Messages

I'm getting the following dependency errors after upgrading to 22.1, does any one know how to fix those issues? Also, internet is no longer working. Any help would be appreciated . Thanks.

Code Select Expand


***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 22.1 (amd64/OpenSSL) at Sat Jan 29 22:48:14 PST 2022
>>> Check installed kernel version
Version 22.1 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 22.1 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check for missing package dependencies
Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0
py37-pymongo has a missing dependency: python37
py37-pymongo has a missing dependency: py37-setuptools
py37-pymongo is missing a required shared library: libpython3.7m.so.1.0
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 65 dependencies to check.
Checking packages: ................................................................... done
***DONE***


Also, the following errors show up in the console / terminal:

Code Select Expand

FreeBSD/amd64 (OPNsense.localdomain) (ttgv8)

login: [ 849] iflib_netmap_config txr 1 rxr 1 txd 1824 rxd 1824
rbufsz 2848

[ 849] iflib_netmap_config txr 1 rxr 1 txd 1824 rxd 1824 rbufsz
2848

-m8: link state changed to DUNN

[ 849] iflib_netmap_config txr 1 rxr 1 txd 1824 rxd 1824 rbufsz
2848

-m8: link state changed to UP

reeBSDIamd64 (OPNsense.localdomain) (ttgv8)

login: 7

I'm also getting the same dependency errors after upgrading to 22.1, does any one know how to fix those issues?

Code Select Expand


***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 22.1 (amd64/OpenSSL) at Sat Jan 29 22:48:14 PST 2022
>>> Check installed kernel version
Version 22.1 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 22.1 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check for missing package dependencies
Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0
py37-pymongo has a missing dependency: python37
py37-pymongo has a missing dependency: py37-setuptools
py37-pymongo is missing a required shared library: libpython3.7m.so.1.0
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 65 dependencies to check.
Checking packages: ................................................................... done
***DONE***

Hello,

I updated to latest release  21.7.3_3 via WEB GUI and now it shows freeze errors on iflib_netmap_config
The internet connection for all devices no longer works either, somehow this bug is blocking internet access as well.

I did follow Franco advise for a similar report but even after reinstalling the kernel the issue still continues, very similar errors appear now in the console: https://forum.opnsense.org/index.php?topic=24136.msg115364#msg115364

any help to resolve this issue would be appreciated. thanks

Re: 21.7 freeze on netmap on APU4C
« Reply #5 on: July 31, 2021, 02:30:17 pm »

    Quote

What I mean was after 21.7 installation go to System: Firmware: GUI, "Packages" tab and under "kernel" in the right click "reinstall" button and let the system reboot. It will replace the bad kernel.


Cheers,
Franco

Logs: General ->
---------------------------
Date
   
Process
   
Line
   
2021-10-02T01:18:46   kernel   726.557971 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:18:44   kernel   723.977224 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:18:44   kernel   723.975628 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:18:02   kernel   682.446938 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:18:01   kernel   681.205899 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:17:24   kernel   em1: netmap queues/slots: TX 1/1024, RX 1/1024   
2021-10-02T01:17:24   kernel   em0: netmap queues/slots: TX 1/1024, RX 1/1024   
2021-10-02T01:17:24   kernel   000.000052 [4344] netmap_init netmap: loaded module   
2021-10-02T01:15:03   kernel   503.089146 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048   
2021-10-02T01:15:00   kernel   500.131428 [ 853] iflib_netmap_config txr 1 rxr 1 txd 1024 rxd 1024 rbufsz 2048

Hi @mb,

Since I haven't received a response, I had to post the questions here, some of the tickets numbers below:

March/4/2021
Your request (2262) has been received and is being reviewed by our support staff.

Your request (1282) has been updated
Request #1281 "MongoDB error" was closed and merged into this request #1282

I've been waiting for months to see if Sensei finally has the common courtesy to reply to my tickets and to fix the ongoing bugs and releases basic features advertised in the paid subscription. Sensei support closed tickets as resolved but there was no resolution and you never provided a clear response.

what is the status of the following issues? MongoDB continues crashing even with latest Sensei release.

