"This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.7, 24.10 Legacy Series / Re: Issue with ftp-proxy
August 05, 2024, 09:46:44 AM #2
24.1, 24.4 Legacy Series / Re: 24.1_1 upgrade Webgui not working after reboot
February 06, 2024, 08:15:33 AM
Maybe this is issue on reboot?
https://forum.opnsense.org/index.php?topic=38593.msg188923#msg188923
https://forum.opnsense.org/index.php?topic=38593.msg188923#msg188923
#3
24.1, 24.4 Legacy Series / Webconfigurator fails start when bound to interface with DHCPv6
February 04, 2024, 11:34:31 AM
When binding the webconfigurator to an interface using DHCPv6 it fails to start on boot.
This is because the rc.restart_webgui script runs before the interface is fully configured.
changed the startup of the configurator in /usr/local/etc/inc/plugins.in.d/webgui.inc:
mwexec('/sbin/ifconfig vtnet0 >/tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1; /bin/sleep 5; /sbin/ifconfig v
tnet0 >> /tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1'
And found:
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 tentative scopeid 0x1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
2024-02-04 11:32:23: (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/network.c.588) bind() [fe80::5054:1ff:fe23:4a58]:443: Can't assign requested address
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 scopeid 0x1
inet6 2a02:a452:42e8:f00f:5054:1ff:fe23:4a58 prefixlen 64 autoconf
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Current workaround is to have the webgui startup sleep for a few seconds
This is because the rc.restart_webgui script runs before the interface is fully configured.
changed the startup of the configurator in /usr/local/etc/inc/plugins.in.d/webgui.inc:
mwexec('/sbin/ifconfig vtnet0 >/tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1; /bin/sleep 5; /sbin/ifconfig v
tnet0 >> /tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1'
And found:
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 tentative scopeid 0x1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
2024-02-04 11:32:23: (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/network.c.588) bind() [fe80::5054:1ff:fe23:4a58]:443: Can't assign requested address
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 scopeid 0x1
inet6 2a02:a452:42e8:f00f:5054:1ff:fe23:4a58 prefixlen 64 autoconf
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Current workaround is to have the webgui startup sleep for a few seconds
#4
20.7 Legacy Series / Re: PHP script killing system (/usr/local/opnsense/scripts/dhcp/prefixes.php)
December 02, 2020, 12:04:39 PM
System info:
OPNsense 20.7.5-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
Intel(R) Atom(TM) CPU C2750 @ 2.40GHz (8 cores) / 16GB
OPNsense 20.7.5-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
Intel(R) Atom(TM) CPU C2750 @ 2.40GHz (8 cores) / 16GB
#5
20.7 Legacy Series / PHP script killing system (/usr/local/opnsense/scripts/dhcp/prefixes.php)
December 02, 2020, 11:08:22 AM
What is this script doing exactly, and why is it consistently killing my system? The amount of process taking up 100% keeps increasing and I have to kill them hard and restart the webgui.
last pid: 81341; load averages: 6.35, 6.13, 4.90 up 1+18:53:05 11:01:04
108 processes: 8 running, 99 sleeping, 1 zombie
CPU: 90.3% user, 0.0% nice, 7.7% system, 0.5% interrupt, 1.5% idle
Mem: 935M Active, 4174M Inact, 2180M Wired, 1136M Buf, 9530M Free
Swap: 8192M Total, 8192M Free
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
67960 root 1 100 0 180M 139M CPU5 5 6:10 99.03% php
15771 root 1 92 0 180M 139M CPU4 4 0:12 98.95% php
66050 root 1 102 0 180M 139M CPU1 1 10:09 98.93% php
3542 root 1 102 0 180M 139M CPU2 2 14:17 98.38% php
40170 root 1 101 0 180M 139M CPU6 6 20:48 96.21% php
58530 root 1 101 0 180M 139M CPU0 0 16:40 95.19% php
ps aux |grep php
root 3542 100.0 0.9 184008 142104 - R 10:46 14:59.09 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 40170 100.0 0.9 184008 142104 - R 10:39 21:29.53 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 58530 100.0 0.9 184008 142108 - R 10:44 17:22.13 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 67960 100.0 0.9 184008 142108 - R 10:54 6:51.40 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 15771 99.6 0.9 184008 142116 - R 11:00 0:53.80 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 66050 99.4 0.9 184008 142100 - R 10:50 10:51.01 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
last pid: 81341; load averages: 6.35, 6.13, 4.90 up 1+18:53:05 11:01:04
108 processes: 8 running, 99 sleeping, 1 zombie
CPU: 90.3% user, 0.0% nice, 7.7% system, 0.5% interrupt, 1.5% idle
Mem: 935M Active, 4174M Inact, 2180M Wired, 1136M Buf, 9530M Free
Swap: 8192M Total, 8192M Free
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
67960 root 1 100 0 180M 139M CPU5 5 6:10 99.03% php
15771 root 1 92 0 180M 139M CPU4 4 0:12 98.95% php
66050 root 1 102 0 180M 139M CPU1 1 10:09 98.93% php
3542 root 1 102 0 180M 139M CPU2 2 14:17 98.38% php
40170 root 1 101 0 180M 139M CPU6 6 20:48 96.21% php
