Messages

that works! thanks franco!

I restored froma backup and ran the update again:

this is what I get:


***GOT REQUEST TO UPDATE***
Currently running OPNsense 24.7.11_2 (amd64) at Wed Feb  5 18:39:34 PST 2025
Updating OPNsense repository catalogue...
Waiting for another process to update repository OPNsense
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (45 candidates): .......... done
Processing candidates (45 candidates): .......... done
The following 46 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
   py311-typing-extensions: 4.12.2

Installed packages to be UPGRADED:
   boost-libs: 1.86.0 -> 1.86.0_1
   crowdsec: 1.6.3_3 -> 1.6.4
   curl: 8.11.0_1 -> 8.11.1_1
   e2fsprogs-libuuid: 1.47.1 -> 1.47.2
   gettext-runtime: 0.22.5 -> 0.23.1
   libltdl: 2.4.7 -> 2.5.4
   libpfctl: 0.14 -> 0.15
   lighttpd: 1.4.76 -> 1.4.76_1
   log4cplus: 2.1.1 -> 2.1.2
   nettle: 3.10_1 -> 3.10.1
   ntp: 4.2.8p18 -> 4.2.8p18_1
   oniguruma: 6.9.9 -> 6.9.10
   openvpn: 2.6.12 -> 2.6.13
   opnsense: 24.7.11_2 -> 24.7.12_4
   opnsense-update: 24.7.10_1 -> 24.7.12
   os-mdns-repeater: 1.1_1 -> 1.2
   php82: 8.2.26 -> 8.2.27
   php82-ctype: 8.2.26 -> 8.2.27
   php82-curl: 8.2.26 -> 8.2.27
   php82-dom: 8.2.26 -> 8.2.27
   php82-filter: 8.2.26 -> 8.2.27
   php82-gettext: 8.2.26 -> 8.2.27
   php82-ldap: 8.2.26 -> 8.2.27
   php82-mbstring: 8.2.26 -> 8.2.27
   php82-pcntl: 8.2.26 -> 8.2.27
   php82-pdo: 8.2.26 -> 8.2.27
   php82-session: 8.2.26 -> 8.2.27
   php82-simplexml: 8.2.26 -> 8.2.27
   php82-sockets: 8.2.26 -> 8.2.27
   php82-sqlite3: 8.2.26 -> 8.2.27
   php82-xml: 8.2.26 -> 8.2.27
   php82-zlib: 8.2.26 -> 8.2.27
   py311-anyio: 4.6.2 -> 4.7.0
   py311-attrs: 24.2.0 -> 24.3.0
   py311-certifi: 2024.8.30 -> 2024.12.14
   py311-charset-normalizer: 3.4.0 -> 3.4.1_1
   py311-httpx: 0.27.2 -> 0.28.1
   py311-numexpr: 2.10.1 -> 2.10.2
   py311-six: 1.16.0_1 -> 1.17.0
   py311-sqlite3: 3.11.10_7 -> 3.11.11_7
   py311-trio: 0.27.0 -> 0.28.0
   python311: 3.11.10 -> 3.11.11
   qemu-guest-agent: 9.1.1 -> 9.2.0
   sudo: 1.9.16p2 -> 1.9.16p2_1
   zip: 3.0_3 -> 3.0_4

