1
General Discussion / Re: Transition to Python3
« on: October 24, 2018, 03:48:50 pm »We'll add Python3 in 19.1.Thanks!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
General Discussion / Transition to Python3
« on: October 24, 2018, 03:01:43 pm »
I would like to know if Python3 support is already in the pipeline. And if it is, what are the timelines on the inclusion of python3 in the distribution?
I ask this for several reasons.
My main reason is that Python2.7 will retire shortly (https://pythonclock.org) and security updates for that package will cease around 2020Q1. This, ofcourse, will not instantly break the firewall but does put us at increased risk as time progresses beyond 01JAN2020.
Another reason is that I develop python software. I use python3 and it annoys the heck out of me that I can't run those apps under OPNsense because python3 is not supported. I know I can install python3 manually, but that has some unwanted side-effects (notably during upgrades
). Alternatively, re-factoring back to python2.7 just to support OPNsense is a no-go where I'm concerned.
I ask this for several reasons.
My main reason is that Python2.7 will retire shortly (https://pythonclock.org) and security updates for that package will cease around 2020Q1. This, ofcourse, will not instantly break the firewall but does put us at increased risk as time progresses beyond 01JAN2020.
Another reason is that I develop python software. I use python3 and it annoys the heck out of me that I can't run those apps under OPNsense because python3 is not supported. I know I can install python3 manually, but that has some unwanted side-effects (notably during upgrades
). Alternatively, re-factoring back to python2.7 just to support OPNsense is a no-go where I'm concerned.
3
18.7 Legacy Series / Re: Stuck on 18.1 during upgrade
« on: September 02, 2018, 06:54:42 pm »
fixed it by uninstalling python3
4
18.7 Legacy Series / Stuck on 18.1 during upgrade
« on: September 02, 2018, 11:34:26 am »
I must have clicked the wrong button somewhere, because I seem to have upgraded successully to 18.7 but then accidentally clicked the Update button which took me back to 18.1 and ow I'm stuck.
On the GUI I am at "18.1.13 (installed)"
On the CLI I am at
When I click the "Unlock this upgrade" button in the CLI and then click the "Upgrade now"
it says that its fetching the 18.7 packages
Then there's an error when fetching the kernel package:
This is followed by extraction of the packages and seemingly succesful installation.
(see attachment)
After the upgrade I'm still on
OPNsense 18.1.13_1-amd64
FreeBSD 11.1-RELEASE-p11
I can SSH into the box.
Any commands I might try to force this?
On the GUI I am at "18.1.13 (installed)"
On the CLI I am at
Code: [Select]
# opnsense-update -v
18.1.11-amd64When I click the "Unlock this upgrade" button in the CLI and then click the "Upgrade now"
it says that its fetching the 18.7 packages
Then there's an error when fetching the kernel package:
Code: [Select]
pgrep cannot get process list [kvm_getprocs: No such process]This is followed by extraction of the packages and seemingly succesful installation.
(see attachment)
After the upgrade I'm still on
OPNsense 18.1.13_1-amd64
FreeBSD 11.1-RELEASE-p11
I can SSH into the box.
Any commands I might try to force this?
5
General Discussion / Re: How to setup ipv6 DHCPv6
« on: March 15, 2018, 06:45:25 pm »Do you have the router advertisements service enabled on the LAN interface?I do now :-D
Managed, priority: normal
6
General Discussion / Re: How to setup ipv6 DHCPv6
« on: March 13, 2018, 05:56:16 pm »
OK. I now have a fixed IPv6 address configured for the LAN interface:
xxxx:yyyy:zzzz::2/118
On Services > DHCPv6 > [LAN] I now have an available range of
xxxx:yyyy:zzzz:: - xxxx:yyyy:zzzz::3ff
I've entered a Range of:
xxxx:yyyy:zzzz::3 - xxxx:yyyy:zzzz::3f0
No leases are being handed out.
