Messages

Hello,

after upgrading to the 24 release and Squid 6.6 the tls filtering stopped working for me. As soon as I enable the tls filtering, every connection gets bumped, nonetheless the config and in the cache log the following error message shows up or every connection:

kid1| ERROR: failure while accepting a TLS connection on conn3061 local=x.x.x.x:443 remote=x.x.x.x:34312 FD 38 flags=33: SQUID_TLS_ERR_ACCEPT+TLS_LIB_ERR=A000416+TLS_IO_ERR=1

As soon as I uncheck the 'Enable SSL inspection' option within the forward proxy tab, squid starts working correctly.

Any ideas?

Bests,
F00d3r

Hi all,

my IPsec S2S's stopped working without any changes on the IPsec itself.

The only issues I ran into was I think a memory leak in the maltrail plugin which caused my system to go down with the following error: kernel: swap_pager_getswapspace(32): failed (around 1k entries before the party was over)
32GB RAM and 32GB swap.
After disabling the maltrail plugin the system is stable again.

So back to the IPsec.
I'm getting the following error in the syslog:

ipsec_starter[60385]: no files found matching '/usr/local/etc/ipsec.opnsense.d/*.conf'

IPsec log:

charon: 07[IKE] <1921> no IKE config found for *.*.*.* , sending NO_PROPOSAL_CHOSEN

I tried deleting and recreating the S2S but it doesn't have any effect.
The S2S phase2 are all Tunnel IPv4. No route-based ones.

Any idea?

Bests,
F00d3r