Messages

1

24.7 Production Series / Zenarmor stopped working

« on: June 15, 2024, 12:20:08 am »

I upgraded and had issues with zenarmor. For whatever reason, I could not get the cloud agent or other components to work, including a complete reinstall of zenarmor. I didnt dive deep into the issue, performed some basic troubleshooting, but it was just easier to reinstall.

Otherwise, the upgrade went smooth, and everything else appeared to work as it should.

I did a fresh install to latest stable, everything is back to normal.

2

22.7 Legacy Series / Getting NUT to work via USB cable connection

« on: November 22, 2022, 04:28:15 pm »

Hello,

I have an APC-BN1500M2 UPS connected to my OPNsense box via the UPS supplied usb cable. I've added NUT from the packages repo, and attempted to configure it as a 'standalone'  with defaultt listen address (though shouldn't need that for USB?).

Under UPS TYPE extra arguments is port=auto. I've tried USBHID,  BlazerUSB, APCSMART-DRIVER and no dice.

Under services nut_upsmon starts, but nut_daemon will not start.

Backend:
022-11-22T09:54:50-05:00   Error   configd.py   [934eb004-eebf-4a8e-99d5-8538a71af61a] Script action failed with Command '/usr/local/bin/upsc 'BN1500M2@127.0.0.1'' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 482, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/bin/upsc 'BN1500M2@127.0.0.1'' returned non-zero exit status 1.

General:
2022-11-22T09:53:47-05:00   Error   upsmon   UPS [BN1500M2]: connect failed: Connection failure: Operation timed out   
2022-11-22T09:52:27-05:00   Notice   upsmon   UPS BN1500M2 is unavailable



https://www.apc.com/us/en/product/BN1500M2/apc-backups-pro-1500va-120v-avr-lcd-2-usb-charging-ports-10-nema-outlets-4-surge/

Thanks.

3

22.7 Legacy Series / Re: Does not seem to Proceed to install 22.7

« on: July 30, 2022, 02:42:01 pm »

Uh...


It sucks it has to be this way, but I am simply going to roll with 22.1.10_4 until I unlazy myself and just do a fresh install.

4

22.7 Legacy Series / Re: Does not seem to Proceed to install 22.7

« on: July 30, 2022, 12:54:15 am »

@Lynxcat - Is it possible to explain the process to proceed to the upgrade? ELI5 if possible. Thanks.

5

22.7 Legacy Series / Re: Does not seem to Proceed to install 22.7

« on: July 29, 2022, 10:43:19 pm »

I am having the same issue, was offer the upgrade, upgraded, however, still stuck at 22.1.10*. Selected check updates again, offered upgrade, upgraded, still at 22.1.10*. Checked upgrade again, offered to upgrade the kernel only.

However, nothing is actually upgrading except the kernel.

What say you @Franco? How do I fix this?

Code: [Select]

***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 22.1.10_4 (amd64/OpenSSL) at Fri Jul 29 16:40:06 EDT 2022
>>> Check installed kernel version
Version 22.7 is incorrect, expected: 22.1.9
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 22.1.9 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
SunnyValley
OPNsense
>>> Check installed plugins
os-api-backup 1.0_1
os-ddclient 1.8
os-dmidecode 1.1_1
os-dyndns 1.27_3
os-hw-probe 1.0_1
os-sensei 1.11.4
os-sensei-agent 1.11.3
os-sensei-updater 1.11
os-smart 2.2
os-sunnyvalley 1.2_2
os-theme-cicada 1.29
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 66 dependencies to check.
Checking packages: ....................................

Thanks.

6

21.7 Legacy Series / Some widgets in the dashboard overlap or underlap if "6" columns are selected.

« on: November 21, 2021, 05:04:42 pm »

Hello,

I was wondering if there is a way to fix overlapping/under lapping in the dashboard by certain widgets if you select "6" columns?

In my case, the zen armorer "sensie" widget will overlap any widget to its left if its the farthest widget to the right, or will under lap if its to the left of any widget.

This does not happen if I select "4" or less columns.

Is there a way I can edit the widgets attributes in its HTML or other means to change the widgets shape? Or is it possible to make the widget conform to the widget space?

I have a 28" 4k monitor with plenty of real estate.

Also, curious as to why the widget space skips 5 and has 1,2,3,4,6 columns? It seems to me, the more columns, the smaller the width/padding given to each column, which is why there is an issue with '6', but not '4' and below. I suspect, the issue would not be present if there was a '5th' column as it would have enough space/padding for the widgets. However, it would be nice if each widget could have attributes to change its width and height.

Obviously not a serious issue, but I do look at my dashboard for information like the RSS feed for updates and monitor the CPU temps, hard drive status, and WAN/LAN connection status. So, the dash board is helpful in real world scenarios.

Screen shot via imgur URL: https://imgur.com/a/76aXR3o

OPNsense browse screen shot: https://imgur.com/mYrsZRP

Monitor System Properties: https://imgur.com/0Xg4eJw

Thanks again!

7

21.7 Legacy Series / Re: Unbound with DNS-Over-TLS

« on: September 01, 2021, 10:51:06 pm »

Hi OnTheGrind,

    I followed the instructions from here and it worked fine https://homenetworkguy.com/how-to/configure-dns-over-tls-unbound-opnsense/

   Let me know if it works for you.