Number of packages to be installed: 1
Number of packages to be upgraded: 45

The operation will free 3 MiB.
97 MiB to be downloaded.
[1/46] Fetching py311-sqlite3-3.11.11_7.pkg: ..... done
[2/46] Fetching py311-anyio-4.7.0.pkg: .......... done
[3/46] Fetching php82-session-8.2.27.pkg: ..... done
[4/46] Fetching lighttpd-1.4.76_1.pkg: .......... done
[5/46] Fetching opnsense-update-24.7.12.pkg: ..... done
[6/46] Fetching boost-libs-1.86.0_1.pkg: .......... done
[7/46] Fetching nettle-3.10.1.pkg: .......... done
[8/46] Fetching py311-six-1.17.0.pkg: .... done
[9/46] Fetching php82-zlib-8.2.27.pkg: ... done
[10/46] Fetching php82-dom-8.2.27.pkg: ......... done
[11/46] Fetching py311-charset-normalizer-3.4.1_1.pkg: .......... done
[12/46] Fetching php82-simplexml-8.2.27.pkg: ... done
[13/46] Fetching e2fsprogs-libuuid-1.47.2.pkg: ..... done
[14/46] Fetching crowdsec-1.6.4.pkg: .......... done
[15/46] Fetching openvpn-2.6.13.pkg: .......... done
[16/46] Fetching php82-pdo-8.2.27.pkg: ....... done
[17/46] Fetching php82-curl-8.2.27.pkg: ...... done
[18/46] Fetching py311-httpx-0.28.1.pkg: .......... done
[19/46] Fetching php82-mbstring-8.2.27.pkg: .......... done
[20/46] Fetching ntp-4.2.8p18_1.pkg: .......... done
[21/46] Fetching py311-attrs-24.3.0.pkg: .......... done
[22/46] Fetching php82-ldap-8.2.27.pkg: ..... done
[23/46] Fetching python311-3.11.11.pkg: .......... done
[24/46] Fetching py311-trio-0.28.0.pkg: .......... done
[25/46] Fetching py311-certifi-2024.12.14.pkg: .......... done
[26/46] Fetching php82-sockets-8.2.27.pkg: ...... done
[27/46] Fetching php82-8.2.27.pkg: .......... done
[28/46] Fetching php82-sqlite3-8.2.27.pkg: .... done
[29/46] Fetching log4cplus-2.1.2.pkg: .......... done
[30/46] Fetching php82-pcntl-8.2.27.pkg: ... done
[31/46] Fetching php82-xml-8.2.27.pkg: ... done
[32/46] Fetching curl-8.11.1_1.pkg: .......... done
[33/46] Fetching gettext-runtime-0.23.1.pkg: .......... done
[34/46] Fetching py311-numexpr-2.10.2.pkg: .......... done
[35/46] Fetching libpfctl-0.15.pkg: .. done
[36/46] Fetching libltdl-2.5.4.pkg: ..... done
[37/46] Fetching zip-3.0_4.pkg: .......... done
[38/46] Fetching php82-gettext-8.2.27.pkg: . done
[39/46] Fetching qemu-guest-agent-9.2.0.pkg: .......... done
[40/46] Fetching opnsense-24.7.12_4.pkg: .......... done
[41/46] Fetching oniguruma-6.9.10.pkg: .......... done
[42/46] Fetching py311-typing-extensions-4.12.2.pkg: ......... done
[43/46] Fetching os-mdns-repeater-1.2.pkg: . done
[44/46] Fetching sudo-1.9.16p2_1.pkg: .......... done
[45/46] Fetching php82-ctype-8.2.27.pkg: . done
[46/46] Fetching php82-filter-8.2.27.pkg: ... done
Checking integrity... done (0 conflicting)
[1/46] Upgrading python311 from 3.11.10 to 3.11.11...
[1/46] Extracting python311-3.11.11: .......... done
pkg-static: Fail to rename /usr/local/lib/python3.11/__pycache__/.pkgtemp.fractions.cpython-311.opt-2.pyc.V2WnqL3zBMYs -> /usr/local/lib/python3.11/__pycache__/fractions.cpython-311.opt-2.pyc:Invalid argument
Starting web GUI...done.
***DONE***

I'm having problem updating. Can someone help?


**GOT REQUEST TO UPDATE***
Currently running OPNsense 24.7.11_2 (amd64) at Wed Feb  5 17:35:56 PST 2025
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (45 candidates): .......... done
Processing candidates (45 candidates): .......... done
Checking integrity... done (0 conflicting)
The following 46 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
   py311-typing-extensions: 4.12.2