The IPv6 address on the WAN interface is xxxx:yyyy:zzzz:1:20e:c4ff:fed0:9f95
I assume that's okay.
xxxx:yyyy:zzzz::2/118
On Services > DHCPv6 > [LAN] I now have an available range of
xxxx:yyyy:zzzz:: - xxxx:yyyy:zzzz::3ff
I've entered a Range of:
xxxx:yyyy:zzzz::3 - xxxx:yyyy:zzzz::3f0
No leases are being handed out.
The IPv6 address on the WAN interface is xxxx:yyyy:zzzz:1:20e:c4ff:fed0:9f95
I assume that's okay.
7
General Discussion / Re: How to setup ipv6 DHCPv6
« on: March 10, 2018, 09:35:35 am »If you could just clarify if you're trying to get LAN IPv6 addresses allocated or something else.What I want to achieve is:
1. The clients on my LAN get issued an IPv4 AND an IPv6 address
2. On every client on my LAN this should work:
Code: [Select]
$ ping6 google.com
connect: Network is unreachable
Code: [Select]
$ ping6 google.com
ping6: UDP connect: No route to host
On OPNsense it already works:Code: [Select]
$ ping6 google.com
PING6(56=40+8+8 bytes) 2001:985:509c:1:20e:c4ff:DEAD:DEAD --> 2a00:1450:4002:808::200e
16 bytes from 2a00:1450:4002:808::200e, icmp_seq=0 hlim=53 time=20.743 ms
8
General Discussion / Re: How to setup ipv6 DHCPv6
« on: March 09, 2018, 06:33:31 pm »What errors are you seeing with DHCP? Do you see a suggested range when you to the DHCPv6 config page?
[EDIT] I forgot to ask if you have a fixed IP address for IPv6?
Thanks for taking the time to provide assistance with this.
Here are the settings that I think are appropriate.
My ISP (XS4ALL; NL) has provided me with a modem (Fritz!Box 5490). IPv6 relevant settings on the modem:
x Assign unique local addresses (ULA) as long as no IPv6 connection exists (recommended)
x Priority of Router advertisements = Low
x Announce DNSv6 server via router advertisement (RFC 5006)
x DHCPv6 server is enabled and assigns DNS server, prefix (IA_PD) and IPv6 address (IA_NA).
The OPNsense firewall is behind the modem (in DMZ). The WAN interface has been assigned an IPv4 and an IPv6 address. The IPv6 addresses shown by ifconfig match the addresses that the FritzBox says it has issued.
OPNsense configuration:
On Interfaces > [WAN]
IPv6 Configuration Type = DHCPv6
DHCP client configuration = all options empty (defaults); prefex delegation size = 64; use VLAN priority = disabled.
On Interfaces [LAN]
IPv6 Configuration Type = Track Interface
IPv6 Interface = WAN
IPv6 Prefix ID = 0
I get stranded when I want to configure the DHCPv6 server. On Services > DHCPv6 > Relay: I select:
Enable = ON
Interfaces = WAN
Clicking Save I get:
Quote
The following input errors were detected:
The field Destination Server is required.
Destination server?
9
General Discussion / Re: How to setup ipv6 DHCPv6
« on: March 06, 2018, 07:10:50 pm »Never did get this to work satisfactorily.I must admit that I too can't seem to get IPv6 working properly.
Is there any documentation that goes into the ipv6 options?
I have now got the WAN-interface to acquire an address from the upstream router, but getting DHCP6 to dish out IPv6 address to the LAN-interface and the LAN clients is a whole different story.
I know DNSMASQ can even do this, but the GUI doesn't seem to support this directly. And really, isn't this what DHCPv6 is there for anyway?
10
General Discussion / Daily mail from OPNsense Forum (BUG?)
« on: February 25, 2018, 11:18:14 am »
Observed behaviour:
The OPNsense Forum sends me a "Daily Digest" e-mail every single day regardless if there has been activity on the subscribed topics or not. When there's been no activity the mail is empty apart from the header text:
Expected behaviour:
The OPNsense forum sends me a "Daily Digest" e-mail only on days when there actually is some activity in the topics I've subscribed to.
