Messages

1

24.1 Legacy Series / Re: Problem using Kea DHCP

« on: July 18, 2024, 05:58:09 am »

Thank you for the response.

Yes I do. The IPs available to DHCP is .2 to .25. All of the reservations are .26 - .254.

2

24.1 Legacy Series / Problem using Kea DHCP

« on: July 16, 2024, 08:44:48 pm »

Hello.

I'm having an issue with one reservation that's not working correctly. It's with a Raspberry Pi that I'm using as a DNS server for my network. The reservations for everything else works as it should.

I've copied everything over to Kea from ISC, and at first it seemed like everything was fine. After about an hour the reservation stops working, and Kea assigns an incorrect address to it after the initial lease runs out.

According to the logs it appears that there are several characters added to the front of the MAC address for the Pi's NIC in the cid causing it to assign it a different IP than the one that's reserved, and I can't figure out what's causing it. I don't have the issue at all while using ISC, and it has worked as intended for several years now.

I'm hoping that someone with more knowledge about this can point me to the direction of where the problem could be.

Thank you in advance for any help!

Sincerely,

Dan

Edit: In the first line in the attached log KEA does assign the correct address.

3

24.1 Legacy Series / Re: Error after clicking apply on unbound blocklist

« on: February 17, 2024, 07:58:45 am »

That list is the wrong format for Unbound. (https://big.oisd.nl/domainswild)

Use this one instead.

https://big.oisd.nl/unbound

4

24.1 Legacy Series / Re: vnStat statistic tabs empty

« on: February 13, 2024, 03:33:55 am »

It's working fine here. The info shows up on all tabs.

5

24.1 Legacy Series / Google drive backups/os-api-backup broken in 24.1

« on: January 31, 2024, 06:14:25 pm »

Hello,

After updating to 24.1 google drive backups no longer work.

Looking at the plugins page it shows that os-api-backup is orphaned. I'm not sure if that's the cause of it. Looking at the backups configuration page my p12 key was missing. I re-added it but it will not save. It has worked fine for years prior to the update.

After adding the p12 key back in it says

The following input errors were detected:

    Invalid P12 key, openssl_pkcs12_read() failed
    Saved settings, but remote backup failed.

I noticed that the updates log shows "pkg: libevent has a missing dependency: openssl111" as well. I'm not sure if that's part of the issue or not but I've never seen that before.

Is there something that I can do to resolve this? Thank you in advance for your help!

6

23.7 Legacy Series / Re: No update possible to 23.7.2

« on: August 26, 2023, 06:03:13 pm »

Nevermind

7

Zenarmor (Sensei) / Re: problems with whitelisting

« on: August 25, 2023, 11:06:55 pm »

I'm here after searching because of the same reason. Sensei seems to ignore the whitelist. Last night I formatted/reinstalled the device just in case, and it didn't help.

I'm also getting an error with the scheduled reports that had worked fine for a few years. The error is: "Error (200) Smtp :SMTP AUTH extension not supported by server."

I have submitted the same feedback that was requested from the OP.

8

Zenarmor (Sensei) / Re: Zenarmor: 'Network error' after upgrading & fresh install stuck on wizard

« on: August 07, 2023, 08:13:38 am »

I have the same issue as above. Most things say "network error" including the health check section. The only thing that's in the notifications is engine started.

Edit: If I log in via IP address everything seems to be working. Logging in via host.domain will not.

Edit #2: Updating to 1.14.1 resolved the issue. Thanks!

9

23.1 Legacy Series / Re: Intel i225-LM support?

« on: June 02, 2023, 07:11:32 pm »

@CJRoss

Yes. They're PCIe cards.

10

23.1 Legacy Series / Re: Intel i225-LM support?

« on: June 01, 2023, 07:06:11 pm »

I'm not sure what the difference is between the i-225LM and the i-225v NICs but I've been running two i-225v NICs for over a year now without any issues at all.

I swapped them out from a couple of 82576 cards. They showed up when I booted it back up, and all that I had to do is assign the interfaces. The speed/duplex is set to default, and they always show "2500Base-T <full-duplex>".

I have 1200/40 service through Comcast, and it always tests at ~1100-~1300. They have been rock solid.

I hope this helps.