Installed packages to be UPGRADED:
   boost-libs: 1.86.0 -> 1.86.0_1
   crowdsec: 1.6.3_3 -> 1.6.4
   curl: 8.11.0_1 -> 8.11.1_1
   e2fsprogs-libuuid: 1.47.1 -> 1.47.2
   gettext-runtime: 0.22.5 -> 0.23.1
   libltdl: 2.4.7 -> 2.5.4
   libpfctl: 0.14 -> 0.15
   lighttpd: 1.4.76 -> 1.4.76_1
   log4cplus: 2.1.1 -> 2.1.2
   nettle: 3.10_1 -> 3.10.1
   ntp: 4.2.8p18 -> 4.2.8p18_1
   oniguruma: 6.9.9 -> 6.9.10
   openvpn: 2.6.12 -> 2.6.13
   opnsense: 24.7.11_2 -> 24.7.12_4
   opnsense-update: 24.7.10_1 -> 24.7.12
   os-mdns-repeater: 1.1_1 -> 1.2
   php82: 8.2.26 -> 8.2.27
   php82-ctype: 8.2.26 -> 8.2.27
   php82-curl: 8.2.26 -> 8.2.27
   php82-dom: 8.2.26 -> 8.2.27
   php82-filter: 8.2.26 -> 8.2.27
   php82-gettext: 8.2.26 -> 8.2.27
   php82-ldap: 8.2.26 -> 8.2.27
   php82-mbstring: 8.2.26 -> 8.2.27
   php82-pcntl: 8.2.26 -> 8.2.27
   php82-pdo: 8.2.26 -> 8.2.27
   php82-session: 8.2.26 -> 8.2.27
   php82-simplexml: 8.2.26 -> 8.2.27
   php82-sockets: 8.2.26 -> 8.2.27
   php82-sqlite3: 8.2.26 -> 8.2.27
   php82-xml: 8.2.26 -> 8.2.27
   php82-zlib: 8.2.26 -> 8.2.27
   py311-anyio: 4.6.2 -> 4.7.0
   py311-attrs: 24.2.0 -> 24.3.0
   py311-certifi: 2024.8.30 -> 2024.12.14
   py311-charset-normalizer: 3.4.0 -> 3.4.1_1
   py311-httpx: 0.27.2 -> 0.28.1
   py311-numexpr: 2.10.1 -> 2.10.2
   py311-six: 1.16.0_1 -> 1.17.0
   py311-sqlite3: 3.11.10_7 -> 3.11.11_7
   py311-trio: 0.27.0 -> 0.28.0
   python311: 3.11.10 -> 3.11.11
   qemu-guest-agent: 9.1.1 -> 9.2.0
   sudo: 1.9.16p2 -> 1.9.16p2_1
   zip: 3.0_3 -> 3.0_4

Number of packages to be installed: 1
Number of packages to be upgraded: 45

The operation will free 3 MiB.
[1/46] Upgrading python311 from 3.11.10 to 3.11.11...
[1/46] Extracting python311-3.11.11: .......... done
python311-3.11.10: missing file /usr/local/lib/python3.11/lib2to3/Grammar3.11.10.final.0.pickle
python311-3.11.10: missing file /usr/local/lib/python3.11/lib2to3/PatternGrammar3.11.10.final.0.pickle
python311-3.11.10: missing file /usr/local/share/licenses/python311-3.11.10/LICENSE
python311-3.11.10: missing file /usr/local/share/licenses/python311-3.11.10/PSFL
python311-3.11.10: missing file /usr/local/share/licenses/python311-3.11.10/catalog.mk
pkg-static: Fail to rename /usr/local/lib/python3.11/__pycache__/.pkgtemp.fractions.cpython-311.opt-2.pyc.CaHP5lqDRcVk -> /usr/local/lib/python3.11/__pycache__/fractions.cpython-311.opt-2.pyc:Invalid argument
Starting web GUI...done.
***DONE***

thank yhou . this is awesome! got me up and running

Hello everybody,

when I Route my traffic through my OPNsense, Netflix on my Shield turns barely useable.

I checked it via Speedtest to fast.com and the traffic graph in the gui.

Im using IDPS, Squid and a VPN connection, however even when I deactivate everything its still slow.

Besides the Speedtest via the Netflix app fails and just shows 0, withouth OPNsense it works flawlessly.

Is it possible that im missing some NAT/Outbound rule anywhere?

Thank you in advance.

Regards

did you ever find a solution for this. I'm experiencing the same thing. sometimes the title loads and some times it doesnt.

Anyone having this problem.

all my vlan are getting their 'track interface" ipv6 correctly ONLY single IPv6.

