"
It looks like this issue also impacts interfaces using the ix driver. I have two different boxes running OPNsense (both 20.7.4), neither using Sensei or Suricata, and on the one using the em driver, VnStat works fine. On the one using the ix driver, VnStat does not work at all, no matter what I have tried to do to fix it.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
20.7 Legacy Series / Re: VnStat and Traffic Graphs stopped working with 20.7
October 25, 2020, 02:55:56 PM #2
20.7 Legacy Series / Re: Opnsense + Pihole Host Name Query?
October 25, 2020, 04:05:10 AM
Yes, just turn on DHCP Registration as stated above (also DHCP Static Mappings if you use them). In Pi-Hole, turn on Conditional Forwarding under Settings --> DNS and set it up per your network configuration.
You can also add the line "NAMES_FROM_NETDB=true" (without quotes) to the /etc/pihole/pihole-FTL.conf file. See here for an explanation of this setting: https://docs.pi-hole.net/ftldns/configfile/
You can also add the line "NAMES_FROM_NETDB=true" (without quotes) to the /etc/pihole/pihole-FTL.conf file. See here for an explanation of this setting: https://docs.pi-hole.net/ftldns/configfile/
#3
20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3
September 29, 2020, 02:16:27 PMQuote from: Mks on September 28, 2020, 09:01:20 PM
Hi, sorry my fault, I misunderstand the question.
One question, is certificate verification, e.g 185.95.218.42@853#dns.digitale-gesellschaft.ch supported?
br
Yes, this works if you use the custom options. Frankly, there is no point in doing DoT if you aren't also validating the certs. I am back to using Unbound as a recursive server, so I am no longer doing DoT, but this was my working config before I switched. Just choose which DNS provider you want to use and delete the rest.
Quotetls-cert-bundle: "/etc/ssl/cert.pem"
forward-zone:
name: "."
forward-tls-upstream: yes
# Quad9 - No EDNS
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
# Quad9 - EDNS
forward-addr: 2620:fe::11@853#dns.quad9.net
forward-addr: 2620:fe::fe:11@853#dns.quad9.net
forward-addr: 9.9.9.11@853#dns.quad9.net
forward-addr: 149.112.112.11@853#dns.quad9.net
# Cloudflare DNS
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
# Comcast
forward-addr: 2001:558:fe21:6b:96:113:151:145@853#dot.xfinity.com
forward-addr: 96.113.151.145@853#dot.xfinity.com
forward-addr: 2001:4860:4860::8888@853#dns.google
forward-addr: 2001:4860:4860::8844@853#dns.google
forward-addr: 8.8.8.8@853#dns.google
forward-addr: 8.8.4.4@853#dns.google
#4
20.7 Legacy Series / Re: Unbound forwarding mode
September 19, 2020, 12:56:31 AM
Pretty sure it is a random selection, although I believe I have read that Unbound learns the fastest servers and uses those more often. However, I am not sure that is actually true.
In any case, it definitely doesn't send out to all at once, as DNSMasq does by default. I have not found a parameter that would change this behavior in Unbound.
In any case, it definitely doesn't send out to all at once, as DNSMasq does by default. I have not found a parameter that would change this behavior in Unbound.
#5
20.7 Legacy Series / Re: AT&T WiFi calling on iOS drops outbound audio
September 02, 2020, 04:14:33 PM
I'm on 20.7 and using Wi-Fi Calling on AT&T with an iPhone XS Max and it is working great, with no issues and no special rules set up at all. However, I am using Comcast for internet, not AT&T.
#6
20.1 Legacy Series / Re: Unbound DoT - still recursive?
June 24, 2020, 03:34:11 PM
No, it is simply a Forwarder if you a forwarding all your DNS queries to a DoT provider.
#7
Development and Code Review / Re: DNSBL and additional features Plugin for Unbound
May 05, 2020, 02:56:20 PMQuote from: mrancier on May 05, 2020, 02:47:56 PMQuote from: pkernstock on May 04, 2020, 03:52:06 PM
The funny thing is, I sent the exact the same feedback to @mimugmail via Twitter. As the form doesn't accept "#" or hostnames into the field.
At the moment I've workedaround it by modifying the config file directly: (to be honest I don't know if that's persistent across reboots)Code Select
# cat /var/unbound/etc/dot.conf
server:
tls-cert-bundle: /etc/ssl/cert.pem
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 45.90.28.0#xx.dns1.nextdns.io
forward-addr: 2a07:a8c0::#xx.dns1.nextdns.io
forward-addr: 45.90.30.0#xx.dns2.nextdns.io
forward-addr: 2a07:a8c1::#xx.dns2.nextdns.io
Soooo....yeah, it does not survive a reboot...oh well.
If you place those lines in Unbound DNS --> General --> Custom Options, it will survive a reboot.
#8
18.7 Legacy Series / Re: Query Intel NIC driver version
August 07, 2018, 04:24:32 PM
Not sure how to query driver version on a running system, but you can look in Syslog at the driver versions loaded during startup.
#9
General Discussion / Re: Nut not loading
July 05, 2018, 03:19:08 PM
I started with the Dev version.
#10
General Discussion / Re: Nut not loading
July 04, 2018, 07:23:09 PM
One thing that tripped me up when I first used Nut was that I had spaces in the UPS name, which I learned doesn't work. Do you happen to have any spaces in your UPS name?
#11
18.1 Legacy Series / Re: IPv6 routing/forwarding (?) Issues
April 18, 2018, 06:27:09 PM
I had to create a WAN firewall rule to allow ICMPV6 in order to enable my clients to send and receive pings. Try that and see if it fixes your issue.
Pages1