I agree with Matt about the following: there is no software free of bugs. However, I haven't been the only user who has reported issues with mongodb and basic functionalities. In the opnsense / sensei forum there are other users who have reported MongoDB issues.
Your response doesn't provide clear responses regarding the major Sensei bugs and basic missing features that are being advertised in the paid subscription and are still not fully working. There is another ticket about that and as shown below response was that it was going to be added in a future release..

1) The ongoing mongodb issues, that makes the Sensei reporting unreliable as it only logs a few days, and after logs increase then mongodb error shows up and user has to reset logs to get the Sensei reporting to work again.
2) Customized Landing Pages for Blocked Sessions with Sensei Premium for HTTP AND HTTPS.
3) Fully working Sensei with latest version of OPNSense.

When are at least these ongoing issues/bugs going to be fully resolved?

Also in regards to item 3) about working landing pages you claimed it was going to be available on Q3 2020, it is already Q1 2021 and the issue is still unresolved:


"Thanks for reaching out and letting us know about your problem.

This occurs in the https connection. Https connections can be only resetting, can not be redirecting a landing page without TLS inspection. Full TLS inspection has been implemented in the packet engine. It'll take some time for us to roll out this functionality.

We hope to make it available in Q3 2020."

Pretty much as the subject states.
Update: Installed latest update and issue is still happening with both versions 21.1.3 and 21.1.4 updates.
After the updates it hasn't been possible to start Outbound service.

Unbound was working fine before update, updated fine, but then noticed that Unbound service stops more details below, it seems that crash happened at 2021-03-29T11:56:32. I tried to restart Unbound service via the GUI and also via the command line but it does not start it keeps showing the same errors in the logs. There could be a bug or a change introduced in: 21.1.X.
Anybody else experiencing these Unbound issues? Any help would be appreciated . Thanks.

Relevant logs:

--------------System: Log Files: General

2021-03-29T11:56:48   opn[51204]   plugins_configure dns (execute task : unbound_configure_do())   
2021-03-29T11:56:48   opn[51204]   plugins_configure dns (execute task : dnsmasq_configure_do())   
2021-03-29T11:56:48   opn[51204]   plugins_configure dns ()

2021-03-28T08:40:22   opn[74115]   /status_services.php: The command '/usr/local/opn/scripts/dns/unbound_dhcpd.py --domain 'localdomain'' returned exit code '1', the output was 'Unable to lock on the pidfile.'   
2021-03-28T08:40:10   opn[37810]   plugins_configure local (execute task : unbound_configure_do(1))

--------------Services: Unbound DNS: Log File


2021-03-29T11:56:34   unbound[50553]   [50553:0] info: server stats for thread 0: requestlist max 16 avg 0.116428 exceeded 0 jostled 0   
2021-03-29T11:56:34   unbound[50553]   [50553:0] info: server stats for thread 0: 7886 queries, 2568 answers from cache, 5318 recursions, 136 prefetch, 0 rejected by ip ratelimiting   
2021-03-29T11:56:32   unbound[50553]   [50553:0] info: service stopped (unbound 1.13.1).   
2021-03-29T11:55:57   unbound[50553]   [50553:0] debug: outnettcp got tcp error -1   
2021-03-29T11:55:55   unbound[50553]   [50553:1] debug: outnettcp got tcp error -1   
2021-03-29T11:55:47   unbound[50553]   [50553:0] debug: cache memory msg=527014 rrset=786732 infra=8306 val=188403