How ever Untagged vLAN (my main vlan for every esxi, vsphere, vmware, computers, home computers) all get the same all the IPv6 tagged IPv6s.

So if I sign into using my Wireless access point i get 1 x IPV6.
So if I sign into my wireless untagged I get 10+ IPv6 as many as my vlans.

Anyone has a solution to fix this?

@franco

I had this issue. This is what I add to help


VPN > Zerotier > Settings

{
   "physical": {
      "192.168.165.1/24": { "blacklist": true },
      "10.0.0.0/16": { "blacklist": true },
      "172.168.0.0/12": { "blacklist": true }
   },
   "settings": {
      "primaryPort": 9993,
      "portMappingEnabled": false,
      "allowSecondaryPort": false,
      "allowTcpFallbackRelay": false
   }
}

I'm trying to learn how to setup OSPF through ZeroTier.
I'm having issues distributing routes in OSPF.

Can Someone see anything odd about this?


1.) I removed all Managed Routes on ZeroTier
2.) Plugin Installed in OPNSense FRR
3.) Routing > General > Checked Enable
4.) OSPF > Check enable
              - Passive - All interface Except ZeroTier Interface
5.) Networks -> Added all networks route over ZeroTier Including ZeroTier Interface
6.) NO WORK

Anyone have a clue what I need to do? no routing table are showing up.

I'm having the same issues too

sometimes it pings sometimes it doesnt.

My connection was solid before the upgrade.

I'm working on setting up a OPNSense for RV customers.

Since they use serveral LTE devices for reliability. When you move from one area to another area you get new ip address.

WAN seem to stick on one ip addres from another city.

How can you set it so WAN renew ip of gateway pings dies?



Overview:
4 VMS
- OPNSense
- Domain Control DHCP, DNS
- 1 File Server
- Windows 10 backup

all of these are tied back using ZeroTier.


I need to find a way so that if DHCP Gateway dies. The wan try to renew/release ip address to get new ip from one location to the new location.

I've been trying to get 2 OPNSense Zero Tier working. Anyone try it?

OPNSense1
- ZeroTier Package Installed
    Configured with IP 172.24.204.2
- Interface Assigned


OPNSense2
- ZeroTier Package Installed
    Configured with IP 172.24.204.2
- Interface Assigned


From OPNSense GUI I can ping each other OPNSense

BUT from
OPNSense LAN 192.168.X I cannot ping 172.24.204.2

I open all firewall

I upgraded to version OPNsense 20.1.5-amd64 today and now ipsec are getting these errors.

There are 4 site to site. 1 works and the other 3 doesnt work.

the 3 that doesnt work show this error below.



2020-04-24T18:16:51   charon: 01[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:51   charon: 01[KNL] creating acquire job for policy 96.85.x.x.x/32 === 173.16x.x.x.x.x/32 with reqid {3}
2020-04-24T18:16:46   charon: 01[NET] <con3|2> sending packet: from 96.85.xx.x.x[4500] to 173.160.xx.xx[4500] (1052 bytes)
2020-04-24T18:16:46   charon: 01[IKE] <con3|2> retransmit 4 of request with message ID 1
2020-04-24T18:16:45   charon: 01[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:45   charon: 05[KNL] creating acquire job for policy 96.85.xx.xx3/32 === 173.16x.x.x.x/32 with reqid {3}
2020-04-24T18:16:42   charon: 05[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:42   charon: 05[KNL] creating acquire job for policy 96.85xx.x.x32 === 173.160.1xx.x.x/32 with reqid {3}

I have WAN & LAN IPv6 set to none. Some how all my internal client getting ipv6 . Tested to see if its routable by going to ipv6 website. Its not routable. How do I stop OPNSense from giving internal networks public ipv6 address?

Finally I got the time to fiddle around with NTOPNG. I'm loving it!

A few question I would like to ask.

1.) Where do you set how long the data is retention in NTOP?


2.) Can someone recommend settings for NTOPNG?

Franco,

Is there a way to reset System > Access

I added Root to a couple of groups and now it wont let me remove it.

Also log on as root I cannot install plugin too. Anyway we can reset the System > Access without reseting everything else?