Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - ikkeT

Pages1 2 3 ... 6
#1
25.7 Series / Re: Captive Portal Not Working
August 25, 2025, 09:28:27 AM
Unfortunately it doesn't work any better in the OPNsense 25.7.2-amd64. Same logs, and the directory looks like this:

Code Select
root@OPNsense:~ # tail -10 /var/log/lighttpd/lighttpd_20250825.log
<29>1 2025-08-25T10:23:24+03:00 OPNsense.ikenet lighttpd 82174 - [meta sequenceId="1"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.81/src/server.c.1971) server started (lighttpd/1.4.81)
<27>1 2025-08-25T10:23:24+03:00 OPNsense.ikenet lighttpd 82174 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.81/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-25T10:23:24+03:00 OPNsense.ikenet lighttpd 82174 - [meta sequenceId="3"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.81/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-25T10:23:24+03:00 OPNsense.ikenet lighttpd 82174 - [meta sequenceId="4"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.81/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
<27>1 2025-08-25T10:23:24+03:00 OPNsense.ikenet lighttpd 82174 - [meta sequenceId="5"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.81/src/server.c.1975) Configuration of plugins failed. Going down.
root@OPNsense:~ # tail -10 /var/log/lighttpd/lighttpd_20250825.log
root@OPNsense:~ # ls -la /var/lib/php/tmp/
total 281
drwxrwxrwt  2 wwwonly wheel    960 Aug 25 10:16 .
drwxr-x---  5 root    wheel    512 Jul  6 23:35 ..
-rw-r-----  1 wwwonly wheel  34639 Aug 24 21:45 configdmodelfield.data
-rw-rw----  1 wwwonly wheel    913 Aug 24 21:45 mdl_cache_OPNsense_Cron_Cron.json
-rw-rw----  1 wwwonly wheel  12345 Aug 25 10:16 mdl_cache_OPNsense_Firewall_Alias.json
-rw-rw----  1 wwwonly wheel    229 Aug 24 21:45 mdl_cache_OPNsense_Firewall_Category.json
-rw-rw----  1 wwwonly wheel 152535 Aug 24 21:45 mdl_cache_OPNsense_HAProxy_HAProxy.json
-rw-rw----  1 wwwonly wheel   2028 Aug 24 21:45 mdl_cache_OPNsense_IPsec_IPsec.json
-rw-rw----  1 wwwonly wheel   1947 Aug 24 21:46 mdl_cache_OPNsense_TrafficShaper_TrafficShaper.json
-rw-rw----  1 wwwonly wheel   2485 Aug 24 21:45 mdl_cache_OPNsense_Wireguard_Client.json
-rw-rw----  1 wwwonly wheel    982 Aug 24 21:45 mdl_cache_OPNsense_Wireguard_Server.json
-rw-rw----  1 wwwonly wheel  22790 Aug 25 09:47 opnsense_acl_cache.json
-rw-rw----  1 wwwonly wheel  23893 Aug 25 10:23 opnsense_menu_cache.xml
srwxr-xr-x  1 root    wheel      0 Aug 24 21:46 php-fastcgi.socket-0
srwxr-xr-x  1 root    wheel      0 Aug 24 21:46 php-fastcgi.socket-1
srwxr-xr-x  1 root    wheel      0 Aug 24 21:46 php-fastcgi.socket-2
srwxr-xr-x  1 root    wheel      0 Aug 24 21:46 php-fastcgi.socket-3

#2
25.7 Series / Re: Captive Portal Not Working
August 18, 2025, 02:51:12 PM
to me it feels like someone is not creating the socket lighttpd tries to attach to. And it only gives misleading permission error log when the whole socket is missing.
#3
25.7 Series / Re: Captive Portal Not Working
August 18, 2025, 02:49:49 PM
Nope, same error:

<29>1 2025-08-18T15:48:14+03:00 OPNsense.ikenet lighttpd 60549 - [meta sequenceId="1"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1974) server started (lighttpd/1.4.79)
<27>1 2025-08-18T15:48:14+03:00 OPNsense.ikenet lighttpd 60549 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T15:48:14+03:00 OPNsense.ikenet lighttpd 60549 - [meta sequenceId="3"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T15:48:14+03:00 OPNsense.ikenet lighttpd 60549 - [meta sequenceId="4"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
<27>1 2025-08-18T15:48:14+03:00 OPNsense.ikenet lighttpd 60549 - [meta sequenceId="5"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.
root@OPNsense:~ # ls -la /var/lib/php/tmp/
total 277
drwxrwxrwt  2 wwwonly wheel   1088 Aug 18 15:46 .
drwxr-x---  5 root    wheel    512 Jul  6 23:35 ..
-rw-r-----  1 wwwonly wheel  34546 Jul 25 18:23 configdmodelfield.data
-rw-rw----  1 wwwonly wheel    913 Jul 25 18:23 mdl_cache_OPNsense_Cron_Cron.json
-rw-rw----  1 wwwonly wheel   8781 Aug 18 15:46 mdl_cache_OPNsense_Firewall_Alias.json
-rw-rw----  1 wwwonly wheel    229 Jul 25 18:23 mdl_cache_OPNsense_Firewall_Category.json
-rw-rw----  1 wwwonly wheel 152616 Jul 25 18:23 mdl_cache_OPNsense_HAProxy_HAProxy.json
-rw-rw----  1 wwwonly wheel   2028 Jul 25 18:23 mdl_cache_OPNsense_IPsec_IPsec.json
-rw-rw----  1 wwwonly wheel   1947 Jul 25 18:23 mdl_cache_OPNsense_TrafficShaper_TrafficShaper.json
-rw-rw----  1 wwwonly wheel   2485 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Client.json
-rw-rw----  1 wwwonly wheel    853 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Server.json
-rw-rw----  1 wwwonly wheel  22798 Aug 18 15:14 opnsense_acl_cache.json
-rw-rw----  1 wwwonly wheel  23893 Aug 18 09:44 opnsense_menu_cache.xml
srwxr-xr-x  1 root    wheel      0 Aug 11 00:09 php-fastcgi.socket-0
srwxr-xr-x  1 root    wheel      0 Aug  7 13:22 php-fastcgi.socket-1
srwxr-xr-x  1 root    wheel      0 Aug 18 09:56 php-fastcgi.socket-2
srwxr-xr-x  1 root    wheel      0 Aug 13 19:06 php-fastcgi.socket-3
srwxr-xr-x  1 root    wheel      0 Aug 12 13:05 php-fastcgi.socket-4
#4
25.7 Series / Re: Captive Portal Not Working
August 18, 2025, 02:01:37 PM
No, this is the log now:

<27>1 2025-08-18T14:45:43+03:00 OPNsense.ikenet lighttpd 98149 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T14:45:43+03:00 OPNsense.ikenet lighttpd 98149 - [meta sequenceId="3"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T14:45:43+03:00 OPNsense.ikenet lighttpd 98149 - [meta sequenceId="4"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
<27>1 2025-08-18T14:45:43+03:00 OPNsense.ikenet lighttpd 98149 - [meta sequenceId="5"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.

So I only gave the chmod command and pressed start on captive portal in services list. No reboot. The file listing is now showing your change:

root@OPNsense:~ # ls -la /var/lib/php/tmp/
total 277
drwxr-x--T  2 wwwonly wheel   1088 Aug 18 14:31 .
drwxr-x---  5 root    wheel    512 Jul  6 23:35 ..
-rw-r-----  1 wwwonly wheel  34546 Jul 25 18:23 configdmodelfield.data
-rw-rw----  1 wwwonly wheel    913 Jul 25 18:23 mdl_cache_OPNsense_Cron_Cron.json
-rw-rw----  1 wwwonly wheel   8781 Aug 18 14:31 mdl_cache_OPNsense_Firewall_Alias.json
-rw-rw----  1 wwwonly wheel    229 Jul 25 18:23 mdl_cache_OPNsense_Firewall_Category.json
-rw-rw----  1 wwwonly wheel 152616 Jul 25 18:23 mdl_cache_OPNsense_HAProxy_HAProxy.json
-rw-rw----  1 wwwonly wheel   2028 Jul 25 18:23 mdl_cache_OPNsense_IPsec_IPsec.json
-rw-rw----  1 wwwonly wheel   1947 Jul 25 18:23 mdl_cache_OPNsense_TrafficShaper_TrafficShaper.json
-rw-rw----  1 wwwonly wheel   2485 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Client.json
-rw-rw----  1 wwwonly wheel    853 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Server.json
-rw-rw----  1 wwwonly wheel  22798 Aug 18 14:14 opnsense_acl_cache.json
-rw-rw----  1 wwwonly wheel  23893 Aug 18 09:44 opnsense_menu_cache.xml
srwxr-xr-x  1 root    wheel      0 Aug 11 00:09 php-fastcgi.socket-0
srwxr-xr-x  1 root    wheel      0 Aug  7 13:22 php-fastcgi.socket-1
srwxr-xr-x  1 root    wheel      0 Aug 18 09:56 php-fastcgi.socket-2
srwxr-xr-x  1 root    wheel      0 Aug 13 19:06 php-fastcgi.socket-3
srwxr-xr-x  1 root    wheel      0 Aug 12 13:05 php-fastcgi.socket-4
srwxr-xr-x  1 root    wheel      0 Aug 18 09:45 php-fastcgi.socket-5
#5
25.7 Series / Re: Captive Portal Not Working
August 18, 2025, 01:25:36 PM
There is no such socket at all.
```
root@OPNsense:~ # ls -la /var/lib/php/tmp/
total 277
drwxr-x---  2 wwwonly wheel   1088 Aug 18 14:16 .
drwxr-x---  5 root    wheel    512 Jul  6 23:35 ..
-rw-r-----  1 wwwonly wheel  34546 Jul 25 18:23 configdmodelfield.data
-rw-rw----  1 wwwonly wheel    913 Jul 25 18:23 mdl_cache_OPNsense_Cron_Cron.json
-rw-rw----  1 wwwonly wheel   8781 Aug 18 14:16 mdl_cache_OPNsense_Firewall_Alias.json
-rw-rw----  1 wwwonly wheel    229 Jul 25 18:23 mdl_cache_OPNsense_Firewall_Category.json
-rw-rw----  1 wwwonly wheel 152616 Jul 25 18:23 mdl_cache_OPNsense_HAProxy_HAProxy.json
-rw-rw----  1 wwwonly wheel   2028 Jul 25 18:23 mdl_cache_OPNsense_IPsec_IPsec.json
-rw-rw----  1 wwwonly wheel   1947 Jul 25 18:23 mdl_cache_OPNsense_TrafficShaper_TrafficShaper.json
-rw-rw----  1 wwwonly wheel   2485 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Client.json
-rw-rw----  1 wwwonly wheel    853 Jul 25 18:23 mdl_cache_OPNsense_Wireguard_Server.json
-rw-rw----  1 wwwonly wheel  22798 Aug 18 14:14 opnsense_acl_cache.json
-rw-rw----  1 wwwonly wheel  23893 Aug 18 09:44 opnsense_menu_cache.xml
srwxr-xr-x  1 root    wheel      0 Aug 11 00:09 php-fastcgi.socket-0
srwxr-xr-x  1 root    wheel      0 Aug  7 13:22 php-fastcgi.socket-1
srwxr-xr-x  1 root    wheel      0 Aug 18 09:56 php-fastcgi.socket-2
srwxr-xr-x  1 root    wheel      0 Aug 13 19:06 php-fastcgi.socket-3
srwxr-xr-x  1 root    wheel      0 Aug 12 13:05 php-fastcgi.socket-4
srwxr-xr-x  1 root    wheel      0 Aug 18 09:45 php-fastcgi.socket-5
```
#6
25.7 Series / Re: Captive Portal Not Working
August 18, 2025, 09:22:49 AM
I have the same problem apparently. I noticed some days ago captive portal won't work. Also noticed the same logs.
#7
25.7 Series / Re: how to debug captive portal failure to start?
August 18, 2025, 09:21:33 AM
seems to be this issue: https://forum.opnsense.org/index.php?topic=48372.msg244847#msg244847
#8
25.7 Series / Re: how to debug captive portal failure to start?
August 18, 2025, 08:58:43 AM
Seems to be there is some permission issue with lighttpd:
```
<29>1 2025-08-18T09:50:50+03:00 OPNsense.mynet lighttpd 65919 - [meta sequenceId="1"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1974) server started (lighttpd/1.4.79)
<27>1 2025-08-18T09:50:50+03:00 OPNsense.mynet lighttpd 65919 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T09:50:50+03:00 OPNsense.mynet lighttpd 65919 - [meta sequenceId="3"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-18T09:50:50+03:00 OPNsense.mynet lighttpd 65919 - [meta sequenceId="4"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
<27>1 2025-08-18T09:50:50+03:00 OPNsense.mynet lighttpd 65919 - [meta sequenceId="5"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.
```

I never see such appear there:
```
root@OPNsense:~ # ls -la /var/lib/php/tmp/php-fastcgi*
srwxr-xr-x  1 root wheel 0 Aug 11 00:09 /var/lib/php/tmp/php-fastcgi.socket-0
srwxr-xr-x  1 root wheel 0 Aug  7 13:22 /var/lib/php/tmp/php-fastcgi.socket-1
srwxr-xr-x  1 root wheel 0 Aug 18 09:56 /var/lib/php/tmp/php-fastcgi.socket-2
srwxr-xr-x  1 root wheel 0 Aug 13 19:06 /var/lib/php/tmp/php-fastcgi.socket-3
srwxr-xr-x  1 root wheel 0 Aug 12 13:05 /var/lib/php/tmp/php-fastcgi.socket-4
srwxr-xr-x  1 root wheel 0 Aug 18 09:45 /var/lib/php/tmp/php-fastcgi.socket-5
```
#9
25.7 Series / how to debug captive portal failure to start?
August 10, 2025, 11:19:14 PM
Hi,

I've run captive portal for years. It has always just worked, even though it gets used very rarely.

