"
Yeah, the bug report reads pretty much like what I have experienced.
Hope it gets fixed soon as the HA setup is now pretty much unusable.
Hope it gets fixed soon as the HA setup is now pretty much unusable.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
High availability / Re: XMLRPC Sync Error "parse error. not well formed"
December 23, 2020, 08:48:54 AM #2
High availability / Re: XMLRPC Sync Error "parse error. not well formed"
December 21, 2020, 03:11:15 PM
It looks like the error happens only if I sync the firewall rules. With probably far more than 100 rules, what would be the most effective way to locate the rule casing the sync issue?
#3
High availability / XMLRPC Sync Error "parse error. not well formed"
December 21, 2020, 02:48:39 PM
Recive now a XMLRPC sync error and don't know how to troubleshoot it.
This is my current version:
OPNsense 20.7.7_1-amd64
FreeBSD 12.1-RELEASE-p11-HBSD
OpenSSL 1.1.1i 8 Dec 2020
I have attached the error shown in the gui.
The Output of /usr/local/etc/rc.filter_synchronize:
</params></methodCall>received >>>
<?xml version="1.0"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value><int>-32700</int></value>
</member>
<member>
<name>faultString</name>
<value><string>parse error. not well formed</string></value>
</member>
</struct>
</value>
</fault>
</methodResponse>
error >>>
parse error. not well formed
This is my current version:
OPNsense 20.7.7_1-amd64
FreeBSD 12.1-RELEASE-p11-HBSD
OpenSSL 1.1.1i 8 Dec 2020
I have attached the error shown in the gui.
The Output of /usr/local/etc/rc.filter_synchronize:
</params></methodCall>received >>>
<?xml version="1.0"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value><int>-32700</int></value>
</member>
<member>
<name>faultString</name>
<value><string>parse error. not well formed</string></value>
</member>
</struct>
</value>
</fault>
</methodResponse>
error >>>
parse error. not well formed
#4
20.7 Legacy Series / XMLRPC Sync must be triggered manually?
August 08, 2020, 03:45:43 PM
Not sure if it has anything to do with the 2.7 release but I noticed now that configuration changes are not synced automatically anymore. To get the changes replicated to the second firewall I would have to to trigger the sync manually under System: High Availability: Status : Synchronize
Is this really intended behavior? If yes, an indicator for not synced changes to the second firewall would be
very helpful on the dashboard.
Regards, GOCE
Is this really intended behavior? If yes, an indicator for not synced changes to the second firewall would be
very helpful on the dashboard.
Regards, GOCE
#5
20.7 Legacy Series / Re: After Update to 2.7 no ntp update sync, also some traffic graphs are broken
August 05, 2020, 12:54:29 AM
Adding net.bpf.zerocopy_enable=1 to the tunables didn't change anything for me too.
I could resolve my ntp issue by letting the service listen again on all interfaces. Before (20.1) ntpd was listening only on selected interfaces in my setup and it worked without problems.
I could resolve my ntp issue by letting the service listen again on all interfaces. Before (20.1) ntpd was listening only on selected interfaces in my setup and it worked without problems.
#6
20.7 Legacy Series / Re: After Update to 2.7 no ntp update sync, also some traffic graphs are broken
August 04, 2020, 05:07:09 AM
Can confirm that turning IPS mode off resolved the graph issues.
#7
20.7 Legacy Series / After Update to 2.7 no ntp update sync, also some traffic graphs are broken
August 03, 2020, 11:30:36 PM
I noticed today that the upgrade from 2.1.9 to 2.7.0 broke somehow my NTP settings.
I am not able to sync the time over NTP anymore.
The second thing that seems to be broken on my HA setup is the Traffic Graph. I don't see the In or Out traffic of the WAN interfaces anymore.
Are there any other reports with similar symptom's?
I am not able to sync the time over NTP anymore.
The second thing that seems to be broken on my HA setup is the Traffic Graph. I don't see the In or Out traffic of the WAN interfaces anymore.
Are there any other reports with similar symptom's?
#8
German - Deutsch / Re: LAN -> WANGWGROUP (MultiWAN) nutzt Source WAN-IP vom anderen WAN-Interface
September 29, 2019, 11:09:42 AM
Wow, seit ein paar Tagen kaempfe ich exakt mit den gleichen Symptomen!
Mein Setup ist interssanterweise nahezu identisch. Werde jetzt ebenfalls
ein paar Packet Captures durchfuehren um ganz sicher zu gehen.
