Messages

1

High availability / Re: XMLRPC Sync Error "parse error. not well formed"

« on: December 23, 2020, 08:48:54 am »

Yeah, the bug report reads pretty much like what I have experienced.

Hope it gets fixed soon as the HA setup is now pretty much unusable.

2

High availability / Re: XMLRPC Sync Error "parse error. not well formed"

« on: December 21, 2020, 03:11:15 pm »

It looks like the error happens only if I sync the firewall rules. With probably far more than 100 rules, what would be the most effective way to locate the rule casing the sync issue?

3

High availability / XMLRPC Sync Error "parse error. not well formed"

« on: December 21, 2020, 02:48:39 pm »

Recive now a XMLRPC sync error and don't know how to troubleshoot it.

This is my current version:

OPNsense 20.7.7_1-amd64
FreeBSD 12.1-RELEASE-p11-HBSD
OpenSSL 1.1.1i 8 Dec 2020

I have attached the error shown in the gui.

The Output of /usr/local/etc/rc.filter_synchronize:

</params></methodCall>received >>>
<?xml version="1.0"?>
<methodResponse>
  <fault>
    <value>
      <struct>
        <member>
          <name>faultCode</name>
          <value><int>-32700</int></value>
        </member>
        <member>
          <name>faultString</name>
          <value><string>parse error. not well formed</string></value>
        </member>
      </struct>
    </value>
  </fault>
</methodResponse>
error >>>
parse error. not well formed

4

20.7 Legacy Series / XMLRPC Sync must be triggered manually?

« on: August 08, 2020, 03:45:43 pm »

Not sure if it has anything to do with the 2.7 release but I noticed now that configuration changes are not synced automatically anymore. To get the changes replicated to the second firewall I would have to to trigger the sync manually under System: High Availability: Status : Synchronize

Is this really intended behavior? If yes, an indicator for not synced changes to the second firewall would be
very helpful on the dashboard.

Regards, GOCE

5

20.7 Legacy Series / Re: After Update to 2.7 no ntp update sync, also some traffic graphs are broken

« on: August 05, 2020, 12:54:29 am »

Adding net.bpf.zerocopy_enable=1 to the tunables didn't change anything for me too.

I could resolve my ntp issue by letting the service listen again on all interfaces. Before (20.1) ntpd was listening only on selected interfaces in my setup and it worked without problems.

6

20.7 Legacy Series / Re: After Update to 2.7 no ntp update sync, also some traffic graphs are broken

« on: August 04, 2020, 05:07:09 am »

Can confirm that turning IPS mode off resolved the graph issues.

7

20.7 Legacy Series / After Update to 2.7 no ntp update sync, also some traffic graphs are broken

« on: August 03, 2020, 11:30:36 pm »

I noticed today that the upgrade from 2.1.9 to 2.7.0 broke somehow my NTP settings.
I am not able to sync the time over NTP anymore.

The second thing that seems to be broken on my HA setup is the Traffic Graph. I don't see the In or Out traffic of the WAN interfaces anymore.

Are there any other reports with similar symptom's?

8

German - Deutsch / Re: LAN -> WANGWGROUP (MultiWAN) nutzt Source WAN-IP vom anderen WAN-Interface

« on: September 29, 2019, 11:09:42 am »

Wow, seit ein paar Tagen kaempfe ich exakt mit den gleichen Symptomen!
Mein Setup ist interssanterweise nahezu identisch. Werde jetzt ebenfalls
ein paar Packet Captures durchfuehren um ganz sicher zu gehen.

Sollte es ein Fix geben bin ich gerne Bereit beim Testen zu helfen.

Gruesse,

GOCE

9

19.7 Legacy Series / Re: Problems after upgrade

« on: July 24, 2019, 08:51:19 am »

I can confirm that the patch fixed it.

Thank you!

GOCE

10

19.7 Legacy Series / Re: Problems after upgrade

« on: July 18, 2019, 06:00:02 pm »

Same problem here. Would be nice to get an advice how to fix.

Now uninstalled all plugins and rebooted but the bug remains. A third (standalone) firewall has no problem. The ones showing this bug are in a CARP configuration.

Regards,

GOCE

11

19.1 Legacy Series / Re: Suricata memory leak on OPNsense 19.1.10-amd64?

« on: July 15, 2019, 11:46:25 am »

OK, thanks.

I'll report it upstream. Was just curious if others experienced a similar behavior. I have suricata running for several years now and never observed something like this.

Regards,

GOCE

12

19.1 Legacy Series / Suricata memory leak on OPNsense 19.1.10-amd64?

« on: July 14, 2019, 09:59:37 pm »

Hello,

I have noticed during a huge file transfer over SMB that suricata started to use up to all memory (16 GB RAM) on my 19.1.10-amd64 machine. That can't be normal.

Suricata is on version 4.1.4_2.

Regards,

GOCE

13

19.1 Legacy Series / Traffic Reporting

« on: July 07, 2019, 03:18:38 pm »

Hi,

I'm a bit confused about the traffic reporting graphs and total measurements.

How should the metrics, especially Bandwith In/Out and Total In/Out been interpreted
taking the upper graphs in account? I don't get it what it represents with such low
values.

I have added a screenshot about what I observe under OPNsense 19.1.10.
Would appreciate any clarification, maybe I just read it wrong ;-)

Update:
Checked with https://docs.opnsense.org/manual/reporting_traffic.html?highlight=reporting and also with other interfaces where the indicated traffic seems correct. Now it remains that the traffic on the WAN interface isn't reported correctly.

Regards,
GOCE

14

19.1 Legacy Series / Re: Basic routing with VMS. 1 OpnSense as firewall and one VM on an internal net

« on: June 13, 2019, 07:51:37 am »

1. Your Machine 2 needs to have the default gateway set to your OPNsense LAN interface (192.168.1.1)

2. Your Machine 2 must be able to reach a DNS Server (your ISP or a public one like 1.1.1.1)


Usually (default installation) there shold be a DHCP service on the LAN interface allready running and provide your clients with IP addresses, default gateway and DNS server settings.

Regards

15

19.1 Legacy Series / Re: Bytes/KB/MB processed by firewall rule

« on: May 28, 2019, 07:21:13 pm »

Great, what is the target version for this feature?