58530 root 1 101 0 180M 139M CPU0 0 16:40 95.19% php
ps aux |grep php
root 3542 100.0 0.9 184008 142104 - R 10:46 14:59.09 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 40170 100.0 0.9 184008 142104 - R 10:39 21:29.53 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 58530 100.0 0.9 184008 142108 - R 10:44 17:22.13 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 67960 100.0 0.9 184008 142108 - R 10:54 6:51.40 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 15771 99.6 0.9 184008 142116 - R 11:00 0:53.80 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 66050 99.4 0.9 184008 142100 - R 10:50 10:51.01 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
#6
20.7 Legacy Series / Re: Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
August 07, 2020, 07:12:59 PM
Unfortunately the issue persists with the supplied test kernel. It must have been a different bug and commit that fixes this. Most likely:
https://github.com/freebsd/freebsd/commit/63bc20993b4f570ff1a7c45b5dead0109768d494#diff-c9065ed6e74837c7cb1ded9eb39e7fb9
https://github.com/freebsd/freebsd/commit/63bc20993b4f570ff1a7c45b5dead0109768d494#diff-c9065ed6e74837c7cb1ded9eb39e7fb9
#7
20.7 Legacy Series / Re: Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
August 07, 2020, 03:01:38 PM
Issue was fixed a few weeks ago, and no longer exists in FreeBSD latest snapshot kernel.
https://svnweb.freebsd.org/base?view=revision&revision=362472
The hardened BSD kernel in use by opnsense however still suffers from this rather nasty bug, rendering multicast pretty much unusable. I took the liberty of opening a PR for their stable branch, but don't know whether they'll accept it.
Is there any documentation for compiling a custom kernel to use with opnsense? I would rather go that route than downgrading to 20.1. Hardned BSD dev branch is up to date with FreeBSD, last merge there was a few days ago.
https://svnweb.freebsd.org/base?view=revision&revision=362472
The hardened BSD kernel in use by opnsense however still suffers from this rather nasty bug, rendering multicast pretty much unusable. I took the liberty of opening a PR for their stable branch, but don't know whether they'll accept it.
Is there any documentation for compiling a custom kernel to use with opnsense? I would rather go that route than downgrading to 20.1. Hardned BSD dev branch is up to date with FreeBSD, last merge there was a few days ago.
#8
20.7 Legacy Series / Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
August 07, 2020, 12:39:34 PM
I discovered a pretty serious issue with multicast in version 20.7 / FreeBSD 12. Multicast groups are joined, but never left. This causes streams to keep running indefinitely and can quickly saturate upstream links.
I am currently in the process of rewriting / overhauling the igmpproxy source code and discovered this issue after upgrading my opnsense installation from 20.1 to 20.7. After testing using stock installatins, I established the issue is present since FreeBSD 12, up to the most recent stable p8 release.
I have opened up a bug report with FreeBSD:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248512
For now I would advice anybody using multicast routing / igmpproxy to stay away from 20.7.
I am currently in the process of rewriting / overhauling the igmpproxy source code and discovered this issue after upgrading my opnsense installation from 20.1 to 20.7. After testing using stock installatins, I established the issue is present since FreeBSD 12, up to the most recent stable p8 release.
I have opened up a bug report with FreeBSD:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248512
For now I would advice anybody using multicast routing / igmpproxy to stay away from 20.7.
#9
20.1 Legacy Series / Re: Geoip and Ntopng
July 28, 2020, 01:38:59 PMQuote from: mimugmail on July 28, 2020, 11:37:00 AM
Shall we pack this in the plugin itself?
Sure, feel free to do so
#10
20.1 Legacy Series / Re: Geoip and Ntopng
July 28, 2020, 10:29:25 AM
Attached an updated version of ntopng-geoip2update.sh
Replace the script currently in /usr/local/bin
Follow instructions on https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
Copy GeoIP.conf to /usr/local/etc (or any other location and specify it on command line)
Schedule script in cron
add to /usr/local/opnsense/service/conf/actions.d/actions_ntopng.conf to schedule from GUI
[update]
command:/usr/local/bin/ntopng-geoip2update.sh
parameters:
type:script
message:Updating ntopng GeoIP
description:Update ntopng GeoIP Database files
Replace the script currently in /usr/local/bin
Follow instructions on https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
Copy GeoIP.conf to /usr/local/etc (or any other location and specify it on command line)
Schedule script in cron
add to /usr/local/opnsense/service/conf/actions.d/actions_ntopng.conf to schedule from GUI
[update]
command:/usr/local/bin/ntopng-geoip2update.sh
parameters:
type:script
message:Updating ntopng GeoIP
description:Update ntopng GeoIP Database files
Pages1
