1
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
24.1 Legacy Series / Re: 24.1_1 upgrade Webgui not working after reboot
« on: February 06, 2024, 08:15:33 am »
Maybe this is issue on reboot?
https://forum.opnsense.org/index.php?topic=38593.msg188923#msg188923
https://forum.opnsense.org/index.php?topic=38593.msg188923#msg188923
3
24.1 Legacy Series / Webconfigurator fails start when bound to interface with DHCPv6
« on: February 04, 2024, 11:34:31 am »
When binding the webconfigurator to an interface using DHCPv6 it fails to start on boot.
This is because the rc.restart_webgui script runs before the interface is fully configured.
changed the startup of the configurator in /usr/local/etc/inc/plugins.in.d/webgui.inc:
mwexec('/sbin/ifconfig vtnet0 >/tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1; /bin/sleep 5; /sbin/ifconfig v
tnet0 >> /tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1'
And found:
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 tentative scopeid 0x1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
2024-02-04 11:32:23: (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/network.c.588) bind() [fe80::5054:1ff:fe23:4a58]:443: Can't assign requested address
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 scopeid 0x1
inet6 2a02:a452:42e8:f00f:5054:1ff:fe23:4a58 prefixlen 64 autoconf
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Current workaround is to have the webgui startup sleep for a few seconds
This is because the rc.restart_webgui script runs before the interface is fully configured.
changed the startup of the configurator in /usr/local/etc/inc/plugins.in.d/webgui.inc:
mwexec('/sbin/ifconfig vtnet0 >/tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1; /bin/sleep 5; /sbin/ifconfig v
tnet0 >> /tmp/vtnet0; /usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf >>/tmp/vtnet0 2>&1'
And found:
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 tentative scopeid 0x1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
2024-02-04 11:32:23: (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/network.c.588) bind() [fe80::5054:1ff:fe23:4a58]:443: Can't assign requested address
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether 52:54:01:23:4a:58
inet 10.0.29.50 netmask 0xffffff00 broadcast 10.0.29.255
inet6 fe80::5054:1ff:fe23:4a58%vtnet0 prefixlen 64 scopeid 0x1
inet6 2a02:a452:42e8:f00f:5054:1ff:fe23:4a58 prefixlen 64 autoconf
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Current workaround is to have the webgui startup sleep for a few seconds
4
20.7 Legacy Series / Re: PHP script killing system (/usr/local/opnsense/scripts/dhcp/prefixes.php)
« on: December 02, 2020, 12:04:39 pm »
System info:
OPNsense 20.7.5-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
Intel(R) Atom(TM) CPU C2750 @ 2.40GHz (8 cores) / 16GB
OPNsense 20.7.5-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
Intel(R) Atom(TM) CPU C2750 @ 2.40GHz (8 cores) / 16GB
5
20.7 Legacy Series / PHP script killing system (/usr/local/opnsense/scripts/dhcp/prefixes.php)
« on: December 02, 2020, 11:08:22 am »
What is this script doing exactly, and why is it consistently killing my system? The amount of process taking up 100% keeps increasing and I have to kill them hard and restart the webgui.
last pid: 81341; load averages: 6.35, 6.13, 4.90 up 1+18:53:05 11:01:04
108 processes: 8 running, 99 sleeping, 1 zombie
CPU: 90.3% user, 0.0% nice, 7.7% system, 0.5% interrupt, 1.5% idle
Mem: 935M Active, 4174M Inact, 2180M Wired, 1136M Buf, 9530M Free
Swap: 8192M Total, 8192M Free
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
67960 root 1 100 0 180M 139M CPU5 5 6:10 99.03% php
15771 root 1 92 0 180M 139M CPU4 4 0:12 98.95% php
66050 root 1 102 0 180M 139M CPU1 1 10:09 98.93% php
3542 root 1 102 0 180M 139M CPU2 2 14:17 98.38% php
40170 root 1 101 0 180M 139M CPU6 6 20:48 96.21% php
58530 root 1 101 0 180M 139M CPU0 0 16:40 95.19% php
ps aux |grep php
root 3542 100.0 0.9 184008 142104 - R 10:46 14:59.09 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 40170 100.0 0.9 184008 142104 - R 10:39 21:29.53 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 58530 100.0 0.9 184008 142108 - R 10:44 17:22.13 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 67960 100.0 0.9 184008 142108 - R 10:54 6:51.40 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 15771 99.6 0.9 184008 142116 - R 11:00 0:53.80 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 66050 99.4 0.9 184008 142100 - R 10:50 10:51.01 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
last pid: 81341; load averages: 6.35, 6.13, 4.90 up 1+18:53:05 11:01:04
108 processes: 8 running, 99 sleeping, 1 zombie
CPU: 90.3% user, 0.0% nice, 7.7% system, 0.5% interrupt, 1.5% idle
Mem: 935M Active, 4174M Inact, 2180M Wired, 1136M Buf, 9530M Free
Swap: 8192M Total, 8192M Free
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
67960 root 1 100 0 180M 139M CPU5 5 6:10 99.03% php
15771 root 1 92 0 180M 139M CPU4 4 0:12 98.95% php
66050 root 1 102 0 180M 139M CPU1 1 10:09 98.93% php
3542 root 1 102 0 180M 139M CPU2 2 14:17 98.38% php
