Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - kaviraj

Pages1
#1
20.1 Legacy Series / Re: 20.1.4 just upgraded. No issues so far!
April 16, 2020, 10:09:57 PM
Since upgrade to 20.1.4 we are having issues with strongswan U5.8.3/K11.2-RELEASE-p18-HBSD. Here is the output of the log file:
Apr 16 18:13:24 opnsense charon: 10[DMN] <con2-000|6> thread 10 received 11
Apr 16 18:13:24 opnsense charon: 10[LIB] <con2-000|6>  dumping 2 stack frame addresses:
Apr 16 18:13:24 opnsense charon: 10[LIB] <con2-000|6>   /lib/libthr.so.3 @ 0x00000462e6228000 (pthread_sigmask+0x536) [0x00000462e6236976]
Apr 16 18:13:25 opnsense charon: 10[LIB] <con2-000|6>     -> ??:0
Apr 16 18:13:25 opnsense charon: 10[LIB] <con2-000|6>   /lib/libthr.so.3 @ 0x00000462e6228000 (pthread_getspecific+0xe12) [0x00000462e6235ee2]
Apr 16 18:13:25 opnsense charon: 10[LIB] <con2-000|6>     -> ??:0
Apr 16 18:13:25 opnsense charon: 10[DMN] <con2-000|6> killing ourself, received critical signal

The GUI and strongswan process becomes unresponsive after this error. we can't even restart or stop it. The only way out to get atleast the GUI working:
1. Desactivate all ipsec tunnels (it will keep on loading until you perform step 2)
2. Via ssh kill all ipsec processes

This action only helps to get the GUI. For strongswan to work again a system reboot is needed.

Last version on which it was working:
opnsense: 20.1
strongswan: U5.8.2/K11.2-RELEASE-p16-HBSD
#2
Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering
May 21, 2019, 09:26:44 AM
Hello,

Been testing sensei 0.8.0.beta9 since some days now and since yesterday am facing some strange problems. Some clients are unable to resolve DNS. If i change the client IP everything start to work again. I tried to uninstall and reinstall but still the same.

OPNsense is running over virtualised environment (Proxmox) with kernel 19.1.4 having netmap support as am using virtio.

Test case:
1. I have a client with IP 10.249.10.228/24. When i run a dig it returns a timed-out. A tcpdump on the hypervisor shows that the request was forwarded over the OPNsense interface but a dump on OPNsense interface shows nothing.

2. I stop sensei engine dig starts to work. But as soon as i start it, the client is unable to resolve DNS.

3. Same client but i change IP to 10.249.10.11/24. Dig works.

I may provide remote access if needed.

Thanks for your help.
Pages1