Messages

/var/crash/textdump.tar.0: can be found here because its to long to post it here

https://controlc.com/22690355

Hi there,

Since yesterday opnsense reboots daily. I do not fully understand the log files and what is causing it.
I have attached all log files and change the ssh keys and some ip addresses due to privacy.
Looking forward to any help.
Fo some reason zenarmor also shows reports for the same ip but 2 different names or rather put it uses the same ip for different hostnames that are on different vlans and have the right settings in their dhcp server on their corresponding subnet.

Thank you.

System Information

Code Select Expand

User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0
FreeBSD 13.0-STABLE stable/22.1-n248071-cafeb6ce414 SMP amd64
OPNsense 22.1.6 42de9d6d9
Plugins os-acme-client-3.9 os-boot-delay-1.0_1 os-etpro-telemetry-1.6_1 os-intrusion-detection-content-et-open-1.0.1 os-iperf-1.0_1 os-mdns-repeater-1.1 os-netdata-1.1 os-nextcloud-backup-1.0_1 os-sensei-1.11.1 os-sensei-updater-1.11 os-smart-2.2 os-sunnyvalley-1.2_1 os-vnstat-1.3 os-wireguard-1.10
Time Tue, 03 May 2022 17:41:48 +0200
OpenSSL 1.1.1n  15 Mar 2022
PHP 7.4.28

dmesg.boot:

Code Select Expand

Copyright (c) 1992-2021 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 13.0-STABLE stable/22.1-n248071-cafeb6ce414 SMP amd64
FreeBSD clang version 13.0.0 (git@github.com:llvm/llvm-project.git llvmorg-13.0.0-0-gd7b669b3a303)
VT(efifb): resolution 800x600
CPU: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz (1900.00-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x806ea  Family=0x6  Model=0x8e  Stepping=10
  Features=0xbfebfbff
  Features2=0x7ffafbff
  AMD Features=0x2c100800
  AMD Features2=0x121
  Structured Extended Features=0x29c6fbf
  Structured Extended Features3=0xc000000
  XSAVE Features=0xf
  VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
  TSC: P-state invariant, performance statistics
real memory  = 17179869184 (16384 MB)
avail memory = 16503267328 (15738 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table:
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s) x 2 hardware threads
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
random: unblocking device.
ioapic0  irqs 0-119
Launching APs: 1 2 6 4 5 7 3
random: entropy device external interface
wlan: mac acl policy registered
kbd0 at kbdmux0
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0.
efirtc0:
efirtc0: registered as a time-of-day clock, resolution 1.000000s
aesni0:
acpi0:
acpi0: Power Button (fixed)
cpu0:  on acpi0
hpet0:  iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 24000000 Hz quality 950
Event timer "HPET" frequency 24000000 Hz quality 550
atrtc0:  port 0x70-0x77 irq 8 on acpi0
atrtc0: Warning: Couldn't map I/O.
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
attimer0:  port 0x40-0x43,0x50-0x53 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1808-0x180b on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
vgapci0:  port 0xf000-0xf03f mem 0xde000000-0xdeffffff,0xc0000000-0xcfffffff irq 16 at device 2.0 on pci0
vgapci0: Boot video device
xhci0:  mem 0xdf200000-0xdf20ffff irq 16 at device 20.0 on pci0
xhci0: 32 bytes context size, 64-bit DMA
usbus0 on xhci0
usbus0: 5.0Gbps Super Speed USB v3.0
pci0:  at device 22.0 (no driver attached)
ahci0:  port 0xf090-0xf097,0xf080-0xf083,0xf060-0xf07f mem 0xdf214000-0xdf215fff,0xdf218000-0xdf2180ff,0xdf217000-0xdf2177ff irq 16 at device 23.0 on pci0
ahci0: AHCI v1.31 with 3 6Gbps ports, Port Multiplier not supported
ahcich0:  at channel 0 on ahci0
ahcich1:  at channel 1 on ahci0
ahcich2:  at channel 2 on ahci0
pcib1:  irq 16 at device 28.0 on pci0
pci1:  on pcib1
igb0:  port 0xe000-0xe01f mem 0xdf100000-0xdf11ffff,0xdf120000-0xdf123fff irq 16 at device 0.0 on pci1
igb0: NVM V0.6 imgtype1
igb0: Using 1024 TX descriptors and 1024 RX descriptors
igb0: Using 2 RX queues 2 TX queues
igb0: Using MSI-X interrupts with 3 vectors
igb0: Ethernet address: 00:a5:27:e0:0b:9e
igb0: netmap queues/slots: TX 2/1024, RX 2/1024
pcib2:  irq 17 at device 28.1 on pci0
pci2:  on pcib2
igb1:  port 0xd000-0xd01f mem 0xdf000000-0xdf01ffff,0xdf020000-0xdf023fff irq 17 at device 0.0 on pci2
igb1: NVM V0.6 imgtype1
igb1: Using 1024 TX descriptors and 1024 RX descriptors
igb1: Using 2 RX queues 2 TX queues
igb1: Using MSI-X interrupts with 3 vectors
igb1: Ethernet address: 00:a5:27:e0:0b:9f
igb1: netmap queues/slots: TX 2/1024, RX 2/1024
isab0:  at device 31.0 on pci0
isa0:  on isab0
pci0:  at device 31.2 (no driver attached)
acpi_button0:  on acpi0
acpi_button1:  on acpi0
acpi_tz0:  on acpi0
acpi_tz1:  on acpi0
uart0: <16950 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart1: <16950 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
uart2: <16950 or compatible> port 0x3e8-0x3ef irq 6 on acpi0
uart3: <16950 or compatible> port 0x2e8-0x2ef irq 7 on acpi0
uart4: <16950 or compatible> port 0x2f0-0x2f7 irq 10 on acpi0
uart5: <16950 or compatible> port 0x2e0-0x2e7 irq 11 on acpi0
orm0:  at iomem 0xc0000-0xcffff pnpid ORM0000 on isa0
hwpstate_intel0:  on cpu0
hwpstate_intel1:  on cpu1
hwpstate_intel2:  on cpu2
hwpstate_intel3:  on cpu3
hwpstate_intel4:  on cpu4
hwpstate_intel5:  on cpu5
hwpstate_intel6:  on cpu6
hwpstate_intel7:  on cpu7
Timecounter "TSC" frequency 1896000501 Hz quality 1000
Timecounters tick every 1.000 msec
ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Trying to mount root from zfs:zroot/ROOT/default []...
Root mount waiting for: usbus0 CAM
ugen0.1: <0x8086 XHCI root HUB> at usbus0
uhub0 on usbus0
uhub0: <0x8086 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
uhub0: 18 ports with 18 removable, self powered
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
Root mount waiting for: CAM
ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0:  ACS-3 ATA SATA 3.x device
ada0: Serial Number 50026B77847DA92E
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 512bytes)
ada0: Command Queueing enabled
ada0: 244198MB (500118192 512 byte sectors)
ada1 at ahcich1 bus 0 scbus1 target 0 lun 0
ada1:  ACS-4 ATA SATA 3.x device
ada1: Serial Number S4BFNJ0MC13526Y
ada1: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 512bytes)
ada1: Command Queueing enabled
ada1: 238475MB (488397168 512 byte sectors)

