Messages

1

24.7 Production Series / Re: [SOLVED] Insight Aggregator not starting after upgrade

« on: October 06, 2024, 10:28:09 am »

Might I ask how you reset the netflow data?

EDIT: Sorry. Search first, than ask. Sorry.

Reporting --> Settings --> Reset Netflow Data.

2

20.1 Legacy Series / Error installing os-nut plug-in.

« on: May 03, 2020, 03:49:01 pm »

Hi,

Has anyone experienced errors while installing the os-nut plugin on opnsense 20.1? Apparently the installer can not find the directory /usr/local/etc/syslog.d/nut.

Code: [Select]

***GOT REQUEST TO INSTALL: os-nut***
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
os-nut: 1.7
nut: 2.7.4_13
neon: 0.30.2_4
net-snmp: 5.7.3_20,1

Number of packages to be installed: 4

The process will require 18 MiB more space.
3 MiB to be downloaded.
[1/4] Fetching os-nut-1.7.txz: . done
[2/4] Fetching nut-2.7.4_13.txz: .......... done
[3/4] Fetching neon-0.30.2_4.txz: .......... done
[4/4] Fetching net-snmp-5.7.3_20,1.txz: .......... done
Checking integrity... done (0 conflicting)
[1/4] Installing neon-0.30.2_4...
[1/4] Extracting neon-0.30.2_4: .......... done
[2/4] Installing net-snmp-5.7.3_20,1...
[2/4] Extracting net-snmp-5.7.3_20,1: .......... done
[3/4] Installing nut-2.7.4_13...
[b][3/4] Extracting nut-2.7.4_13: .......... done
cp: /usr/local/etc/syslog.d/nut: No such file or directory
pkg: POST-INSTALL script failed[/b]
[4/4] Installing os-nut-1.7...
[4/4] Extracting os-nut-1.7: .......... done
Stopping configd...done
Starting configd.
Migrated OPNsense\Nut\Nut from 0.0.0 to 1.0.3
Reloading plugin configuration
Configuring system logging...done.
Reloading template OPNsense/Nut: OK
=====
Message from net-snmp-5.7.3_20,1:

--
**** This port installs snmpd, header files and libraries but does not
     start snmpd by default.
     If you want to auto-start snmpd and snmptrapd:, add the following to
     /etc/rc.conf:

snmpd_enable="YES"
snmpd_flags="-a"
snmpd_conffile="/usr/local/share/snmp/snmpd.conf /etc/snmpd.conf"
snmptrapd_enable="YES"
snmptrapd_flags="-a -p /var/run/snmptrapd.pid"

**** You may also specify the following make variables:

NET_SNMP_SYS_CONTACT="zi@FreeBSD.org"
NET_SNMP_SYS_LOCATION="USA"
DEFAULT_SNMP_VERSION=3
NET_SNMP_MIB_MODULES="host smux mibII/mta_sendmail ucd-snmp/diskio"
NET_SNMP_LOGFILE=/var/log/snmpd.log
NET_SNMP_PERSISTENTDIR=/var/net-snmp

     to define default values (or to override the defaults).  To avoid being
     prompted during the configuration process, you should (minimally) define
     the first two variables. (NET_SNMP_SYS_*)

     You may also define the following to avoid all interactive configuration:

BATCH="yes"
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***
Thanks,

Erik

3

General Discussion / Re: Help with DHCP Static Mappings

« on: May 02, 2020, 03:36:50 pm »

Can relaying be the solution for your problem?

Erik

4

General Discussion / Re: migration von pfsense to opnsense

« on: May 02, 2020, 03:27:45 pm »

I'm in the same boat 

I'm planning to move from pfSense on old 32bits Deciso hardware to the DEC2640 hardware with opnsense installed on it.

From what I understood the pfsense xml configuration file differs from the opnsense xml configuration file. So exporting the xml config from pfSense and import it to opnsense will not work or at least will give unwanted results.

Even granular import of the pfsense xml configuration file into pfsense seems a bit risky to me.

I think I will do it manually. That is, my old firewall keeps on running until the new is fully configured. After that I make the switch by shutting down the old firewall and change the new firewall's LAN ip address to the IP address of my old firewall.

I'm also trying the Virtualbox solution as you suggested. But I'm having trouble getting the WAN interface running with the same configuration as on my pfSense box.

At least in this way I know what happens.

Erik

5

20.1 Legacy Series / Re: Test SMTP settings in monit?

« on: May 02, 2020, 02:26:29 pm »

I'm so sorry, the answer was already in my first post. 

In Services: Monit: Settings: AlertSettings [recipient] -> Mail format I filled in the following

Code: [Select]

from: [opnsense@domain_that_I_own]
reply-to: [my e-mail address]
subject: Monit Alert --  $EVENT
message: $EVENT Service $SERVICE

Date: $DATE
Action: $ACTION
Host: $HOST
Description: $DESCRIPTION

Your faithful employee,

Monit
Now it is working and upon monit start or restart I recieve an email as specified in mail format.

I'm sorry,

Erik

6

20.1 Legacy Series / [SOLVED] Test SMTP settings in monit?

« on: April 30, 2020, 02:29:44 pm »

Is it possible to test the SMTP settings entered in the Monit "Genral section"? In particular the settings entered in the section "Alert settings".

In pfSense there was a button "Test SMTP settings". Can something similar be done in OPNSense GUI or on the command line?

When I look in System -> Log files -> General I get the following message:

Code: [Select]

Mail: Mailserver response error -- 553 #5.1.8 Domain of sender address <monit@opnsense.mudcrawler.net> does not exist

Can I specify a sender address somewhere? monit@mudcrawler.net in stead of monit@opnsense.mudcrawler.net will do because the domain mudcrawler.net is existent.

