OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of aefainoh »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - aefainoh

Pages: [1]
1
General Discussion / Lots of firewall logs for lo0 in live view
« on: May 01, 2020, 04:13:40 am »
I've noticed recently that opnsense is logging a lot of accepted connections on lo0 and also in this case NTP connections to itself.  I have not noticed this in the past.  Is this something that was changed recently or is it possible I've misconfigured something to produce this extra logging?  Is there a way to exclude a specific RID, or interface?

I've included a sample screenshot of the logs I am seeing, there are several logs per second for lo0 most of which seem to be for ntp.  It's quite difficult to see anything else in live view.

2
General Discussion / dynv6 with dhcpv6 (using TSIG keys) to auto add AAAA records for all leases
« on: April 23, 2020, 04:19:03 am »
Has anyone ever used TSIG keys with dynv6 (or any dynamic dns service) under the `Dynamic DNS` section of the DHCPv6 server configuration?  The path is /services_dhcpv6.php?if=lan.  Not the regular dynv6 configuration at /services_dyndns.php.

I can't seem to get it to work although everything suggests it probably should.  Dynv6 has an nsupdate example here: https://dynv6.com/docs/apis#dns-update .  Opnsense's config is very similar as far as I can tell.

The first issue I ran into is that the key name looks like `_XXXXXX._tsig.dynv6.com`.  It appears that the string needs to be quoted in the /var/dhcpd/etc/dhcpdv6.conf file generated by that configuration page because of the underscores but it isn't by default.

The next problem is that even if I hack together a working config file and start the service it never actually updates anything or uses the key and I can't seem to figure out where logs would be to start debugging it.  Maybe there is a way to turn on logging for that specific service that I'm missing?

It's also possible that I have completely misunderstood how this feature is suppose to work.  There isn't a lot of documentation that I could find but if someone knows please feel free to point me in the right direction.

I have been able to update dynv6's records using the regular http api and the built in dynv6 option in /services_dyndns.php however I'd like to create records for individual hosts.  I do realize that I could run nsupdate or some other utility on the host itself but I think the above should work as well.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2