Now recently within some months it has stopped working. I haven't touched to it's config in about a year, when I changed the template. And it worked since. Only big changes have been switch to kea and iunbounf. But now it won't start. No log in GUI. Where should I find more info of the failure?

When I join the guest wlan, I get the template for visitors. But there is no login button. And lobby lists captive portal as shut down. Pressing the start button just comes back to disabled after some seconds. OPNsense 25.7-amd64.


Any ideas?
#10
25.1, 25.4 Series / Re: WHY ARP has ip bouncing from device to another
April 08, 2025, 12:54:03 PM
I had dnsmasq in use in opnsense, and moved the config to kea and unbound. It's no biggie just one evening useless work. I don't need to do anything to keep the current setup as it sounds.
#11
25.1, 25.4 Series / Re: WHY ARP has ip bouncing from device to another
April 08, 2025, 12:01:47 PM
Damn, then I made the migration from dnsmasq to kea for nothing, I thought kea was the way forward. Well it works now...
#12
25.1, 25.4 Series / Re: WHY ARP has ip bouncing from device to another
April 08, 2025, 10:18:46 AM
thanks, makes sense now that you point it out :D
#13
25.1, 25.4 Series / WHY ARP has ip bouncing from device to another
April 08, 2025, 08:10:32 AM
Hi,

I have had some unstableness in my opnsense for over a year now. After long digging, I found it is likely caused by ARP jumping IP from device to another in my laptop. Why does this keep happening?

I have laptop with two interfaces, wlan and usbdongle ethernet when in wire:

Code Select
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 6a:cb:3f:c6:c9:09 brd ff:ff:ff:ff:ff:ff permaddr 9c:67:d6:0f:8f:c0
    inet 192.168.117.59/24 brd 192.168.117.255 scope global dynamic noprefixroute wlp0s20f3
       valid_lft 4000sec preferred_lft 4000sec
    inet6 fe80::66f9:af89:6d28:703a/64 scope link tentative noprefixroute
       valid_lft forever preferred_lft forever
4: enp0s13f0u1u2u1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 48:65:ee:15:7f:c2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.117.56/24 brd 192.168.117.255 scope global dynamic noprefixroute enp0s13f0u1u2u1
       valid_lft 2936sec preferred_lft 2936sec
    inet6 fe80::4993:59f0:25d:240a/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

Both MACs are fixed with separate IP addresses in KEA reservations page:

192.168.117.0/24   192.168.117.56   48:65:ee:15:7f:c2   satechi
192.168.117.0/24   192.168.117.59   6a:cb:3f:c6:c9:09   iklap

Satechi is the usbdongle brand. Iklap is the Fedora laptop name.

While I have the both connected (docking), I see this bouncing in OPNSense:

Code Select
arp: 192.168.117.56 moved from 6a:cb:3f:c6:c9:09 to 48:65:ee:15:7f:c2 on igb2
arp: 192.168.117.59 moved from 6a:cb:3f:c6:c9:09 to 48:65:ee:15:7f:c2 on igb2
arp: 192.168.117.56 moved from 48:65:ee:15:7f:c2 to 6a:cb:3f:c6:c9:09 on igb2
arp: 192.168.117.56 moved from 6a:cb:3f:c6:c9:09 to 48:65:ee:15:7f:c2 on igb2
arp: 192.168.117.56 moved from 6a:cb:3f:c6:c9:09 to 48:65:ee:15:7f:c2 on igb2

And I believe that will drain the opnsense out of mem soonish. What causes the IP to bounce outside of their mac? I suspect it's somehow the laptop sending dhcpc query with laptop name in it (NetworkManager), which then KEA uses to overrule what Reservations page is saying.

Is this a bug somewhere? Why does KEA allow ip to go from MAC to another not respecting reservations?

Any idea what should be done here? It's annoying needing to toggle wlan off each time while docking due this. Do I have some misconfig in a) in my Fedora laptop or b) KEA, or c) bug somewhere?

#14
24.7, 24.10 Series / Re: I randomly stop having internet due opnsense getting stuck - flowd_aggregate
February 25, 2025, 10:27:10 PM
Sorry only now noticed your reply, and thanks. I have tried to disable the collection of them, and I recall it still hung. I will disable it again after the next memleak to verify again.
#15
25.1, 25.4 Series / Re: Inactive memory rising rapidly every morning around 3:30am
February 25, 2025, 10:06:03 PM
My guess is it just reads lot of files, thus leaving them into memory buffers for quick access until memorybis needed for something else. Hence the jump. But why >40 php-cgi, is that normal?

Normally before the box dies something starts leaking mem and system goes down in half an hour.
Pages1 2 3 ... 6