Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - gex

Pages1
#1
20.7 Legacy Series / Re: Upgrade to 20.7 fails
October 11, 2020, 02:21:27 PM
thanks @Thijs! that helped

Quote from: thijs_a on October 06, 2020, 04:24:20 PM
Hello,

I was having the same issue when upgrading. I am also using ESXI.

I managed to work around the issue by installing the upgrade as usual and when it hangs at Configuring system logging...done, I clicked the stop icon at the syslog-ng service on the dashboard. Later during the upgrade, you need to do this again when it hangs at the same message. After that, the upgrade completed successfully.

Hope this helps,
Thijs
#2
General Discussion / Re: GeoIP Problem!
December 01, 2018, 06:48:43 PM
try what I post in https://forum.opnsense.org/index.php?topic=10458.new;topicseen#new as a workaround
#3
18.7 Legacy Series / Re: [18.7.8] GeoIP alias not working
December 01, 2018, 06:36:32 PM
my personal workaround, till I get help:

Code Select

cp /usr/local/share/GeoIP/alias/AT-IPv4 /var/db/aliastables/IPv4_at.self.txt
cp /usr/local/share/GeoIP/alias/AT-IPv4 /var/db/aliastables/IPv4_at.txt
/usr/local/opnsense/scripts/filter/update_tables.py
#4
18.7 Legacy Series / Re: [18.7.8] GeoIP alias not working
December 01, 2018, 06:31:38 PM
I fix the update issue but still not working:

Code Select

root@fw01:/var/db/aliastables # /usr/local/opnsense/scripts/filter/update_tables.py
root@fw01:/var/db/aliastables # cat /var/db/aliastables/IPv4_at.*
34fafd09432a71cc46e9fd6fc94b5ab3root@fw01:/var/db/aliastables #
#5
18.7 Legacy Series / Re: [18.7.8] GeoIP alias not working
December 01, 2018, 06:26:09 PM
Code Select

root@fw01:/var/db/aliastables # /usr/local/opnsense/scripts/filter/update_tables.py
Traceback (most recent call last):
  File "/usr/local/opnsense/scripts/filter/update_tables.py", line 122, in <module>
    alias_content = alias.resolve()
  File "/usr/local/opnsense/scripts/filter/lib/alias.py", line 236, in resolve
    for address in address_parser(item):
  File "/usr/local/opnsense/scripts/filter/lib/alias.py", line 171, in _fetch_geo
    for proto in self._proto.split(','):
AttributeError: 'NoneType' object has no attribute 'split'
#6
18.7 Legacy Series / Re: [18.7.8] GeoIP alias not working
December 01, 2018, 04:58:14 PM
under Firewall: Diagnostics: pfTables the table is also empty - look like it gets not loaded
#7
18.7 Legacy Series / Re: [18.7.8] GeoIP alias not working
December 01, 2018, 04:46:44 PM
Hi,

I have a similar problem.
I want to catch traffic to Austria, but it's not working. I added screenshots.

Code Select

root@fw01:~ # /usr/local/bin/geoipupdate.sh
Fetching GeoIP.dat and GeoIPv6.dat...
/usr/local/share/GeoIP/GeoIPupdate.NQMYd6/GeoI100% of  694 kB 4658 kBps 00m00s
/usr/local/share/GeoIP/GeoIPupdate.DLAu70/GeoI100% of 1180 kB 5075 kBps 00m01s
root@fw01:~ # /usr/local/bin/geoiplookup 194.232.104.139
GeoIP Country Edition: AT, Austria


command line is also working, so I don't know why I don't get a catch on the rule, I tried it in Floating, LAN and WAN

Regards

Gregor
#8
18.1 Legacy Series / Re: IPv6 not working in VMware
July 28, 2018, 11:35:45 AM
Quote from: marjohn56 on July 23, 2018, 07:49:22 PM
So which is it, IPv6 doesn't work at all or OpenVPN doesn't work?

only ping is working with IPv6 - can't open the config page (with the right FW Rule setuped) and also OpenVPN won't connect
in tcpdump all Packages have cksum incorrect
#9
18.1 Legacy Series / Re: IPv6 not working in VMware
July 23, 2018, 04:17:31 PM
so you can configure and can use e.g. OpenVPN only over IPv6?

