Messages

update: seems MOST probably a wifi or switch issue

Versions
OPNsense 25.7.5-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

I have captive portal issue started sometime 25.x, may free wifi is in vlan 15.
after a while it will randomly "crash" or block all access. DHCP works though ping to the
gateway ip returns timed out. ping to other devices within the network is ok.
there will be no Internet connection.

solution with no effect
1) restart or stop/start captive portal
2) restart or stop/start ubound
3) restart or stop/start DHCP
4) I think i have tried restart to no effect

solution to recover from issue
1) change IP of VLAN Interface, usually from 192.168.88.1 to 192.168.88.2 and vice versa if .2 does the same issue

captive portal functioning correctly

https://freeimage.host/i/KkEwhQV

captive portal blocking

https://freeimage.host/i/KkEOHOJ

I have tried to check other logs, but there are no mention of captive portal crashing or bad database. vene on the captive portal logs.
it is as if randomly it just blocks accesss. and restart of portal does not seem to have an effect.
only if I change the IP of vlan interface.

database keeps crashing and curropted, I have deleted 3 times already.
any help?

2025-04-15T08:25:22    Informational    captiveportal    AUTH anonymous@10.10.2.114 (10.10.2.114) zone 0   
2025-04-15T08:25:12    Error    captiveportal    sqlite3 /var/captiveportal/captiveportal.sqlite doesn't look like a database, renamed to /var/captiveportal/captiveportal.sqlite.20250415082512.bck   
2025-04-15T08:25:07    Informational    captiveportal    AUTH anonymous@10.10.2.114 (10.10.2.114) zone 0   
2025-04-15T08:25:07    Error    captiveportal    Forcefully repair database (Traceback (most recent call last): File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/cp-background-process.py", line 259, in main bgprocess.sync_zone(zoneid) File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/cp-background-process.py", line 140, in sync_zone expected_clients = self.db.list_clients(zoneid) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/lib/db.py", line 205, in list_clients cur.execute(""" select cc.zoneid sqlite3.OperationalError: database is locked )   
2025-04-15T08:24:52    Informational    captiveportal    AUTH anonymous@10.10.2.114 (10.10.2.114) zone 0

A hotfix release was issued as 25.1.5_5:
 o captive portal: missing fix for command line argument parsing in backend

progress has been made in github
there is a patch

With the 25.1.5_4, I have the same authentication issue, but with SSH into root account. I do not use captive portal at all.
However, the issue was gone when I reverted to a snapshot with the 25.1.5_1 version.

whats the command to revert to that version?

issue with portal voucher reported in github
https://github.com/opnsense/core/issues/8540
the whole portal ithink is broken, I only use no authentication, clicking connect button returns "login failed"

Could it be related to the we browser's cache?

25.1.5_4

same login error

then the submit/connect button was lost/missing even if not yet authenticated.
even reverting to default template same error but submit button shows
returns login failed

I am using no auththentication just conenct button to authenticate

tried with multiple devices, and tried maually entering portal addess and even in incognito mode
same login error, even using the default blank template

on OPNsense 25.1.5_4
using no authentication

the connect button is missing...

reverting to the default portal.
connect button shows but throws, login failed

should NAT refelction be turned on? ang 1to1 NAT?

there is an open issue in github
https://github.com/opnsense/core/issues/8540

25.1.5_4

same login error

then the submit/connect button was lost/missing even if not yet authenticated.
even reverting to default template same error but submit button shows
returns login failed

I am using no auththentication just conenct button to authenticate

[Captive Portal] Whitelist URL

how to white list a external URL
so it will load and NOT be blocked by the captive portal?

I have address IP rules to allow and even alias to no avail, acess thos site ultimately load sa captive portal.

tried the new  Traffic shaping [experimental] in firewall
so much easier than creating rules in shaper rules which was complicated.
very nice!

but would like to report that the reverse rule is not being followed
download shaper is followed while the upload is not or is there a config issue?
EDIT:
if rule direct has shaper and reverse direction has none, then same as non for both or both uncapped
if rule direct has none and reverse direction has shaper (2mbps), then error not allowed to save
if rule direct has shaper (1mbps) and reverse direction has shaper(2mbps), internet will have 2mbps download and uncapped upload

agree, may be a simple formatable  3 to 5 letter code or letter with generatable numeric
ex input
daycode{number}
number start 100
number end 999

generated will be
daycide001
daycide002
daycide003
...
daycide999


or just an uploadable code vs time database, which the voucher system will parse

the random letter and unumbers are just to complex to input.

