Messages

Well, using "pkg info -r <package>" I've find out the plugin that is using libxslt is os-acme-client.

libxslt-1.1.43_1 -> py311-lxml5-5.4.0_2 -> py311-beautifulsoup-4.13.4_1 -> py311-dns-lexicon-3.21.1 -> os-acme-client-4.10

Hi,
Since 25.7 upgrade I'm seeing a vulnerability in the security audit:


***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.7.1_1 (amd64) at Thu Jul 31 19:10:25 -03 2025
Fetching vuln.xml.xz: .......... done
libxslt-1.1.43_1 is vulnerable:
  libxslt -- unmaintained, with multiple unfixed vulnerabilities
  CVE: CVE-2025-7425
  CVE: CVE-2025-7424
  WWW: https://vuxml.freebsd.org/freebsd/b0a3466f-5efc-11f0-ae84-99047d0a6bcc.html


I've upgraded another box and it passes the audit so I think that "libxslt" must be used by a plugin installed only on the first router.
Then I reinstalled the package and showed this message:

=====
Message from libxslt-1.1.43_1:

--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

unmaintained with multiple unfixed security vulnerabilities.

It is scheduled to be removed on or after 2025-09-12.
-----------------------------------------------------------

I'm using these plugins: os-acme-client, os-ftp-proxy, os-nextcloud-backup, os-nginx, os-strongswan-legacy and os-udpbroadcastrelay.

Hi, maybe the problem could be related to this one https://forum.opnsense.org/index.php?topic=48076.0
Something related to virtual fields not rendering by the grid.
Here is a patch for that issue https://forum.opnsense.org/index.php?msg=242587
Maybe it fixes this problem too.

Hi,
I've installed an OPNSense box into an ESXi VM using the DVD image. It was installed over a previous OPNSense to use ZFS instead of UFS. The configuration was imported through USB during installation. After installation I reinstalled the two plugins I was using (VMWARE and DDCLIENT) and all is working fine again as before.

In my box the IPs are missing from the widget and also from the plugin settings list.

Hi, I've just upgraded my main router with no issues. The process ran smoothly.
I'm using a legacy strongswan tunnel and I noted that in the upgrade the os-strongswan-legacy plugin installed automatically so I didn't even had to install it afterward.
Thank you very much to the developers team. It's a great work.

I confirm the issue gone on 25.7 RC2...

To put it like it is: it was not worth their time.

To me this is an important issue... I don't know what the priorities are for FreeBSD team, but having a sane IP stack is essential.

I'm not sure but a change listed in 25.7 RC2 announcement could be the solution to this issue.

o src: pf: fix ICMP ECHO handling of ID conflicts

Applied and checked...

I don't think this will be a early-new-dashboard type of experience for most people this time.  ;)

Of course... this will take some time to be well refined...

Thanks and cheers

Hey and thanks for taking a look!

Hi, Franco.

I think you are looking for:

# opnsense-patch https://github.com/opnsense/core/commit/ffdea7f2bb2

I tested that commit and it looks perfect now.

If you find other pages with issues let us know :)

Looking for other similar problems, found the commands column of the interfaces>>overview table. In cases where there are four buttons, the last one "DETAILS" does not fit completely. Not a big problem but...

You cannot view this attachment.

The other tables seem to be fine at first sight.

Looking at the new tabulator. The column resize and reorder are very useful.
One thing I noted is that on grids that have the "commands" column, I can not see all the commands that are supposed to be available.
For example, I'm looking at the trust>>certificates grid and  I can only see INFO and DOWNLOAD buttons. Then I see three dots '...' that represents the EDIT button and the next two buttons, CLONE and DELETE are not visible. I tried to resize the column but the "commands" column is locked and I can't resize or move it.
Tried with Firefox and Chromium and got the same behavior on both.

Hi,
today I've installed the RC1 of OPNSense 25.7.
The installer ran fine on a ESXi 7 VM and also imported the previous testing configuration from USB at the installation stage.
All is working fine by now. Have installed some plugins that were being tested.
I'll be reporting the results in the meantime.

Thank you to all the OPNSense developer team for this awesome work.

I think it's an "or".
The fact that it is also referenced as an "and" is because the two triggers will work, but it doesn't mean that both conditions has to happen simultaneously.

Hi, in other thread someone had this problem and found a workaround using a newly created pre-shared key.

Ok, now I understand. I only use client export page and put these commands in the custom config.
May be if you ask thin at github the developers can consider your case and add it.