above.

Hi,

A couple of weeks ago I upgraded my opnsense install to 23.1 - all seemed to go well and the web interface was accessible after the reboot.

Today I tried to access the web interface and it did not load, instead I was confronted with this error:

Code Select Expand

Fatal error: Failed opening required '/usr/local/www/index.php' (include_path='/usr/local/etc/inc:/usr/local/www:/usr/local/opnsense/mvc:/usr/local/opnsense/contrib:/usr/local/share/pear:/usr/local/share') in Unknown on line 0

I have not touched the OPNsense configuration since the upgrade. SSH is disabled on the router so the web interface is the only way to manage it.

Internet connectivity has not dropped, it's just the management interface that isn't working.

Before I fall back to a full reinstall, any suggestions would be much appreciated.

I ran in to this as well. For others just be aware that the appropriate subnet mask depends on your settings in the Zerotier control panel. If you've selected to have IPs in the 192.168 range then zerotier auto assigns IPs to other clients within a /24 by default (e.g 192.168.195.*), whilst other ranges auto-assign addresses within a /16 prefix (e.g 10.242.*.*).

That clears the error for me when running configctl unbound check in an ssh shell but I'm not sure that it will work when unbound is actually running, since from what I think I understand from the config file, unbound runs chrooted into /var/unbound, so from the POV of the unbound process dnsbl_module.py would be in the root directory

Hi,

I've recently activated an IPv6 tunnel from tunnelbroker.net on my home LAN, and was hoping to redirect Netflix DNS queries as described here, since Netflix blocks IPv6 connections from the tunnel.

It is necessary to set a custom option in Unbound, so I read the manual page and was planning to follow the instructions by creating an advanced configuration file, however even before I create any custom settings, configctl unbound check fails with a fatal error:

Code Select Expand

root@OPNsense:~ # configctl unbound check
[1670006832] unbound-checkconf[9894:0] error: pythonmod: can't open file dnsbl_module.py for reading
[1670006832] unbound-checkconf[9894:0] fatal error: bad config for python module

I'm not sure how to fix this, as dnsbl_module.py is present in /var/unbound/ with global read permissions, is it a bug in 22.7.9? It seems like it prevents me from validating the config changes I'd like to make.

Any advice welcome.

Update on this though it's years later  :)

The igel thin client turned out to be unsuitable for OPNsense. It's passively cooled and the system would overheat and lock up. I recently set up an OPNsense system using an old laptop and I'm very happy with it so far.

Hi,

I'm new to OPNsense, just trying to set up a test system - I tried to copy the nano image onto a 4GB Kingston compact flash card. Unfortunately the image is larger than the card, so the image writer complains. I think I'm going to have to mess around with manually partitioning and copying over the contents of the image to get things working.

It may be better to slightly reduce the size of the image partitions next time to allow for a greater variety of CF cards.

Hi,

I'm currently putting hardware together to make an FOSS based router for my LAN, I've just found out about OPNsense, I'm interested in trying it out, however I'm not sure it will actually fit my needs, hence this post.

Main requirements:

• basic firewall and NAT
• Works with a SIP VoIP server behind the NAT (i.e disable NAT source port rewriting, forward relevant ports)
• QoS to maintain good performance of multiple VoIP channels even when download or upload is saturated.
• Auto failover if main WAN goes down using a 4G USB stick
• openVPN endpoint

I've bought an Igel 5/4 thin client which is essentially a standard x86 PC based around a 1Ghz VIA C7 processor (which has VIA padlock AES acceleration for good openvpn performance) and only uses ~10w idle/20W under load. It has a PCI slot which I'm going to populate with an Intel 2 port gigabit card (e.g. this). I believe it should more than adequate to handle my limited ADSL (5mbit down/800kbps up) and even be fine if I upgrade to VDSL (~30Mbit down/6Mbit up predicted for my line). No cable where I am.

From the docs it seems 1-3 and the failover part of of 4 should be no problem, however I can't find anything about OPNsense support for 4G modems, is support just undocumented or actually non-existant? I suppose I could get a small secondary router like the TP-Link TL-MR3020, install a distro with good 4G support such as openWRT and bridge the connection over to OPNsense but I'd me much happier just plugging the USB stick directly into the Igel unit. Is 4G support planned if not currently available?

I also can't find anything about VIA padlock support for speedy, low CPU openVPN, other distributions such as pfSense definitely support this and I'd prefer something which support it without a lot of messing around.

Any comments or advice on the proposed build welcome.