it came back after 24.7.1 was installed
will run the code again and see
if it returns in the next upgrade

the command fixed the issue in two of my machines

pkg   1.19.2_1
opnsense 24.7_9-amd64

this actually started 23.7 not exactly sure when, but one I run update next time it will show up again

Code Select Expand


***GOT REQUEST TO UPDATE***
Currently running OPNsense 24.7_9 at Wed Aug  7 21:31:22 PST 2024
Updating OPNsense repository catalogue...
Waiting for another process to update repository OPNsense
Updating SunnyValley repository catalogue...
Waiting for another process to update repository SunnyValley
Updating mimugmail repository catalogue...
Waiting for another process to update repository mimugmail
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating SunnyValley repository catalogue...
Waiting for another process to update repository SunnyValley
Updating mimugmail repository catalogue...
Waiting for another process to update repository mimugmail
All repositories are up to date.
Checking for upgrades (10 candidates): .......... done
Processing candidates (10 candidates): ....... done
The following 19 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
alsa-lib: 1.2.11 [mimugmail]
brotli: 1.1.0,1 [SunnyValley]
fontconfig: 2.15.0_2,1 [SunnyValley]
freetype2: 2.13.2 [SunnyValley]
giflib: 5.2.2 [SunnyValley]
graphite2: 1.3.14 [mimugmail]
jbigkit: 2.1_2 [SunnyValley]
jpeg-turbo: 3.0.3 [SunnyValley]
lcms2: 2.16_2 [mimugmail]
lerc: 4.0.0 [OPNsense]
libXext: 1.3.6,1 [mimugmail]
libXfixes: 6.0.0_1 [mimugmail]
libXi: 1.8_1,1 [mimugmail]
libXrender: 0.9.10_2 [mimugmail]
libdeflate: 1.20 [SunnyValley]
libfontenc: 1.1.8 [SunnyValley]
png: 1.6.43 [SunnyValley]
tiff: 4.6.0 [OPNsense]
zstd: 1.5.6 [SunnyValley]

Number of packages to be installed: 19

The process will require 18 MiB more space.
4 MiB to be downloaded.
[1/19] Fetching png-1.6.43.pkg: .......... done
[2/19] Fetching freetype2-2.13.2.pkg: .......... done
[3/19] Fetching jpeg-turbo-3.0.3.pkg: .......... done
[4/19] Fetching lcms2-2.16_2.pkg: .......... done
[5/19] Fetching libdeflate-1.20.pkg: .......... done
[6/19] Fetching libXfixes-6.0.0_1.pkg: .. done
[7/19] Fetching giflib-5.2.2.pkg: ......... done
[8/19] Fetching libXrender-0.9.10_2.pkg: .... done
[9/19] Fetching libXi-1.8_1,1.pkg: .......... done
[10/19] Fetching graphite2-1.3.14.pkg: .......... done
[11/19] Fetching alsa-lib-1.2.11.pkg: .......... done
[12/19] Fetching libfontenc-1.1.8.pkg: ... done
[13/19] Fetching zstd-1.5.6.pkg: .......... done
[14/19] Fetching brotli-1.1.0,1.pkg: .......... done
[15/19] Fetching libXext-1.3.6,1.pkg: .......... done
[16/19] Fetching fontconfig-2.15.0_2,1.pkg: .......... done
[17/19] Fetching jbigkit-2.1_2.pkg: .......... done
[18/19] Fetching tiff-4.6.0.pkg: .......... done
[19/19] Fetching lerc-4.0.0.pkg: .......... done
Checking integrity... done (0 conflicting)
[1/19] Installing png-1.6.43...
[1/19] Extracting png-1.6.43: .......... done
[2/19] Installing jpeg-turbo-3.0.3...
[2/19] Extracting jpeg-turbo-3.0.3: .......... done
[3/19] Installing libdeflate-1.20...
[3/19] Extracting libdeflate-1.20: .......... done
[4/19] Installing zstd-1.5.6...
[4/19] Extracting zstd-1.5.6: .......... done
[5/19] Installing brotli-1.1.0,1...
[5/19] Extracting brotli-1.1.0,1: .......... done
[6/19] Installing jbigkit-2.1_2...
[6/19] Extracting jbigkit-2.1_2: .......... done
[7/19] Installing lerc-4.0.0...
[7/19] Extracting lerc-4.0.0: ........ done
[8/19] Installing freetype2-2.13.2...
[8/19] Extracting freetype2-2.13.2: .......... done
[9/19] Installing libXfixes-6.0.0_1...
[9/19] Extracting libXfixes-6.0.0_1: ....... done
[10/19] Installing libXext-1.3.6,1...
[10/19] Extracting libXext-1.3.6,1: .......... done
[11/19] Installing tiff-4.6.0...
[11/19] Extracting tiff-4.6.0: .......... done
[12/19] Installing lcms2-2.16_2...
[12/19] Extracting lcms2-2.16_2: .......... done
[13/19] Installing giflib-5.2.2...
[13/19] Extracting giflib-5.2.2: .......... done
[14/19] Installing libXrender-0.9.10_2...
[14/19] Extracting libXrender-0.9.10_2: .......... done
[15/19] Installing libXi-1.8_1,1...
[15/19] Extracting libXi-1.8_1,1: .......... done
[16/19] Installing graphite2-1.3.14...
[16/19] Extracting graphite2-1.3.14: .......... done
[17/19] Installing alsa-lib-1.2.11...
[17/19] Extracting alsa-lib-1.2.11: .......... done
[18/19] Installing libfontenc-1.1.8...
[18/19] Extracting libfontenc-1.1.8: ......... done
[19/19] Installing fontconfig-2.15.0_2,1...
[19/19] Extracting fontconfig-2.15.0_2,1: .......... done
Running fc-cache to build fontconfig cache...
=====
Message from freetype2-2.13.2:

--
The 2.7.x series now uses the new subpixel hinting mode (V40 port's option) as
the default, emulating a modern version of ClearType. This change inevitably
leads to different rendering results, and you might change port's options to
adapt it to your taste (or use the new "FREETYPE_PROPERTIES" environment
variable).

The environment variable "FREETYPE_PROPERTIES" can be used to control the
driver properties. Example:

FREETYPE_PROPERTIES=truetype:interpreter-version=35 \
cff:no-stem-darkening=1 \
autofitter:warping=1

This allows to select, say, the subpixel hinting mode at runtime for a given
application.

If LONG_PCF_NAMES port's option was enabled, the PCF family names may include
the foundry and information whether they contain wide characters. For example,
"Sony Fixed" or "Misc Fixed Wide", instead of "Fixed". This can be disabled at
run time with using pcf:no-long-family-names property, if needed. Example:

FREETYPE_PROPERTIES=pcf:no-long-family-names=1

How to recreate fontconfig cache with using such environment variable,
if needed:
# env FREETYPE_PROPERTIES=pcf:no-long-family-names=1 fc-cache -fsv

The controllable properties are listed in the section "Controlling FreeType
Modules" in the reference's table of contents
(/usr/local/share/doc/freetype2/reference/index.html, if documentation was installed).
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 19 packages:

Installed packages to be REMOVED:
alsa-lib: 1.2.11
brotli: 1.1.0,1
fontconfig: 2.15.0_2,1
freetype2: 2.13.2
giflib: 5.2.2
graphite2: 1.3.14
jbigkit: 2.1_2
jpeg-turbo: 3.0.3
lcms2: 2.16_2
lerc: 4.0.0
libXext: 1.3.6,1
libXfixes: 6.0.0_1
libXi: 1.8_1,1
libXrender: 0.9.10_2
libdeflate: 1.20
libfontenc: 1.1.8
png: 1.6.43
tiff: 4.6.0
zstd: 1.5.6