Gregor
#10
18.1 Legacy Series / Re: IPv6 not working in VMware
July 21, 2018, 04:56:54 PM
sysctl OPNsense:
net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 62876
net.inet6.ip6.accept_rtadv: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 1
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 62876
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.stealth: 0
net.inet6.ip6.no_radr: 0
net.inet6.ip6.norbit_raif: 0
net.inet6.ip6.rfc6204w3: 0
net.inet6.ip6.intr_queue_maxlen: 256
net.inet6.ip6.grehlim: 64
                      
net.inet6.ip6.deembed_scopeid: 1
net.inet6.ip6.dad_enhanced: 1
                  
net.inet6.ip6.mcast.loop: 1
net.inet6.ip6.mcast.maxsocksrc: 128
net.inet6.ip6.mcast.maxgrpsrc: 512
net.inet6.ipsec6.def_policy: 1
net.inet6.ipsec6.esp_trans_deflev: 1
net.inet6.ipsec6.esp_net_deflev: 1
net.inet6.ipsec6.ah_trans_deflev: 1
net.inet6.ipsec6.ah_net_deflev: 1
net.inet6.ipsec6.ecn: 0
net.inet6.ipsec6.debug: 0
net.inet6.ipsec6.filtertunnel: 0
net.inet6.icmp6.rediraccept: 1
net.inet6.icmp6.redirtimeout: 600
net.inet6.icmp6.nd6_prune: 1
net.inet6.icmp6.nd6_delay: 5
net.inet6.icmp6.nd6_umaxtries: 3
net.inet6.icmp6.nd6_mmaxtries: 3
net.inet6.icmp6.nd6_useloopback: 1
net.inet6.icmp6.nodeinfo: 3
net.inet6.icmp6.errppslimit: 100
net.inet6.icmp6.nd6_maxnudhint: 0
net.inet6.icmp6.nd6_debug: 0
net.inet6.icmp6.nd6_maxqueuelen: 1
net.inet6.icmp6.nodeinfo_oldmcprefix: 1
net.inet6.icmp6.nd6_onlink_ns_rfc4861: 0
net.inet6.icmp6.nd6_gctimer: 86400
net.inet6.mld.use_allow: 1
net.inet6.mld.v1enable: 1
net.inet6.mld.gsrdelay: 10

sysctl PFsense:
net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 47174
net.inet6.ip6.accept_rtadv: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 1
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 47174
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.stealth: 0
net.inet6.ip6.no_radr: 0
net.inet6.ip6.norbit_raif: 0
net.inet6.ip6.rfc6204w3: 1
net.inet6.ip6.intr_queue_maxlen: 256
net.inet6.ip6.pfil.outbound: pf
net.inet6.ip6.pfil.inbound: pf
net.inet6.ip6.deembed_scopeid: 1
net.inet6.ip6.dad_enhanced: 1
net.inet6.ip6.grehlim: 64
net.inet6.ip6.mcast.loop: 1
net.inet6.ip6.mcast.maxsocksrc: 128
net.inet6.ip6.mcast.maxgrpsrc: 512
net.inet6.ipsec6.def_policy: 1
net.inet6.ipsec6.esp_trans_deflev: 1
net.inet6.ipsec6.esp_net_deflev: 1
net.inet6.ipsec6.ah_trans_deflev: 1
net.inet6.ipsec6.ah_net_deflev: 1
net.inet6.ipsec6.ecn: 0
net.inet6.ipsec6.debug: 0
net.inet6.ipsec6.filtertunnel: 0
net.inet6.icmp6.rediraccept: 1
net.inet6.icmp6.redirtimeout: 600
net.inet6.icmp6.nd6_prune: 1
net.inet6.icmp6.nd6_delay: 5
net.inet6.icmp6.nd6_umaxtries: 3
net.inet6.icmp6.nd6_mmaxtries: 3
net.inet6.icmp6.nd6_useloopback: 1
net.inet6.icmp6.nodeinfo: 3
net.inet6.icmp6.errppslimit: 100
net.inet6.icmp6.nd6_maxnudhint: 0
net.inet6.icmp6.nd6_debug: 0
net.inet6.icmp6.nd6_maxqueuelen: 1
net.inet6.icmp6.nodeinfo_oldmcprefix: 1
net.inet6.icmp6.nd6_onlink_ns_rfc4861: 0
net.inet6.icmp6.nd6_gctimer: 86400
net.inet6.mld.use_allow: 1
net.inet6.mld.v1enable: 1
net.inet6.mld.gsrdelay: 10
#11
18.1 Legacy Series / IPv6 not working in VMware
July 21, 2018, 04:23:06 PM
Hi,

hopefully someone could help. Hi have at Hetzner an ESXi.
When I boot OPNsense with IPv6 I can ping but every UDP or TCP stream is not working.
If I use PFsense IPv6 is working without any problem. I found no differences, could someone help me to debug this?

Regards

Gregor
Pages1