In the monit documentation I can find:

Code: [Select]

set mail-format {
      from: Monit Support <monit@foo.bar>
  reply-to: support@domain.com
   subject: $SERVICE $EVENT at $DATE
   message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
            Yours sincerely,
            monit
 }
But in the file /usr/local/etc/monitrc I can not find this section. Moreover the header of this file says "DO NOT EDIT THIS FILE -- OPNsense auto-generated file"

Is it possible to change the from address somewhere?

Thanks,

Erik

7

General Discussion / Re: Trying to install OPNSense on Virtualbox on my laptop.

« on: April 27, 2020, 03:50:58 pm »

Hi,

I installed OPNSense in another configuration on VirtualBox. The first adapter I configured as a bridged adaptor. The second one, which will be the WAN interface, I configured as NAT. In this configuration I don't have these problems as stated in my initial post.

I ask this because I want to make the move from pfSense to OPNSense. But the above configuration does not reflect the actual configuration of my pfSense box.

Does anyone know if it is possible to use a second dedicated network adapter to make the WAN connection by PPPoE? I really want to try out OPNSense using the same configuration as on my actual pfSense box before buying my new DEC2640.

Many thanks.

Erik

8

General Discussion / Re: Trying to install OPNSense on Virtualbox on my laptop.

« on: April 24, 2020, 11:47:28 am »

Ok, I tried another solution. I disconnected the ethernet interface that connects to my provider modem and activated the wireless interface on my laptop. Then I configured the second adapter in the configuration of my opnsense virtual machine as NAT. I started the opnsense virtual machine again and changed the IPv4 Configuration Type of the WAN interface from PPPoE to DHCP. I restarted the virtual machine.

When using this configuration "Check for updates" is working. I installed the proposed updates and I also installed the os-virtualbox plugin. Then after a reboot I reverted back to the configuration in my initial post.

But no luck. "Check for updates" is still not working and I get the same warning (WARNING: attempt to domain_add(netgraph) after domainfinalize()) on my WAN interface.

It looks like I'm missing something here, but I don't know what.

Any ideas?

9

General Discussion / Trying to install OPNSense on Virtualbox on my laptop.

« on: April 23, 2020, 06:59:56 pm »

Hi,

I'm coming from pfSense and I am trying to setup OPNSense on on Virtualbox (version 6.1.6) on my laptop (Linux Mint 19.3) for testing and trying out.

The hardware setup is as follows. The internal ethernet interface on my laptop (enx18dbf260f245) connects to my home network (192.168.1.0/24) providing access to my home network on my laptop. This interface will also be the LAN interface in my opnsense virtual machine. The interface is configured as bridged adapter in the network configuration of my opnsense virtual machine.

Then I have an USB3.0 to ethernet adapter (enx60634c83dbf0) connected to my laptop. On my laptop I configured this interface as "Link-Local Only". This interface is connected to my providers modem which is in bridged mode. My provider uses PPPoE to connect to the Internet and I want the WAN interface of my opnsense virtual machine to connect directly using PPPoE like my current pfsense firewall does. This interface is also configured as bridged adapter in the network configuration of my opnsense virtual machine.

Code: [Select]

erik@laptop-erik:~$ ifconfig
erik@laptop-erik:~$ ifconfig
enx18dbf260f245: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.95  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::1adb:f2ff:fe60:f245  prefixlen 64  scopeid 0x20<link>
        ether 18:db:f2:60:f2:45  txqueuelen 1000  (Ethernet)
        RX packets 210463  bytes 236417027 (236.4 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 76578  bytes 13579199 (13.5 MB)
        TX errors 0  dropped 9 overruns 0  carrier 0  collisions 0

enx60634c83dbf0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 169.254.216.52  netmask 255.255.0.0  broadcast 169.254.255.255
        ether 60:63:4c:83:db:f0  txqueuelen 1000  (Ethernet)
        RX packets 703  bytes 204576 (204.5 KB)
        RX errors 104002  dropped 6  overruns 0  frame 0
        TX packets 870  bytes 125098 (125.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 5936  bytes 2405880 (2.4 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5936  bytes 2405880 (2.4 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.178.0.78  netmask 255.255.255.255  destination 10.178.0.77
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 1354  bytes 474104 (474.1 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1328  bytes 206076 (206.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

erik@laptop-erik:~$
Next I performed the install of opnsense. When this is finished I can access OPNSense virtual machine by its LAN IP address 192.168.1.1 with my browser. Then I walk through the setup wizard. In this wizard I configured the WAN interface's IPv4 Configuration Type as PPPoE and I filled in my PPPoE username and password just as I did on my pfSense box.

My WAN interface comes up and it get's a valid IP address from my provider. I also have a WAN gateway (WAN_PPOE) with a valid IP address from my provider.

On the console of the opnsense virtual machine I can ping hosts by IP and FQDN on the internet so local DNS works and there is connection to the Internet. This is the default route on the opnsense virtual machine:

Code: [Select]

root@opnsense:~ # route -n show default
   route to: 0.0.0.0
destination: 0.0.0.0
       mask: 0.0.0.0
    gateway: 91.182.112.1
        fib: 0
  interface: pppoe0
      flags: <UP,GATEWAY,DONE,STATIC>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1492         1         0
root@opnsense:~ #
However when I click Check for Updates I get "Timeout while connecting to the selected mirror." Also "Update from console" does not work.

Also I get this error message in the console hen the WAN interface is activated and every time I make changes to the WAN interface:

Code: [Select]

WARNING: attempt to domain_add(netgraph) after domainfinalize()
What am I doing wrong here?

Thanks,

Erik