Number of packages to be removed: 19

The operation will free 18 MiB.
[1/19] Deinstalling lcms2-2.16_2...
[1/19] Deleting files for lcms2-2.16_2: .......... done
[2/19] Deinstalling fontconfig-2.15.0_2,1...
[2/19] Deleting files for fontconfig-2.15.0_2,1: .......... done
[3/19] Deinstalling freetype2-2.13.2...
[3/19] Deleting files for freetype2-2.13.2: .......... done
[4/19] Deinstalling libXi-1.8_1,1...
[4/19] Deleting files for libXi-1.8_1,1: .......... done
[5/19] Deinstalling tiff-4.6.0...
[5/19] Deleting files for tiff-4.6.0: .......... done
[6/19] Deinstalling png-1.6.43...
[6/19] Deleting files for png-1.6.43: .......... done
[7/19] Deinstalling jpeg-turbo-3.0.3...
[7/19] Deleting files for jpeg-turbo-3.0.3: .......... done
[8/19] Deinstalling libfontenc-1.1.8...
[8/19] Deleting files for libfontenc-1.1.8: ......... done
[9/19] Deinstalling zstd-1.5.6...
[9/19] Deleting files for zstd-1.5.6: .......... done
[10/19] Deinstalling brotli-1.1.0,1...
[10/19] Deleting files for brotli-1.1.0,1: .......... done
[11/19] Deinstalling libdeflate-1.20...
[11/19] Deleting files for libdeflate-1.20: .......... done
[12/19] Deinstalling libXext-1.3.6,1...
[12/19] Deleting files for libXext-1.3.6,1: .......... done
[13/19] Deinstalling libXfixes-6.0.0_1...
[13/19] Deleting files for libXfixes-6.0.0_1: ....... done
[14/19] Deinstalling giflib-5.2.2...
[14/19] Deleting files for giflib-5.2.2: .......... done
[15/19] Deinstalling libXrender-0.9.10_2...
[15/19] Deleting files for libXrender-0.9.10_2: .......... done
[16/19] Deinstalling jbigkit-2.1_2...
[16/19] Deleting files for jbigkit-2.1_2: .......... done
[17/19] Deinstalling graphite2-1.3.14...
[17/19] Deleting files for graphite2-1.3.14: .......... done
[18/19] Deinstalling alsa-lib-1.2.11...
[18/19] Deleting files for alsa-lib-1.2.11: .......... done
[19/19] Deinstalling lerc-4.0.0...
[19/19] Deleting files for lerc-4.0.0: ........ done
Checking all packages: .......... done
The following package files will be deleted:
/var/cache/pkg/libXrender-0.9.10_2.pkg
/var/cache/pkg/libXi-1.8_1,1.pkg
/var/cache/pkg/freetype2-2.13.2~76fa19cd6b.pkg
/var/cache/pkg/graphite2-1.3.14.pkg
/var/cache/pkg/libfontenc-1.1.8.pkg
/var/cache/pkg/lcms2-2.16_2.pkg
/var/cache/pkg/jpeg-turbo-3.0.3.pkg
/var/cache/pkg/jbigkit-2.1_2~4b5c73fda2.pkg
/var/cache/pkg/libXfixes-6.0.0_1~112ddedf00.pkg
/var/cache/pkg/giflib-5.2.2~61b06a0d8a.pkg
/var/cache/pkg/tiff-4.6.0.pkg
/var/cache/pkg/brotli-1.1.0,1.pkg
/var/cache/pkg/alsa-lib-1.2.11.pkg
/var/cache/pkg/graphite2-1.3.14~d2a11600d5.pkg
/var/cache/pkg/freetype2-2.13.2.pkg
/var/cache/pkg/fontconfig-2.15.0_2,1.pkg
/var/cache/pkg/libdeflate-1.20.pkg
/var/cache/pkg/libXfixes-6.0.0_1.pkg
/var/cache/pkg/giflib-5.2.2.pkg
/var/cache/pkg/brotli-1.1.0,1~8e55295843.pkg
/var/cache/pkg/lerc-4.0.0~db929e6f56.pkg
/var/cache/pkg/lcms2-2.16_2~d0fd020876.pkg
/var/cache/pkg/lerc-4.0.0.pkg
/var/cache/pkg/libdeflate-1.20~1df5782c2a.pkg
/var/cache/pkg/libXext-1.3.6,1.pkg
/var/cache/pkg/fontconfig-2.15.0_2,1~bf23c56c96.pkg
/var/cache/pkg/zstd-1.5.6~e14bb59e2e.pkg
/var/cache/pkg/png-1.6.43.pkg
/var/cache/pkg/libXext-1.3.6,1~30005c79a9.pkg
/var/cache/pkg/zstd-1.5.6.pkg
/var/cache/pkg/libXrender-0.9.10_2~020f4558f9.pkg
/var/cache/pkg/libXi-1.8_1,1~c75b3a3b76.pkg
/var/cache/pkg/png-1.6.43~e10fcb01ca.pkg
/var/cache/pkg/jpeg-turbo-3.0.3~2b2514f810.pkg
/var/cache/pkg/libfontenc-1.1.8~c32e4188e2.pkg
/var/cache/pkg/tiff-4.6.0~d053371651.pkg
/var/cache/pkg/alsa-lib-1.2.11~67ac8ae257.pkg
/var/cache/pkg/jbigkit-2.1_2.pkg
The cleanup will free 4 MiB
Deleting files: .......... done
All done
Nothing to do.
Starting web GUI...done.
Generating RRD graphs...done.
***DONE***