/var/crash/info.0:

Code Select Expand

Dump header from device: /dev/ada0p3
  Architecture: amd64
  Architecture Version: 4
  Dump Length: 77312
  Blocksize: 512
  Compression: none
  Dumptime: 2022-05-03 17:39:30 +0200
  Hostname: OPNsense.home
  Magic: FreeBSD Text Dump
  Version String: FreeBSD 13.0-STABLE stable/22.1-n248071-cafeb6ce414 SMP
  Panic String: Unrecoverable machine check exception
  Dump Parity: 3559993632
  Bounds: 0
  Dump Status: good

I had the same issue.
Setting Anti DDOS / Enable syncookies to never (default) or rather leave at the default setting solved the problem.
This can be found under firewall / settings / advanced / Anti DDOS at the bottom.

I had the same issue. Restarting my modem / router which is connected to the wan port of my opnsense box fixed it.

Thx for the update.
Any chance when we could expect a fix?

Running OPNsense 20.7.5-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020

still has the same issues in regards of vnstat not collecting any data and the graphic graph in the dashboard is also still not showing traffic.
Any luck on a fix or work around?

Any update on this?
I have the same issue using ips and sensei.

Thx for the news about the netmap changes.

I disable the cache in pihole and still cannot see local resolved hostnames in sensei's reports.
Dns Crypt proxy is used though.
Can I change anything to resolve the hostnames or will you guys add an option update to handle this case?

Furthermore do you have a date for the update to automaticly impoert / update custom block lists like in pihole, etc?

Thx

Perfect!
Thank you very much!

Hi there,

How can I list the total number of active drop and alert rules?
Is it possible in the gui or are there any commands for the shell.

Thx.

I use a PiHole due to the fact that white and block lists are really easy to manage.
Sensei can block ads too but I prefer PiHole for this.
Easy to setup and maintain.

I really like sensei so far.
I'm using dnscrypt proxy and sensei cannot resolve local hostnames.
As mentioned a few weeks before, is their an option in the roadmap for sensei to have their own resolver?

are you using pihole by any chance?
I have the same issue.

Engine Version:    1.1_4    
App DB Version:    1.1.1    
Rules DB Version:    1.1.1    

Reports / Security

Code Select Expand

{
  "error": {
    "root_cause": [
      {
        "type": "index_not_found_exception",
        "reason": "no such index",
        "resource.type": "index_or_alias",
        "resource.id": "alert_all",
        "index_uuid": "_na_",
        "index": "alert_all"
      }
    ],
    "type": "index_not_found_exception",
    "reason": "no such index",
    "resource.type": "index_or_alias",
    "resource.id": "alert_all",
    "index_uuid": "_na_",
    "index": "alert_all"
  },
  "status": 404
}

Errors also occure at Reports / Web
Although I cannot open view erro message.

Furthermore since the update of sensei yesterday some sites aren't displayed fully with a running sensei.

But there is no alias field for cron jobs