Messages

Can report success on a Protectli v1410! I downloaded the 1MB firmware from the BillyCurtis github page and extracted the freebsd nvmeupdate64e executable from a recent firmware update from the intel website (used intel 830 series firmware update package).

I am curious :

Did you contact Protectli first and tried to get the update from them directly ?
If so : What did they say ?

I didn't ask them.

Can report success on a Protectli v1410! I downloaded the 1MB firmware from the BillyCurtis github page and extracted the freebsd nvmeupdate64e executable from a recent firmware update from the intel website (used intel 830 series firmware update package). Contents of nvm.cfg:

CURRENT FAMILY: 1.0.0
CONFIG VERSION: 1.20.0

; NIC device
BEGIN DEVICE
DEVICENAME: Intel(R) Ethernet Controller I226-V
VENDOR: 8086
DEVICE: 125C
SUBVENDOR: 8086
SUBDEVICE: 0000
NVM IMAGE: FXVL_125C_V_1MB_2.32.bin
EEPID: 80000425
RESET TYPE: REBOOT
REPLACES: 80000286
END DEVICE

I updated using ssh on the live system, starting with unused igc3 using command (replace x'es with the mac address, remove the colons ":")

Code Select Expand

sudo ./nvmupdate64e -b -l igc3.log -m xxxxxxxxxxxx -f -u -c nvm.cfg
After updating igc0 (LAN) I ofcourse lost access. I waited for 30 seconds then pulled the power, again waited 30 seconds as recommended and powered it back on. All firmware successfully updated from EEPROM V2.13-0 eTrack 0x80000286 to EEPROM V2.32-0 eTrack 0x80000425.

I noticed that the backups made by the tool are 2MB, not 1MB, so cannot directly be used to restore if anything goes wrong. You can probably truncate them back to 1MB and flash them, but I haven't had a need to try. Everything seems to works fine.

Thanks @BrandyWine !

Didn't check for changes but the recommendation is to update root hints every 6 months.

UPDATE: never mind, network configuration error (upstream firewall still had DNS redirects)
Only valid comment is that the root.hints could use an update. Hints delivered with 25.7 are from 2023.

I'm very excited about installing the new OPNsense 25.7 on my new firewall, so I decided to start from scratch. I think I have found a bug.

After a clean install I run the setup wizard, disable the Override DNS setting and DO NOT configure a DNS server. I am expecting unbound to go out and contact root servers configured in /var/unbound/root.hints but instead unbound is throwing a SERVFAIL:

root@opntest:~ # drill . ns
;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 43209
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; .    IN      NS

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 3 msec
;; SERVER: 127.0.0.1
;; WHEN: Sat Jul 26 09:33:57 2025
;; MSG SIZE  rcvd: 17

What am I missing?

Btw; unrelated, the root.hints could use an update. Hints delivered with 25.7 are from 2023.

I would like to +1 this request. Recently migrated from pfSense to OPNsense and really like OPNsense a lot. But Monitoring is one of the features that works much easier and more intuitive in pfSense.

An easy way to setup e-mail and Telegram notifications would be very much appreciated. Monit seems extremely versatile, but it is difficult to understand as a new user. E.g. I would like to be notified if someone succesfully connects to Wireguard. Can't figure it out (yet).

Hi, I've successfully setup my OPNsense firewall as a wireguard client. My VPN provider provides many servers, so I have configured multiple under "endpoints". OPNsense allows me to enable multiple, but it will always send traffic to the first enabled in the list.

Is there any way to periodically switch automatically between VPN servers?