Messages

Thanks for your explanation Franco.
So it should be like that.

Hello Franco,
Thanx, I already installed the newest plugin os-wireguard-devel 0.8_1 en restarted the Firewall.
In the Firewall Rule sections the interface: WireGuard remains.

Hello,
I had set up a functional wireguard config in a "road warrior" scenario.
It no longer works after the required reboot of today's update to 18.7.9. it looks like a second Interface WG0 together with Interface WireGuard now shows up in the Firewall Rules section.

• The solution was to duplicate the existing Firewall Rule for interface WG0 (view attachment).
• It seems that interface: WireGuard is unnecessary, however you can not remove it.

[@Franco]

@Franco
Nice can you tell me how you can set this up?

[@Franco]

@Franco
Thanks for the quick response, I have also tested this on the OPNsense 18.7.r_10-amd64 build and can confirm the problem still presents.

How can I prevent this in the configuration, not using strict binding on SSH and the GUI?

Logging:

Code Select Expand


system.log
Jul 12 22:50:44 XXNAMEFIREWALLXX kernel: re0: link state changed to DOWN
Jul 12 22:50:44 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 12 22:50:47 XXNAMEFIREWALLXX kernel: re0: link state changed to UP
Jul 12 22:50:47 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 12 22:50:47 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 're0'
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: On (IP address: 192.168.X.X) (interface: LAN[lan]) (real interface: re0).
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'lan'
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Jul 12 22:50:48 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: Removing static route for monitor 2001:XXX:XXXX:XXXX::2 via 2001:XXX:XXXX:XXXX::1
Jul 12 22:50:50 XXNAMEFIREWALLXX kernel: re0: link state changed to DOWN
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[56059]: Received signal 15; terminating.
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[31796]: error: Bind to port 22 on fe80::201:2eff:fe78:617c failed: Can't assign requested address.
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[31796]: error: Bind to port 22 on fe80::201:2eff:fe78:617c failed: Can't assign requested address.
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[31796]: error: Bind to port 22 on 2001:XXX:XXXX:XXXX::1 failed: Can't assign requested address.
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[31796]: error: Bind to port 22 on 2001:XXX:XXXX:XXXX::1 failed: Can't assign requested address.
Jul 12 22:50:51 XXNAMEFIREWALLXX sshd[31796]: Server listening on 192.168.X.X port 22.
Jul 12 22:50:52 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: The command '/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf' returned exit code '255', the output was '2018-07-12 22:50:52: (network.c.313) can't bind to socket: [2001:XXX:XXXX:XXXX::1]:443 Can't assign requested address'
Jul 12 22:50:53 XXNAMEFIREWALLXX kernel: re0: link state changed to UP
Jul 12 22:50:54 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 12 22:50:54 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 12 22:50:55 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 're0'
Jul 12 22:50:55 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: On (IP address: 192.168.X.X) (interface: LAN[lan]) (real interface: re0).
Jul 12 22:51:27 XXNAMEFIREWALLXX opnsense: user 'root' authenticated successfully
Jul 12 22:51:28 XXNAMEFIREWALLXX sshd[66021]: Accepted keyboard-interactive/pam for root from 192.168.X.X0 port 1640 ssh2

configf.log
Jul 12 22:50:50 XXNAMEFIREWALLXX configd.py: [1f8a57c4-7e2c-4dea-87e3-1ad46a48abde] generate template OPNsense/Filter
Jul 12 22:50:51 XXNAMEFIREWALLXX configd.py: generate template container OPNsense/Filter
Jul 12 22:50:51 XXNAMEFIREWALLXX configd.py:  OPNsense/Filter generated //usr/local/etc/filter_tables.conf
Jul 12 22:50:51 XXNAMEFIREWALLXX configd.py: [6f92cc52-0838-41c3-ad8f-4857c0e54c40] refresh url table aliases
Jul 12 22:50:51 XXNAMEFIREWALLXX configd.py: [16ba78c9-7d1b-495f-8dd7-7eb8666e7ab6] generate template OPNsense/WebGui
Jul 12 22:50:51 XXNAMEFIREWALLXX configd.py: generate template container OPNsense/WebGui
Jul 12 22:50:52 XXNAMEFIREWALLXX configd.py:  OPNsense/WebGui generated //usr/local/lib/php.ini
Jul 12 22:50:52 XXNAMEFIREWALLXX configd.py:  OPNsense/WebGui generated //usr/local/etc/php.ini
Jul 12 22:50:52 XXNAMEFIREWALLXX configd.py: message 6f92cc52-0838-41c3-ad8f-4857c0e54c40 [filter.refresh_aliases] returned OK 
Jul 12 22:50:54 XXNAMEFIREWALLXX configd.py: [0df2844f-cf9a-4617-8389-47aaf7939f0f] Linkup stopping re0
Jul 12 22:50:54 XXNAMEFIREWALLXX configd.py: [0aba07a6-8440-4a96-bc83-bc80dfabdf60] Linkup starting re0
Jul 12 22:50:54 XXNAMEFIREWALLXX configd.py: [653d0612-9460-4bd0-87e6-966fcec8059c] New IPv4 on re0


[@Franco]

Firmware: OPNsense 18.1.11-amd64
Previous firmware: OPNsense 18.1.10-amd64

@Franco I experience the same problem.
When the interface re0 (lan side) loses the connection then the lighttpd (webgui) also crashes view the logs below.

