Messages

1

General Discussion / opnsense AWS problem

« on: March 04, 2023, 06:44:16 am »

Hi,
please, help
we try to import a working opnsense image (tried from vmware export, from virtualbox ova and bootstrap freebsd) however it all ends at the boot screen right after interfaces setup.
thank you

2

General Discussion / How can i block VPN when exceeding certain limit?

« on: February 08, 2023, 10:07:54 am »

Hi,
is it possible to limit VPN when it exceeds certain limit in bytes?
thanks

3

General Discussion / openvpn statusrefresh

« on: February 04, 2023, 03:23:25 pm »

Hi,
need help to update openvpn statusrefresh from default 60s to every 10 sec so that it'll write status file more often.
Please, help

4

General Discussion / VPN traffic limits

« on: January 13, 2023, 08:14:26 am »

Hi,
i need to control VPN traffic per user, so that when it reaches certain limit, the connection would drop.
Is it possible?
thanks

5

General Discussion / Nginx User Agents block

« on: October 14, 2022, 09:30:16 am »

Hi,
what does this block reference to?

 if ($http_user_agent ~ ^Mozilla/[\d\.]+$)
    {
      return 418;
    }
thanks

6

General Discussion / nginx and modsecurity

« on: September 29, 2022, 02:19:19 pm »

Hi,
is non os 'pkg install nginx' different from ports/nginx version? i understand from google searches that 'ports modsecurity' requires ports version of nginx
thanks

7

General Discussion / NATed traffic without payload

« on: December 27, 2021, 05:50:42 am »

VM subnet A => opnsense NAT rules to webapp port 80 or 443 => VM subnet B
I can see the rules work (rdr and pass) but tcpdump on VM B shows no payload (length 0)
What can possibly cause this behavior?
both hosts are reachable from opnsense, tcpdump on opnsense interface A also shows length 0
(the web app on VM B works when opening directly from the subnet B)
web gui http redirect is off
bogon and private for interface A and B are off
this is a Virtualbox setup

8

General Discussion / hardware health audit

« on: December 23, 2021, 06:56:18 am »

Hi,
i have a question - what are the checks that are being performed when running the health audit?
from the output it's kernel, kernel files, base, base files, dependencies and packages.
is "base check" is the base kernel and kernel checks are for kld?
also is it possible to run/generate hw-probe plugin output locally without uploading to https://bsd-hardware.info/ and generate a hw health report? Or maybe there's some other tool for hardware health check?
thanks

9

General Discussion / Manual import of GeoIPs / Batch import

« on: November 30, 2021, 06:52:46 am »

Hi,
Is it possible to manually import GeoIPs list? or is there a way to batch import rules directly into FW?
thanks

10

General Discussion / FW rules behavior

« on: November 26, 2021, 03:22:05 pm »

Hi,
WAN to LAN icmp rules test shows strange behavior -
when it's off (no ping allowed) the FW blocks, seen in the live view, then i enable the rule and when applied, the ping starts immediately.
However, if i start ping WAN to LAN and disable the rule (and apply) the ping continues, and only if i stop and start ping it's blocked.
did i miss something in the settings?
The rules are applied per interface.

floating rule icmp in/out behaves the same way.

Is this by design?
thanks

11

General Discussion / Re: opnsense-bootstrap supported freebsd versions?

« on: November 18, 2021, 02:24:59 pm »

thank you,
how different it'll be from 27.1 iso's 12.1-RELEASE-p21-HBSD?

12

General Discussion / opnsense-bootstrap supported freebsd versions?

« on: November 18, 2021, 11:46:08 am »

Hi,
which versions of freebsd are opnsense-bootstrap compatible?
thanks

13

General Discussion / Re: Update installer iso (latest update,add plugins)

« on: November 12, 2021, 06:37:56 am »

thank you

tried again (is there a complete log somewhere?)

12.1-RELEASE
4 gb RAM 40gb hdd VM virtualbox

after running make dvd
no image created in /usr/local/opnsense/build/21.7/amd64/images in the end

for example these errors occured

Code: [Select]

ld: error: undefined symbol: $dtrace6020728.Dispatch
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.Dispatch
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.Dispatch
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.DTraceCmdReturn
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.Dispatch
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.DTraceCmdReturn
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020728.Dispatch
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020748.TEBCresume
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020748.TEBCresume
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020787.TclOOSelfObjCmd
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020786.TclOOInit
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020782.TclpInitLibraryPath
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020779.Tcl_PidObjCmd
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020779.TclGetAndDetachPids
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020779.TclpTempFileName
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020777.TclpObjListVolumes
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020777.SetPermissionsAttribute
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020777.GetOwnerAttribute
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020777.GetGroupAttribute
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: undefined symbol: $dtrace6020773.ConvertErrorToList
>>> referenced by drti.c
>>>               tclDTrace.o:(__SUNW_dof)

ld: error: too many errors emitted, stopping now (use -error-limit=0 to see all errors)
cc: error: linker command failed with exit code 1 (use -v to see invocation)

Code: [Select]

[20211016073423] ===> Script "configure" failed unexpectedly.
Please report the problem to sunpoet@FreeBSD.org [maintainer] and attach the
"/usr/obj/usr/ports/www/libnghttp2/work/nghttp2-1.46.0/config.log" including
the output of the failure of your make command. Also, it might be a good idea
to provide an overview of all packages installed on your system (e.g. a
/usr/local/sbin/pkg-static info -g -Ea).
*** Error code 1

Stop.
make[5]: stopped in /usr/ports/www/libnghttp2
*** Error code 1

Stop.
make[4]: stopped in /usr/ports/ftp/curl
*** Error code 1

Stop.
make[3]: stopped in /usr/ports/devel/cmake
*** Error code 1

Stop.
make[2]: stopped in /usr/ports/print/freetype2
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/x11-fonts/fontconfig
*** Error code 1

Stop.
make: stopped in /usr/ports/x11-fonts/urwfonts

14

General Discussion / Re: Update installer iso (latest update,add plugins)

« on: November 11, 2021, 08:11:12 am »

do i need to update 12.1 to 12.2 ? because installing git to 12.1 shows newer OS version for package...

15

General Discussion / Re: Update installer iso (latest update,add plugins)

« on: November 11, 2021, 07:56:38 am »

thank you,
when i try to do it on a VM(virtualbox), exactly as it says it fails...
have tried many times, don't know why it happens but in the end some errors occur.