--------------System: Log Files: Backend
021-03-29T11:56:47   configd.py[25356]   [38cc3306-075e-44ec-b0fe-734656d56e9a] generate template opn/Filter   
2021-03-29T11:56:47   configd.py[25356]   [9526cb0d-6f86-4d0b-9ba5-20ed2131174d] Reloading filter   
2021-03-29T11:56:45   configd.py[25356]   [f956f100-e7ac-4a49-87f0-81f268c930f6] Linkup stopping em1   
2021-03-29T11:56:39   configd.py[25356]   message 28987af7-4113-4827-a230-21924c2a5e6d [unbound.start] returned Error (1)   
2021-03-29T11:56:39   configd.py[25356]   [28987af7-4113-4827-a230-21924c2a5e6d] returned exit status 1   
2021-03-29T11:56:37   configd.py[25356]   message b3fa47bd-a9a5-4742-acd0-ef4bf7866755 [filter.refresh_aliases] returned {"status": "ok"}   
2021-03-29T11:56:37   configd.py[25356]   [b3fa47bd-a9a5-4742-acd0-ef4bf7866755] refresh url table aliases   
2021-03-29T11:56:37   configd.py[25356]   opn/Filter generated //usr/local/etc/filter_geoip.conf   
2021-03-29T11:56:37   configd.py[25356]   opn/Filter generated //usr/local/etc/filter_tables.conf   
2021-03-29T11:56:37   configd.py[25356]   generate template container opn/Filter   
2021-03-29T11:56:37   configd.py[25356]   [36546d50-6d27-46b9-9352-4d5ec7290f11] generate template opn/Filter   
2021-03-29T11:56:36   configd.py[25356]   [73af3980-9bdf-4c26-91e0-e47479200ed8] Reloading filter   
2021-03-29T11:56:34   configd.py[25356]   [28987af7-4113-4827-a230-21924c2a5e6d] Start Unbound   
2021-03-29T11:56:32   configd.py[25356]   opn/Unbound/* generated //var/unbound/root.hints   
2021-03-29T11:56:32   configd.py[25356]   opn/Unbound/* generated //var/unbound/etc/miscellaneous.conf   
2021-03-29T11:56:32   configd.py[25356]   opn/Unbound/* generated //var/unbound/etc/dot.conf   
2021-03-29T11:56:32   configd.py[25356]   opn/Unbound/* generated //var/unbound/etc/blacklists.ini   
2021-03-29T11:56:32   configd.py[25356]   generate template container opn/Unbound/core   
2021-03-29T11:56:32   configd.py[25356]   [13fb3116-b6d8-4544-ad8b-57845529430a] generate template opn/Unbound/*   
2021-03-29T11:56:31   configd.py[25356]   message ace7adae-a5de-406b-a861-fd658c573f9d [filter.refresh_aliases] returned {"status": "ok"}

Hello, I have latest version of opnsense already installed in a VirtualBox VM and it is working.

Internet WAN -> Modem -> Opnsense device (Ethernet port) LAN -> USB Ethernet adapter (usb connected to Opnsense device and Ethernet to WAN Ethernet port of router) -> Router ( multiple devices connected to it via Ethernet LAN ports and WiFi)

However, there are some issues with Sensei and IDS/IPS that need to be fixed:

1) All the web traffic in opnsense has the same WAN IP from router, so it makes it look that there is only one device connected to the network. I need to see in the Sensei and IDS traffic logs exactly the IP of the device in the network (I.e printer, PC etc..) that generates the traffic. For example, if a user using a smartphone goes to Facebook, I need to see the IP of the smartphone, not the WAN IP of the router.
2) Snort rules are not getting triggered, there are several ERR INVALID SIGNATURE in the IDS logs. Also, the GeoIP settings have an issue, the country flags are not showing up in the logs maxmind was already added to the geoip settings. :-\
I also have ET telemetry and some of the rules work but many of those rules are empty, it seems that ET Telemetry doesn't have the same rulesets as ET PRO.

Does anyone know how fix these issues? I'd appreciate your help. Thanks

Hello, I have latest version of opnsense already installed in a VirtualBox VM and it is working.

Internet WAN -> Modem -> Opnsense device (Ethernet port) LAN -> USB Ethernet adapter (usb connected to Opnsense device and Ethernet to WAN Ethernet port of router) -> Router ( multiple devices connected to it via Ethernet LAN ports and WiFi)

However, there are some issues with Sensei and IDS/IPS that need to be fixed:

1) All the web traffic in opnsense has the same WAN IP from router, so it makes it look that there is only one device connected to the network. I need to see in the Sensei and IDS traffic logs exactly the IP of the device in the network (I.e printer, PC etc..) that generates the traffic. For example, if a user using a smartphone goes to Facebook, I need to see the IP of the smartphone, not the WAN IP of the router.
2) Snort rules are not getting triggered, there are several ERR INVALID SIGNATURE in the IDS logs. Also, the GeoIP settings have an issue, the country flags are not showing up in the logs maxmind was already added to the geoip settings. :-\
I also have ET telemetry and some of the rules work but many of those rules are empty, it seems that ET Telemetry doesn't have the same rulesets as ET PRO.

Does anyone know how fix these issues? I'd appreciate your help. Thanks