Sollte es ein Fix geben bin ich gerne Bereit beim Testen zu helfen.
Gruesse,
GOCE
Mein Setup ist interssanterweise nahezu identisch. Werde jetzt ebenfalls
ein paar Packet Captures durchfuehren um ganz sicher zu gehen.
Sollte es ein Fix geben bin ich gerne Bereit beim Testen zu helfen.
Gruesse,
GOCE
#9
19.7 Legacy Series / Re: Problems after upgrade
July 24, 2019, 08:51:19 AM
I can confirm that the patch fixed it.
Thank you!
GOCE
Thank you!
GOCE
#10
19.7 Legacy Series / Re: Problems after upgrade
July 18, 2019, 06:00:02 PM
Same problem here. Would be nice to get an advice how to fix.
Now uninstalled all plugins and rebooted but the bug remains. A third (standalone) firewall has no problem. The ones showing this bug are in a CARP configuration.
Regards,
GOCE
Now uninstalled all plugins and rebooted but the bug remains. A third (standalone) firewall has no problem. The ones showing this bug are in a CARP configuration.
Regards,
GOCE
#11
19.1 Legacy Series / Re: Suricata memory leak on OPNsense 19.1.10-amd64?
July 15, 2019, 11:46:25 AM
OK, thanks.
I'll report it upstream. Was just curious if others experienced a similar behavior. I have suricata running for several years now and never observed something like this.
Regards,
GOCE
I'll report it upstream. Was just curious if others experienced a similar behavior. I have suricata running for several years now and never observed something like this.
Regards,
GOCE
#12
19.1 Legacy Series / Suricata memory leak on OPNsense 19.1.10-amd64?
July 14, 2019, 09:59:37 PM
Hello,
I have noticed during a huge file transfer over SMB that suricata started to use up to all memory (16 GB RAM) on my 19.1.10-amd64 machine. That can't be normal.
Suricata is on version 4.1.4_2.
Regards,
GOCE
I have noticed during a huge file transfer over SMB that suricata started to use up to all memory (16 GB RAM) on my 19.1.10-amd64 machine. That can't be normal.
Suricata is on version 4.1.4_2.
Regards,
GOCE
#13
19.1 Legacy Series / Traffic Reporting
July 07, 2019, 03:18:38 PM
Hi,
I'm a bit confused about the traffic reporting graphs and total measurements.
How should the metrics, especially Bandwith In/Out and Total In/Out been interpreted
taking the upper graphs in account? I don't get it what it represents with such low
values.
I have added a screenshot about what I observe under OPNsense 19.1.10.
Would appreciate any clarification, maybe I just read it wrong ;-)
Update:
Checked with https://docs.opnsense.org/manual/reporting_traffic.html?highlight=reporting and also with other interfaces where the indicated traffic seems correct. Now it remains that the traffic on the WAN interface isn't reported correctly.
Regards,
GOCE
I'm a bit confused about the traffic reporting graphs and total measurements.
How should the metrics, especially Bandwith In/Out and Total In/Out been interpreted
taking the upper graphs in account? I don't get it what it represents with such low
values.
I have added a screenshot about what I observe under OPNsense 19.1.10.
Would appreciate any clarification, maybe I just read it wrong ;-)
Update:
Checked with https://docs.opnsense.org/manual/reporting_traffic.html?highlight=reporting and also with other interfaces where the indicated traffic seems correct. Now it remains that the traffic on the WAN interface isn't reported correctly.
Regards,
GOCE
#14
19.1 Legacy Series / Re: Basic routing with VMS. 1 OpnSense as firewall and one VM on an internal net
June 13, 2019, 07:51:37 AM
1. Your Machine 2 needs to have the default gateway set to your OPNsense LAN interface (192.168.1.1)
2. Your Machine 2 must be able to reach a DNS Server (your ISP or a public one like 1.1.1.1)
Usually (default installation) there shold be a DHCP service on the LAN interface allready running and provide your clients with IP addresses, default gateway and DNS server settings.
Regards
2. Your Machine 2 must be able to reach a DNS Server (your ISP or a public one like 1.1.1.1)
Usually (default installation) there shold be a DHCP service on the LAN interface allready running and provide your clients with IP addresses, default gateway and DNS server settings.
Regards
#15
19.1 Legacy Series / Re: Bytes/KB/MB processed by firewall rule
May 28, 2019, 07:21:13 PM
Great, what is the target version for this feature?