40170 root 1 101 0 180M 139M CPU6 6 20:48 96.21% php
58530 root 1 101 0 180M 139M CPU0 0 16:40 95.19% php
ps aux |grep php
root 3542 100.0 0.9 184008 142104 - R 10:46 14:59.09 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 40170 100.0 0.9 184008 142104 - R 10:39 21:29.53 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 58530 100.0 0.9 184008 142108 - R 10:44 17:22.13 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 67960 100.0 0.9 184008 142108 - R 10:54 6:51.40 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 15771 99.6 0.9 184008 142116 - R 11:00 0:53.80 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
root 66050 99.4 0.9 184008 142100 - R 10:50 10:51.01 /usr/local/bin/php /usr/local/opnsense/scripts/dhcp/prefixes.php
6
20.7 Legacy Series / Re: Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
« on: August 07, 2020, 07:12:59 pm »
Unfortunately the issue persists with the supplied test kernel. It must have been a different bug and commit that fixes this. Most likely:
https://github.com/freebsd/freebsd/commit/63bc20993b4f570ff1a7c45b5dead0109768d494#diff-c9065ed6e74837c7cb1ded9eb39e7fb9
https://github.com/freebsd/freebsd/commit/63bc20993b4f570ff1a7c45b5dead0109768d494#diff-c9065ed6e74837c7cb1ded9eb39e7fb9
7
20.7 Legacy Series / Re: Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
« on: August 07, 2020, 03:01:38 pm »
Issue was fixed a few weeks ago, and no longer exists in FreeBSD latest snapshot kernel.
https://svnweb.freebsd.org/base?view=revision&revision=362472
The hardened BSD kernel in use by opnsense however still suffers from this rather nasty bug, rendering multicast pretty much unusable. I took the liberty of opening a PR for their stable branch, but don't know whether they'll accept it.
Is there any documentation for compiling a custom kernel to use with opnsense? I would rather go that route than downgrading to 20.1. Hardned BSD dev branch is up to date with FreeBSD, last merge there was a few days ago.
https://svnweb.freebsd.org/base?view=revision&revision=362472
The hardened BSD kernel in use by opnsense however still suffers from this rather nasty bug, rendering multicast pretty much unusable. I took the liberty of opening a PR for their stable branch, but don't know whether they'll accept it.
Is there any documentation for compiling a custom kernel to use with opnsense? I would rather go that route than downgrading to 20.1. Hardned BSD dev branch is up to date with FreeBSD, last merge there was a few days ago.
8
20.7 Legacy Series / Multicast / igmpproxy broken in 20.7 (FreeBSD 12)
« on: August 07, 2020, 12:39:34 pm »
I discovered a pretty serious issue with multicast in version 20.7 / FreeBSD 12. Multicast groups are joined, but never left. This causes streams to keep running indefinitely and can quickly saturate upstream links.
I am currently in the process of rewriting / overhauling the igmpproxy source code and discovered this issue after upgrading my opnsense installation from 20.1 to 20.7. After testing using stock installatins, I established the issue is present since FreeBSD 12, up to the most recent stable p8 release.
I have opened up a bug report with FreeBSD:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248512
For now I would advice anybody using multicast routing / igmpproxy to stay away from 20.7.
I am currently in the process of rewriting / overhauling the igmpproxy source code and discovered this issue after upgrading my opnsense installation from 20.1 to 20.7. After testing using stock installatins, I established the issue is present since FreeBSD 12, up to the most recent stable p8 release.
I have opened up a bug report with FreeBSD:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248512
For now I would advice anybody using multicast routing / igmpproxy to stay away from 20.7.
9
20.1 Legacy Series / Re: Geoip and Ntopng
« on: July 28, 2020, 01:38:59 pm »Shall we pack this in the plugin itself?
Sure, feel free to do so
10
20.1 Legacy Series / Re: Geoip and Ntopng
« on: July 28, 2020, 10:29:25 am »
Attached an updated version of ntopng-geoip2update.sh
Replace the script currently in /usr/local/bin
Follow instructions on https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
Copy GeoIP.conf to /usr/local/etc (or any other location and specify it on command line)
Schedule script in cron
add to /usr/local/opnsense/service/conf/actions.d/actions_ntopng.conf to schedule from GUI
[update]
command:/usr/local/bin/ntopng-geoip2update.sh
parameters:
type:script
message:Updating ntopng GeoIP
description:Update ntopng GeoIP Database files
Replace the script currently in /usr/local/bin
Follow instructions on https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
Copy GeoIP.conf to /usr/local/etc (or any other location and specify it on command line)
Schedule script in cron
add to /usr/local/opnsense/service/conf/actions.d/actions_ntopng.conf to schedule from GUI
[update]
command:/usr/local/bin/ntopng-geoip2update.sh
parameters:
type:script
message:Updating ntopng GeoIP
description:Update ntopng GeoIP Database files
Pages: [1]