Messages

My token was disabled again as well. I had this issue before and monitored this thread until it was resolved. It has become disabled again sometime in the past 12 hours.

{"sensorId":"XXX-REDACTED-XXX","sensor_status":"DISABLED","last_heartbeat":"2025-01-31T17:01:09+00:00","last_rule_download":"2025-01-31T07:00:14+00:00","event_received":"2025-01-20T16:29:41+00:00","created":"2024-12-23T15:45:11+00:00","disable_date":"2025-04-20T16:29:41+00:00","status":"ok"}

I emailed support as post #6 suggested. They responded saying that there was a backend DB issue, and that they were working to resolve it. After a bit of time it's working fine again. Thanks!

My token was disabled again as well. I had this issue before and monitored this thread until it was resolved. It has become disabled again sometime in the past 12 hours.

{"sensorId":"XXX-REDACTED-XXX","sensor_status":"DISABLED","last_heartbeat":"2025-01-31T17:01:09+00:00","last_rule_download":"2025-01-31T07:00:14+00:00","event_received":"2025-01-20T16:29:41+00:00","created":"2024-12-23T15:45:11+00:00","disable_date":"2025-04-20T16:29:41+00:00","status":"ok"}

Thank you for the response.

Yes I do. The IPs available to DHCP is .2 to .25. All of the reservations are .26 - .254.

Hello.

I'm having an issue with one reservation that's not working correctly. It's with a Raspberry Pi that I'm using as a DNS server for my network. The reservations for everything else works as it should.

I've copied everything over to Kea from ISC, and at first it seemed like everything was fine. After about an hour the reservation stops working, and Kea assigns an incorrect address to it after the initial lease runs out.

According to the logs it appears that there are several characters added to the front of the MAC address for the Pi's NIC in the cid causing it to assign it a different IP than the one that's reserved, and I can't figure out what's causing it. I don't have the issue at all while using ISC, and it has worked as intended for several years now.

I'm hoping that someone with more knowledge about this can point me to the direction of where the problem could be.

Thank you in advance for any help!

Sincerely,

Dan

Edit: In the first line in the attached log KEA does assign the correct address.

That list is the wrong format for Unbound. (https://big.oisd.nl/domainswild)

Use this one instead.

https://big.oisd.nl/unbound

It's working fine here. The info shows up on all tabs.

Hello,

After updating to 24.1 google drive backups no longer work.

Looking at the plugins page it shows that os-api-backup is orphaned. I'm not sure if that's the cause of it. Looking at the backups configuration page my p12 key was missing. I re-added it but it will not save. It has worked fine for years prior to the update.

After adding the p12 key back in it says

The following input errors were detected:

    Invalid P12 key, openssl_pkcs12_read() failed
    Saved settings, but remote backup failed.

I noticed that the updates log shows "pkg: libevent has a missing dependency: openssl111" as well. I'm not sure if that's part of the issue or not but I've never seen that before.

Is there something that I can do to resolve this? Thank you in advance for your help!

Nevermind

I'm here after searching because of the same reason. Sensei seems to ignore the whitelist. Last night I formatted/reinstalled the device just in case, and it didn't help.

I'm also getting an error with the scheduled reports that had worked fine for a few years. The error is: "Error (200) Smtp :SMTP AUTH extension not supported by server."

I have submitted the same feedback that was requested from the OP.

I have the same issue as above. Most things say "network error" including the health check section. The only thing that's in the notifications is engine started.

Edit: If I log in via IP address everything seems to be working. Logging in via host.domain will not.

Edit #2: Updating to 1.14.1 resolved the issue. Thanks!

@CJRoss

Yes. They're PCIe cards.

I'm not sure what the difference is between the i-225LM and the i-225v NICs but I've been running two i-225v NICs for over a year now without any issues at all.

I swapped them out from a couple of 82576 cards. They showed up when I booted it back up, and all that I had to do is assign the interfaces. The speed/duplex is set to default, and they always show "2500Base-T <full-duplex>".

I have 1200/40 service through Comcast, and it always tests at ~1100-~1300. They have been rock solid.

I hope this helps.

The issue with MAC spoofing that's in this thread https://forum.opnsense.org/index.php?topic=27299.0 still persists with an IGB/Intel 82576 NIC.

I haven't looked into it much yet. The strange part is that the Intel NIC driver that's included in this ver is the current driver, and compiling/using the same driver (2.5.24) as described on page 6 in that thread will fix it.

Code Select Expand

# ls -lah /var/log/resolver.log
ls: /var/log/resolver.log: No such file or directory

I get the same output but my logs are working fine in Unbound.

Code Select Expand

2022-07-28T13:44:55-06:00 Informational unbound [61035:0] info: control cmd: local_datas
2022-07-28T13:44:54-06:00 Informational unbound [61035:0] info: control cmd: local_datas_remove
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: Verified that unsigned response is INSECURE
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: NSEC3s for the referral proved no DS.
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: resolving emergingthreats.net. DS IN
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: query response was ANSWER
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: reply from <.> XX.XX.XX.XX#853
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: response for opnsense.emergingthreats.net. A IN
2022-07-28T13:44:38-06:00 Informational unbound [61035:3] info: resolving opnsense.emergingthreats.net. A IN

So I was digging around with this again.

In opnsense ddclient is showing ver 1.8. The git is showing 3.10.0.

I can grep godaddy in the source files, and I can see what 1.8 won't let me add manually to the config or add via the GUI which is "api.godaddy.com/v1/domains" as the server.

This is in the 3.10.0 source:

Code Select Expand

    'godaddy' => {
        'updateable' => undef,
        'update'     => \&nic_godaddy_update,
        'examples'   => \&nic_godaddy_examples,
        'variables' => {
            %{$variables{'service-common-defaults'}},
            'min-interval' => setv(T_DELAY,  0, 0, interval('5m'),                 0),
            'server'       => setv(T_FQDNP,  1, 0, 'api.godaddy.com/v1/domains',   undef),
            'ttl'          => setv(T_NUMBER, 1, 0, 600,                            undef),
            'zone'         => setv(T_FQDN,   1, 0, '',                             undef),
        },

Is this just something that hasn't been added to the opnsense repo that will be added later?