Bye...

I followed that website, double checked the router settings, computer, and browser (addons, privacy, etc). I believe its working now according to cloudflare. Their website now says "YES" for DNS-over-TLS via https://cloudflare-dns.com/help/ . Pic attached

I think my computer DNS was overriding the unbound. Since when you make a request in your browsers, the first DNS value checked is the computers.

Thank you for the reply. Thank you for the help. You forced me to go over everything again with fresh eyes and lack of frustration.

@OnTheGrind
It looks good to me (I've also attached my 'Advanced' and 'DoT' config.

@muchacha_grande
That's a previous OPNsense release and the Unbound settings have now slightly changed

Filled in or removed anything not matching, Including adding QUAD 9 and switching to 1.0.0.2 and 1.1.1.2. It seems to be working now via attached picked. But now my OCD is like, how do I enable DoH?

Thanks for the reply.

I'm using Unbound with DNSoverTLS in a different way but works without problem.
It is a more convoluted way. I'm using a pi-hole in front of the clients but can work without it.
Apart from that the main difference is that I use mimugmail's repo to make Unbound's additional "custom options" AND dyndns for Stubby. Stubby is the part of it that allows a lot of DoT options that are not in OPN UI.

If all you are missing are the "custom field" options then all you need is mimugmail's repo and that field brings it back.

I'm looking at Stubby right now. Interesting. I was finally able to get it to work. Thanks for the reply.



https://ibb.co/ggQKnrn

8

21.7 Legacy Series / Unbound with DNS-Over-TLS (SOLVED)

« on: September 01, 2021, 06:18:23 pm »

Hello,

I've trying to follow the directions and tutorials written to set this up (including searching this forum). However, the directions always get to the part where you enter information in the "Custom Field". This option no longer exists in V 21.7, so I am unsure how to proceed past this.

If its possible for anyone to check my current setup via attached pics to make sure its correct up to this point, then clarify the steps right where the custom box happens, I would greatly appreciate it. I'd like to get DNS-over-TLS working with cloudflare/1.1.1.1 as a practical matter and learning experience.

Trying to and prefer to use 1.1.1.2 and 1.0.0.2 since my wife uses windows work laptops at home and this is supposed to help block malware. However, I am not sure if this block supports DNS over TLS like 1.1.1.1 and 1.0.0.1.

Thanks for reading at least.

Here is hardware probe (if needed for whatever reason): https://bsd-hardware.info/?probe=2e846a7ec4

Question with this: Is no communication controller driver a serious issue? Obviously its working despite. Thanks.

Attached screenshots of current General DNS and Services Unbound pages that are relevant via IMGBB.com due to image limits sizes and amount on the board.

System -> Settings -> General -> https://ibb.co/6WwfLch

Services -> DHCPv4 -> LAN -> https://ibb.co/d6mJW5H
Services -> DHCPv4 -> LAN -> https://ibb.co/VMXnz7J

Services -> Unbound -> General -> https://ibb.co/DRbHSR8
Services -> Unbound -> Advanced -> https://ibb.co/WNhQ63P
Services -> Unbound -> Advanced -> https://ibb.co/pyMYqMS
Services -> Unbound -> DNS-Over-TLS -> https://ibb.co/GCQWmRZ

Album -> https://ibb.co/album/21b330



Thank you.

9

Hardware and Performance / Re: i3-10100 Build

« on: January 22, 2021, 09:16:36 pm »

I just got a dell inspiron 3880 refurbished from the Dell outlet.

I3 10100
4Gb Ram
1TB 7200rpm hdd.
1yr on site warranty

Was $250~.

Added another 4gb stick, i350t2, 32gb name m2 ssd for os.

A little over $300 invested.

Just got the box delivered haven't installed opnsense yet.

I'm co fident the 10100 can do my gig line with 3 or 4 uses and IPS/IDS.

If not.. shouldn't be a huge hit/loss.

How's it working for you?

10

Hardware and Performance / Re: 1Gb with IPS / help me decide

« on: January 22, 2021, 09:07:53 pm »

I thought I was ballin' with my 10th gen i3 10100. Epic based router. That thing could route the traffic for Google.

All jokes aside thats a hefty boi.

11

Hardware and Performance / Re: newbie hardware recomendations

« on: January 22, 2021, 08:54:38 pm »

I don't know if dell has a European presence.

But I just got a refurbished inspiring 3880 for $250.00 USD from their outlet store.

Came with a 1 year on site repair warranty.

i3 10100 (4c/8t/HT) 3.6Ghz w/ 4.3Ghz Turbo 65watt
4Gb 2666 Mhz
1TB 7200 RPM HDD
1Gb onboard NIC

I bought an i350t2 NIC for $40, a 32Gb Nvme SSD for $25, and a 4gb 2666 stick for $20.

But I could of just bought a single Gb NIC and would of worked.

Use LGA1200.. so you can buy an i5 or i7 later for more HP and upgrade the ram overtime.

A decent refurbished system upgradeable. Spend what you can afford now and upgrade over time so you do t have a big hit to your wallet at once.