Messages

1

24.7, 24.10 Production Series / version 24.7_5-amd64 dashboard crash

« on: August 01, 2024, 07:54:49 am »

I just upgraded my OPNSense to version 24.7_5-amd64. After upgraded, the dashboard crash alway. Please the attached pic. I using this device as a router for internal LAN, the routing service stopped during crash. I stopped the wireguard service and reboot the device. The service resumed. but today I go back from lunch, the dashboard crashed again.

2

21.1 Legacy Series / Re: ntopng failed to start after upgraded to 21.1.5

« on: May 27, 2021, 09:18:13 am »

Thanks for your reply. I reinstall the redis and ntopng service and restarts the firewall. It works.

3

21.1 Legacy Series / ntopng failed to start after upgraded to 21.1.5

« on: May 24, 2021, 08:38:22 am »

I just upgraded my firewall from 19.x to 21.1.5. The ntopng service can't be started now. I have tried to reinstalled redis and ntopng services. Deleted ntopng and redis folders before reinstall servcies. Here is the log records when I restarts the ntopng service:
Date                                 Process             Line
2021-05-24T14:25:59   root[54924]   /usr/local/etc/rc.d/ntopng: WARNING: failed to start ntopng   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:150] ERROR: to specify a redis server other than the default   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:149] ERROR: Please start it and try again or use -r   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:148] ERROR: ntopng requires redis server to be up and running   
2021-05-24T14:25:58   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:55   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:53   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:50   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:48   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:45   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:43   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:40   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:38   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:35   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:32   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:30   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:27   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:25   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:22   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:20   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]

4

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 13, 2020, 03:20:00 am »

Here is the sample that OPnsense blocks the vnc service.
I tring to connect 10.128.8.18 by 10.128.2.132, but it can't be connected. I can ping 10.128.8.18 from 10.128.2.132.

5

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 13, 2020, 03:12:30 am »

yes, 10.128.8.0/24 is the LAN of the OPNsense.
10.128.8.0/24 and 10.10.2.0/24 connected by a IEPL line. works like vlan, these two subnet can be accessed each other.
from the OPNsense live log. I can see LAN rule (default deny rule) some times deny the traffic from 10.128.8.0/24 to 10.10.2.0/24. Most of this traff is to 443 port.
When a computer use the OPNsense as gateway, It can be ping but can't be connected by remote desktop or vnc anymore, all services (outlook. VNC, remote desktop etc.) become unstable. I used pfsense before, the situation are the same.

6

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 10, 2020, 09:46:45 am »

Thanks for all replies.
I am troubleshooting why many IPs blocked by the default deny rule, so I add some rules to try to isolate the problem, but no use. I just wounder why default deny rule block so many external IP with 443 port and some internal IP.
attached a simple diagram of the network for your reference.

7

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 10, 2020, 07:55:01 am »

on rule is for IN and another is for OUT.
1.2 is for 10.128.8.18(computer) in/out testing.
3,4 is for whole lan segment
6,7 is for other subnet in lan side. without these 2 rules, these two subnets can't ping any devices in 10.128.8.0/24.

8

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 10, 2020, 05:55:28 am »

here is the Wan rules screen capture.

9

19.7 Legacy Series / Re: default deny rule block many IPs

« on: January 10, 2020, 05:54:45 am »

Here is the floating, Lan and Wan rules screen capture. It using default rules and just added few rules for internal traffic.

10

19.7 Legacy Series / default deny rule block many IPs

« on: January 09, 2020, 09:31:30 am »

In the live view of firewall tab. I found many IPs have been block by default deny rule. I don't know why the rule blocks the IP which in another of my company. I set my IP can access any network but still no works.

11

Chinese - 中文 / Re: default deny rule issue

« on: January 09, 2020, 09:25:03 am »

这是补充的截图

12

Chinese - 中文 / default deny rule issue

« on: January 09, 2020, 09:22:22 am »

想请教一下，在firewall下面的live view看到好多被default deny rule拦截下来的信息，拦下的IP包括同网的设备，包括互联网上的IP，外网IP基本都是连接443端口的。网络服务出现短短续续的情况，访问互联网就有点慢。我已经设了让某个IP可以自由进出任何网络。不知道是那里的规则出问题。