Then after crashing and executing the command directly below, the webui is working properly.

/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf

Logging:

Code Select Expand


system.log output
Jul 11 21:06:16 XXNAMEFIREWALLXX kernel: re0: link state changed to DOWN
Jul 11 21:06:16 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 11 21:06:19 XXNAMEFIREWALLXX kernel: re0: link state changed to UP
Jul 11 21:06:19 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 're0'
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: On (IP address: 192.168.X.X) (interface: LAN[lan]) (real interface: re0).
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'lan'
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt1
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv4 default route
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Jul 11 21:06:20 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: Removing static route for monitor 2001:XXX:XXXX:XXXX::2 via 2001:XXX:XXXX:XXXX::1
Jul 11 21:06:23 XXNAMEFIREWALLXX kernel: re0: link state changed to DOWN
Jul 11 21:06:23 XXNAMEFIREWALLXX sshd[49952]: Received signal 15; terminating.
Jul 11 21:06:23 XXNAMEFIREWALLXX sshd[19607]: error: Bind to port 22 on fe80::201:2eff:fe78:617c failed: Can't assign requested address.
Jul 11 21:06:23 XXNAMEFIREWALLXX sshd[19607]: error: Bind to port 22 on fe80::201:2eff:fe78:617c failed: Can't assign requested address.
Jul 11 21:06:23 XXNAMEFIREWALLXX sshd[19607]: Server listening on 2001:XXX:XXXX:XXXX::1 port 22.
Jul 11 21:06:23 XXNAMEFIREWALLXX sshd[19607]: Server listening on 192.168.X.X port 22.
Jul 11 21:06:24 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: The command '/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf' returned exit code '255', the output was '2018-07-11 21:06:24: (network.c.313) can't bind to socket: [2001:XXX:XXXX:XXXX::1]:443 Can't assign requested address'
Jul 11 21:06:26 XXNAMEFIREWALLXX kernel: re0: link state changed to UP
Jul 11 21:06:26 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 11 21:06:26 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.linkup: Hotplug event detected for LAN(lan) but ignoring since interface is configured with static IP (192.168.X.X 2001:XXX:XXXX:XXXX::1)
Jul 11 21:06:27 XXNAMEFIREWALLXX opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 're0'

configd.log output:
Jul 11 21:06:16 XXNAMEFIREWALLXX configd.py: [fba537dd-5bbe-4537-b07c-11c9910783a7] Linkup stopping re0
Jul 11 21:06:19 XXNAMEFIREWALLXX configd.py: [7bc8e865-b5a2-47d3-8ef3-a2b8626ced4c] Linkup starting re0
Jul 11 21:06:20 XXNAMEFIREWALLXX configd.py: [4d28dac1-015e-4358-b0d3-d3c39506a972] New IPv4 on re0
Jul 11 21:06:22 XXNAMEFIREWALLXX configd.py: [2b4c1629-5694-470d-865e-f852460f74d4] generate template OPNsense/Filter
Jul 11 21:06:23 XXNAMEFIREWALLXX configd.py: generate template container OPNsense/Filter
Jul 11 21:06:23 XXNAMEFIREWALLXX configd.py:  OPNsense/Filter generated //usr/local/etc/filter_tables.conf
Jul 11 21:06:23 XXNAMEFIREWALLXX configd.py: [d2c16a2f-4237-4d92-8f84-32b5d3893c40] refresh url table aliases
Jul 11 21:06:23 XXNAMEFIREWALLXX configd.py: [3cfaa67b-1075-4a1a-92c0-01f1b5615c89] generate template OPNsense/WebGui
Jul 11 21:06:23 XXNAMEFIREWALLXX configd.py: generate template container OPNsense/WebGui
Jul 11 21:06:24 XXNAMEFIREWALLXX configd.py:  OPNsense/WebGui generated //usr/local/lib/php.ini
Jul 11 21:06:24 XXNAMEFIREWALLXX configd.py:  OPNsense/WebGui generated //usr/local/etc/php.ini
Jul 11 21:06:24 XXNAMEFIREWALLXX configd.py: message d2c16a2f-4237-4d92-8f84-32b5d3893c40 [filter.refresh_aliases] returned OK 
Jul 11 21:06:26 XXNAMEFIREWALLXX configd.py: [03ad5e4e-86df-45fe-8ba6-958318c4f22d] Linkup stopping re0
Jul 11 21:06:26 XXNAMEFIREWALLXX configd.py: [38bc3a52-3a9e-4961-9596-f1e04289e089] Linkup starting re0
Jul 11 21:06:26 XXNAMEFIREWALLXX configd.py: [ca4c2dab-abe8-46ee-861d-72fc3199c94a] New IPv4 on re0