The OPNsense Forum sends me a "Daily Digest" e-mail every single day regardless if there has been activity on the subscribed topics or not. When there's been no activity the mail is empty apart from the header text:
Quote
Below is a summary of all activity in your subscribed boards and topics at OPNsense Forum today. To unsubscribe please visit the link below.
Expected behaviour:
The OPNsense forum sends me a "Daily Digest" e-mail only on days when there actually is some activity in the topics I've subscribed to.
11
17.7 Legacy Series / Re: Send email from shell
« on: February 18, 2018, 11:20:37 am »+1
I have an action script to find new devices in Lan and i would like to get an E-Mail Notification
Perhaps you could use this Python script: https://gist.github.com/Mausy5043/0f7fa43ba35cf68e2756b7bfe1419146
All that is required for this is a Gmail account and an App-specific password (see: https://support.google.com/accounts/answer/185833?hl=en).
12
18.1 Legacy Series / Re: Upgrade from 17.7.12 to 18.* not completing
« on: February 14, 2018, 05:41:06 pm »Clear.
We cannot provide safety for more than the ports that we offer as binary packages.
I'll see if I can downgrade my scripts to Python 2.7. Shouldn't be too hard. I just used 3.5 because all my other Python projects use it.
P.S. Please be aware that Python 2.7 is EOL in 2020 (see PEP466: https://www.python.org/dev/peps/pep-0466/).
13
18.1 Legacy Series / Re: Upgrade from 17.7.12 to 18.* not completing
« on: February 13, 2018, 09:22:02 pm »We don't offer Python 3.5. It will cause further trouble.
Code: [Select]
% whereis python35
python35: /usr/ports/lang/python35
Hmm
14
18.1 Legacy Series / Re: Upgrade from 17.7.12 to 18.* not completing
« on: February 13, 2018, 06:47:15 pm »# opnsense-update -sn "18.1\/latest"
# pkg bootstrap -f
type "y"
# pkg upgrade -f
or if that doesn't work
# pkg install opnsense
Cheers,
Code: [Select]
% sudo opnsense-update -sn "18.1\/latest"
% sudo pkg bootstrap -f
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.opnsense.org/FreeBSD:11:amd64/18.1/latest, please wait...
Verifying signature with trusted certificate pkg.opnsense.org.20171219... done
Installing pkg-1.10.3_1...
package pkg is already installed, forced install
Extracting pkg-1.10.3_1: 100%
% sudo pkg upgrade -f
Updating OPNsense repository catalogue...
pkg: Repository OPNsense has a wrong packagesite, need to re-create database
Fetching meta.txz: 100% 1 KiB 1.5kB/s 00:01
Fetching packagesite.txz: 100% 126 KiB 129.0kB/s 00:01
Processing entries: 100%
OPNsense repository update completed. 468 packages processed.
All repositories are up to date.
Updating database digests format: 100%
Checking for upgrades (149 candidates): 14%
python35 has no direct installation candidates, change it to python27? [Y/n]: Y
Checking for upgrades (149 candidates): 100%
Processing candidates (149 candidates): 100%
pkg: sqlite error while executing UPDATE packages SET name=?1 WHERE name=?2; in file pkg_jobs.c:1731: UNIQUE constraint failed: packages.name
:
[143/144] Fetching py27-dnspython-1.15.0.txz: 100% 167 KiB 170.6kB/s 00:01
Checking integrity...Assertion failed: (strcmp(uid, p->uid) != 0), function pkg_conflicts_check_local_path, file pkg_jobs_conflicts.c, line 386.
Child process pid=54683 terminated abnormally: Abort trap
Retried without trying to replace python35 seemed to work.
Rebooted (may not have been necessary).
Status acc. the GUI:
Code: [Select]
OPNsense 18.1.2_2-amd64
FreeBSD 11.1-RELEASE-p6
OpenSSL 1.0.2n 7 Dec 2017
15
General Discussion / Re: DtDNS Support
« on: February 13, 2018, 05:32:23 pm »Actually, the creation of account and Dynamic DNS hostname is free. Just need to fill the form https://www.dtdns.com/
never mind. Found it on Google