11

22.7 Legacy Series / Re: WAN Flapping Addressed with 22.7?

« on: August 04, 2022, 11:32:21 pm »

The issue with MAC spoofing that's in this thread https://forum.opnsense.org/index.php?topic=27299.0 still persists with an IGB/Intel 82576 NIC.

I haven't looked into it much yet. The strange part is that the Intel NIC driver that's included in this ver is the current driver, and compiling/using the same driver (2.5.24) as described on page 6 in that thread will fix it.

12

22.7 Legacy Series / Re: Unbound log file page not responding

« on: July 28, 2022, 09:47:39 pm »

Code: [Select]

# ls -lah /var/log/resolver.log
ls: /var/log/resolver.log: No such file or directory
I get the same output but my logs are working fine in Unbound.

Code: [Select]

2022-07-28T13:44:55-06:00 Informational unbound [61035:0] info: control cmd: local_datas
2022-07-28T13:44:54-06:00 Informational unbound [61035:0] info: control cmd: local_datas_remove
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: Verified that unsigned response is INSECURE
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: NSEC3s for the referral proved no DS.
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: resolving emergingthreats.net. DS IN
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: query response was ANSWER
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: reply from <.> XX.XX.XX.XX#853
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: response for opnsense.emergingthreats.net. A IN
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: resolving opnsense.emergingthreats.net. A IN

13

22.1 Legacy Series / Re: os-ddclient with Godaddy

« on: July 24, 2022, 09:39:33 pm »

So I was digging around with this again.

In opnsense ddclient is showing ver 1.8. The git is showing 3.10.0.

I can grep godaddy in the source files, and I can see what 1.8 won't let me add manually to the config or add via the GUI which is "api.godaddy.com/v1/domains" as the server.

This is in the 3.10.0 source:

Code: [Select]

    'godaddy' => {
        'updateable' => undef,
        'update'     => \&nic_godaddy_update,
        'examples'   => \&nic_godaddy_examples,
        'variables' => {
            %{$variables{'service-common-defaults'}},
            'min-interval' => setv(T_DELAY,  0, 0, interval('5m'),                 0),
            'server'       => setv(T_FQDNP,  1, 0, 'api.godaddy.com/v1/domains',   undef),
            'ttl'          => setv(T_NUMBER, 1, 0, 600,                            undef),
            'zone'         => setv(T_FQDN,   1, 0, '',                             undef),
        },
Is this just something that hasn't been added to the opnsense repo that will be added later?

14

22.1 Legacy Series / os-ddclient with Godaddy

« on: July 07, 2022, 09:48:19 pm »

Hello,

I'm hoping that someone that has gotten os-ddclient to work with godaddy can help me out to get it working. I've been trying for the past few months, and have had no luck. Since the new client has been introduced they have added godaddy in the list of supported services.

I'm not sure what it is that I'm doing wrong. I'm able to get it working fine with a shell script with the same server/credentials. It also works fine with the depreciated dyndns client.

I've tried both available protocols, and can't get it to update.

This is what is in the log with both of the protocols:

Code: [Select]

2022-07-07T13:33:44-06:00 Notice ddclient[82034] 6272 - [meta sequenceId="21"] RECEIVE: {"code":"NOT_FOUND","message":"Not Found : The requested resource was not found"}
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 4636 - [meta sequenceId="20"] RECEIVE:
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 3140 - [meta sequenceId="19"] RECEIVE: Connection: close
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 1262 - [meta sequenceId="18"] RECEIVE: Date: Thu, 07 Jul 2022 19:33:44 GMT
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 233 - [meta sequenceId="17"] RECEIVE: Pragma: no-cache
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 98779 - [meta sequenceId="16"] RECEIVE: Cache-Control: max-age=0, no-cache, no-store
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 97726 - [meta sequenceId="15"] RECEIVE: Expires: Thu, 07 Jul 2022 19:33:44 GMT
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 96279 - [meta sequenceId="14"] RECEIVE: Content-Length: 81
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 95578 - [meta sequenceId="13"] RECEIVE: Content-Type: application/json
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 94404 - [meta sequenceId="12"] RECEIVE: HTTP/1.0 404 Not Found
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="11"] SENDING:
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="10"] SENDING:
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="9"] SENDING: Connection: close
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="8"] SENDING: User-Agent: ddclient/3.9.1
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="7"] SENDING: Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="6"] SENDING: Host: api.godaddy.com
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 93004 - [meta sequenceId="5"] SENDING: GET /nic/dyndns?action=edit&started=1&hostname=YES&host_id=cXXXX.XXXXXXXXXXXX.com&myip=XX.XXX.XX.XXX HTTP/1.0
2022-07-07T13:33:44-06:00 Notice ddclient[82034] 91134 - [meta sequenceId="4"] CONNECTED: using SSL
2022-07-07T13:33:43-06:00 Notice ddclient[82034] 87859 - [meta sequenceId="3"] CONNECT: api.godaddy.com
2022-07-07T13:33:43-06:00 Notice ddclient[82034] 85229 - [meta sequenceId="2"] UPDATE: updating XXXX.XXXXXXXXXXXX.com
2022-07-07T13:33:43-06:00 Notice ddclient[82034] 83545 - [meta sequenceId="1"] INFO: setting IP address to XX.XXX.XX.XXX for XXXX.XXXXXXXXXXXX.com
If I use the no protocol setting I get:

Code: [Select]

2022-07-07T13:25:52-06:00 Notice ddclient[24847] 45739 - [meta sequenceId="22"] RECEIVE: {"code":"NOT_FOUND","message":"Not Found : The requested resource was not found"}
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 43836 - [meta sequenceId="21"] RECEIVE:
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 42964 - [meta sequenceId="20"] RECEIVE: Connection: close
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 41413 - [meta sequenceId="19"] RECEIVE: Date: Thu, 07 Jul 2022 19:25:52 GMT
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 41122 - [meta sequenceId="18"] RECEIVE: Pragma: no-cache
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 40200 - [meta sequenceId="17"] RECEIVE: Cache-Control: max-age=0, no-cache, no-store
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 39090 - [meta sequenceId="16"] RECEIVE: Expires: Thu, 07 Jul 2022 19:25:52 GMT
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 38372 - [meta sequenceId="15"] RECEIVE: Content-Length: 81
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 37251 - [meta sequenceId="14"] RECEIVE: Content-Type: application/json
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35815 - [meta sequenceId="13"] RECEIVE: HTTP/1.0 404 Not Found
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="12"] SENDING:
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="11"] SENDING:
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="10"] SENDING: Connection: close
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="9"] SENDING: User-Agent: ddclient/3.9.1
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="8"] SENDING: Authorization: Basic XXXXXXXXXXX
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="7"] SENDING: Host: api.godaddy.com
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 35029 - [meta sequenceId="6"] SENDING: GET /nic/update?system=dyndns&hostname=XXXX.XXXXXX.com&myip=XX.XXX.XX.XXX HTTP/1.0
2022-07-07T13:25:52-06:00 Notice ddclient[24847] 33425 - [meta sequenceId="5"] CONNECTED: using SSL
2022-07-07T13:25:51-06:00 Notice ddclient[24847] 29979 - [meta sequenceId="4"] CONNECT: api.godaddy.com
2022-07-07T13:25:51-06:00 Notice ddclient[24847] 29104 - [meta sequenceId="3"] UPDATE: updating XXXX.XXXXXX.com
2022-07-07T13:25:51-06:00 Notice ddclient[24847] 27913 - [meta sequenceId="2"] INFO: setting IP address to XX.XXX.XX.XXX for XXXX.XXXXXX.com
2022-07-07T13:25:51-06:00 Notice ddclient[24847] 25940 - [meta sequenceId="1"] WARNING: file /usr/local/etc/ddclient.conf, line 12: Invalid Value for keyword 'protocol' = ''
The content of os-ddclient.conf is this:

Code: [Select]

syslog=yes                  # log update msgs to syslog
pid=/var/run/ddclient.pid   # record PID in file.
verbose=yes
ssl=yes


use=if, if=igb1, \
protocol=, \
server=api.godaddy.com, \
login=XXXXXXXXXXXXXX, \
password=XXXXXXXXXXXXX \
If I use dyndns 1/2 as the protocol they show in the config as expected.

Thank you in advance for your help!

15

22.1 Legacy Series / Re: WAN interface flapping with 22.1.2

« on: May 14, 2022, 09:17:43 am »

@tracerrx It's just an old i7-4790 box that I'm using. I'm using a dual intel 82576 (igb) card in it/bare metal. No vlans or anything fancy but I am running suricata/zenarmor. I'm planning on doing this after each update until the driver in BSD is sorted out. Now I just have to get os-ddclient working with godaddy and I'll be all set.