Messages

1

20.7 Legacy Series / Re: Firewall Live View filtering

« on: August 03, 2020, 03:27:46 pm »

+1 to that, the options aren't immediately clear, once you realise how to use the parameters, it works. 

IIRC the filter dialogue popped over the list, so hard to reference the columns (or maybe they were blank at the beginning), so made it a bit harder when choosing what to filter.

Needs a few of the options in the dialogue, and/or the help.

2

19.7 Legacy Series / Re: Update hangs with "403 Forbidden" error

« on: January 08, 2020, 02:18:07 am »

The fix for the update process being denied access to the repo is to go to System>Firmware>Updates>Settings, and select a different mirror.

Did/Do you have any PPPoE interfaces configured?  I found that changing a PPPoE config (setup in 19.1, but then upgraded to 19.7), on one of my ethernet connections to use plain DHCP, caused the 19.7 host to crash and reboot. (Note: I also had another interface (OPT6) assigned (disabled) to the same adapter, so I could access the modem on occasion, whilst also running the PPPoE based WAN through it).

I imagine that had I disabled/deleted the PPPoE interface first, then changed the opt interface to DHCP it would have been alright.  As it was I just reconfigured the WAN with the interface enabled so might have upset all kinds of services, particularly Suricata, working with the current and active WAN.

Anyhow, it could be that reassigning your interfaces afresh will prevent crashing and overwrite some previous config causing it.

3

19.7 Legacy Series / Re: After upgrade to Jazzy Jaguar, update fails (403). Is the repo locked down?

« on: January 08, 2020, 02:12:54 am »

Thanks Franco, fixed!

Just had to go System>Firmware>Updates>Settings and select a different (open) mirror.

Maybe in waiting to move to 19.7, I missed an update that addressed this (unless the default changed 'otherhow')

I managed to miss that config in the UI too.  My sincerest apologies for the long post... 

4

19.7 Legacy Series / After upgrade to Jazzy Jaguar, update fails (403). Is the repo locked down?

« on: January 07, 2020, 12:39:13 pm »

Recently upgraded to 19.7 from the latest 19.1.

Used the installer to restore my config from 19.1, everything worked except it wouldn't update. 
"Firmware status check was aborted internally. Please try again."

So I installed from scratch with the default network settings, connected to the world, updated successfully all the way to 19.7.8.  Then restored from my most recent 19.1.x config.xml. 

After restore, update was broken again.  Searching around the usual suspects are:

0. Pressing update again. (always works 2nd time).  Not for me

1. Disaabling IPv6. Mine has always been disabled.  With legacy IPv6, connectivity can be broken so the package manager will not resolve. Made no difference for me

2. pkg update -f
Updating OPNsense repository catalogue...
pkg: https://opnsense-update.deciso.com/FreeBSD:11:amd64/19.7/latest/meta.txz: Forbidden
repository OPNsense has no meta file, using default settings
pkg: https://opnsense-update.deciso.com/FreeBSD:11:amd64/19.7/latest/packagesite.txz: Forbidden
Unable to update repository OPNsense
Error updating repositories!


3. Tried to update a single pkg
***GOT REQUEST TO REINSTALL: ca_root_nss***
Updating OPNsense repository catalogue...
pkg-static: https://opnsense-update.deciso.com/FreeBSD:11:amd64/19.7/latest/meta.txz: Forbidden
repository OPNsense has no meta file, using default settings
pkg-static: https://opnsense-update.deciso.com/FreeBSD:11:amd64/19.7/latest/packagesite.txz: Forbidden
Unable to update repository OPNsense
Error updating repositories!
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***


Is the repo locked down atm?
Is it looking at the correct URL?  Connecting at the console with opnsense-update -fp -n "19.7\/latest", or using a browser, responds the same way: Access Denied.
/usr/local/etc/pkg/repos/OPNsense.conf points to the url: "pkg+https://opnsense-update.deciso.com/${ABI}/19.7/latest"  Can this be edited to fix it?

PS. Sorry about bringing this up twice, seems there is another just like this 2 days ago; https://forum.opnsense.org/index.php?topic=15436.0 Maybe we can get 2 birds with one stone!