OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Mbl »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Mbl

Pages: [1] 2 3 ... 6
1
Zenarmor (Sensei) / No CRL was provided for ...
« on: October 31, 2024, 02:15:52 pm »
Can anybody from Zenarmor confirm this issue?

Quote from: Mbl on October 31, 2024, 11:48:02 am
I'm still having the same problem with 24.10_7:
Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.10_7 at Thu Oct 31 11:42:39 CET 2024
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
Fetching meta.conf: . done
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
Fetching packagesite.pkg: ... done
Processing entries: ....... done
SunnyValley repository update completed. 66 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (13 candidates): .......... done
Processing candidates (13 candidates): .. done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***
I have deleted all /tmp/libfetch_crl.* files and retried but still get the same error. Current file libfetch_crl.24103111 has valid crl information as it looks like:
Code: [Select]
# [i] fetch certificate for https://opnsense-update.deciso.com
# [i] fetch CRL from http://cdp.rapidssl.com/RapidSSLTLSECCCAG1.crl
# [i] fetch CRL from http://crl3.digicert.com/DigiCertGlobalRootG3.crl
Is the mentioned hotfix already included in 24.10_7 or will it be available in a later version?

https://forum.opnsense.org/index.php?topic=43474.msg217949#msg217949

2
24.7 Production Series / Re: 24.10 BE upgrade CRL errors
« on: October 31, 2024, 11:48:02 am »
I'm still having the same problem with 24.10_7:
Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.10_7 at Thu Oct 31 11:42:39 CET 2024
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
Fetching meta.conf: . done
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
No CRL was provided for /CN=zenarmor.com
No CRL was provided for /C=US/O=Google Trust Services/CN=WE1
No CRL was provided for /C=US/O=Google Trust Services LLC/CN=GTS Root R4
Fetching packagesite.pkg: ... done
Processing entries: ....... done
SunnyValley repository update completed. 66 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (13 candidates): .......... done
Processing candidates (13 candidates): .. done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***
I have deleted all /tmp/libfetch_crl.* files and retried but still get the same error. Current file libfetch_crl.24103111 has valid crl information as it looks like:
Code: [Select]
# [i] fetch certificate for https://opnsense-update.deciso.com
# [i] fetch CRL from http://cdp.rapidssl.com/RapidSSLTLSECCCAG1.crl
# [i] fetch CRL from http://crl3.digicert.com/DigiCertGlobalRootG3.crl
Is the mentioned hotfix already included in 24.10_7 or will it be available in a later version?

3
General Discussion / Re: Error: System: Firmware > Updates
« on: January 03, 2024, 02:59:45 pm »
Just updated today to 23.10.1_2

Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.10.1_2 at Wed Jan  3 14:57:42 CET 2024
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 870 packages processed.
Updating SunnyValley repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: ... done
Processing entries: ....... done
SunnyValley repository update completed. 64 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Checking for upgrades (6 candidates): .
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Checking for upgrades (6 candidates)...
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Checking for upgrades (6 candidates)....
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Checking for upgrades (6 candidates).... done
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Processing candidates (6 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

4
General Discussion / Re: Error: System: Firmware > Updates
« on: December 29, 2023, 11:06:38 am »
Still having the same issue with 23.10.1

Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.10.1 at Fri Dec 29 11:03:47 CET 2023
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
pkg: sqlite error while executing SELECT count(name) FROM sqlite_master WHERE type='table' AND name='repodata'; in file pkgdb.c:2358: database is locked
pkg: Repository OPNsense contains no repodata table, need to re-create database
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
pkg: sqlite error while executing CREATE TABLE packages (id INTEGER PRIMARY KEY,origin TEXT,name TEXT NOT NULL,version TEXT NOT NULL,comment TEXT NOT NULL,desc TEXT NOT NULL,osversion TEXT,arch TEXT NOT NULL,maintainer TEXT NOT NULL,www TEXT,prefix TEXT NOT NULL,pkgsize INTEGER NOT NULL,flatsize INTEGER NOT NULL,licenselogic INTEGER NOT NULL,cksum TEXT NOT NULL,path TEXT NOT NULL,pkg_format_version INTEGER,manifestdigest TEXT NULL,olddigest TEXT NULL,dep_formula TEXT NULL,vital INTEGER NOT NULL DEFAULT 0);CREATE TABLE deps (origin TEXT,name TEXT,version TEXT,package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,UNIQUE(package_id, name));CREATE TABLE categories (id INTEGER PRIMARY KEY, name TEXT NOT NULL UNIQUE );CREATE TABLE pkg_categories (package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,category_id INTEGER REFERENCES categories(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, category_id));CREATE TABLE licenses (id INTEGER PRIMARY KEY,name TEXT NOT NULL UNIQUE);CREATE TABLE pkg_licenses (package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,license_id INTEGER REFERENCES licenses(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, license_id));CREATE TABLE option (option_id INTEGER PRIMARY KEY,option TEXT NOT NULL UNIQUE);CREATE TABLE option_desc (option_desc_id INTEGER PRIMARY KEY,option_desc TEXT NOT NULL UNIQUE);CREATE TABLE pkg_option (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,value TEXT NOT NULL,PRIMARY KEY(package_id, option_id));CREATE TABLE pkg_option_desc (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,option_desc_id INTEGER NOT NULL REFERENCES option_desc(option_desc_id) ON DELETE RESTRICT ON UPDATE CASCADE,PRIMARY KEY(package_id, option_id));CREATE TABLE pkg_option_default (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,default_value TEXT NOT NULL,PRIMARY KEY(package_id, option_id));CREATE TABLE shlibs (id INTEGER PRIMARY KEY,name TEXT NOT NULL UNIQUE );CREATE TABLE pkg_shlibs_required (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,shlib_id INTEGER NOT NULL REFERENCES shlibs(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, shlib_id));CREATE TABLE pkg_shlibs_provided (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,shlib_id INTEGER NOT NULL REFERENCES shlibs(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, shlib_id));CREATE TABLE annotation (annotation_id INTEGER PRIMARY KEY,annotation TEXT NOT NULL UNIQUE);CREATE TABLE pkg_annotation (package_id INTEGER REFERENCES packages(id) ON DELETE CASCADE ON UPDATE RESTRICT,tag_id INTEGER NOT NULL REFERENCES annotation(annotation_id) ON DELETE CASCADE ON UPDATE RESTRICT,value_id INTEGER NOT NULL REFERENCES annotation(annotation_id) ON DELETE CASCADE ON UPDATE RESTRICT,UNIQUE (package_id, tag_id));CREATE TABLE pkg_conflicts (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,conflict_id INTEGER NOT NULL,UNIQUE(package_id, conflict_id));CREATE TABLE provides(    id INTEGER PRIMARY KEY,    provide TEXT NOT NULL);CREATE TABLE pkg_provides (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,provide_id INTEGER NOT NULL REFERENCES provides(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, provide_id));CREATE TABLE requires(    id INTEGER PRIMARY KEY,    require TEXT NOT NULL);CREATE TABLE pkg_requires (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,require_id INTEGER NOT NULL REFERENCES requires(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, require_id));PRAGMA user_version=2014; in file pkgdb.c:2333: disk I/O error
Unable to create repository OPNsense
Unable to update repository OPNsense
Updating SunnyValley repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: ... done
Processing entries: ....... done
SunnyValley repository update completed. 64 packages processed.
Error updating repositories!
pkg: sqlite error while executing SELECT count(name) FROM sqlite_master WHERE type='table' AND name='repodata'; in file pkgdb.c:2358: database is locked
pkg: Repository OPNsense contains no repodata table, need to re-create database
pkg: Repository OPNsense cannot be opened. 'pkg update' required
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

5
Zenarmor (Sensei) / Re: After Update to 1.16
« on: December 20, 2023, 11:10:31 pm »
done...

6
Zenarmor (Sensei) / After Update to 1.16
« on: December 20, 2023, 08:57:34 pm »
I have updated to 1.16, (on OPNsense 23.10.1-amd64). All seams to be fine but there are two issues:

1.) No devices are shown under devices. Under Settings > Subscriptions there are no devices counted as well (Number of active devices: 0)

2.) after a reboot the device looped and was not able to recover it self (no IP access). Console and /var/log/system logs are showing the below output.
After uninstalling os-zenarmor and os-sensei from console, I was able to normally reboot the system again. After installing zenarmor newly, the system worked as expected but still had issue 1.). After rebooting the system the system was looping with below errors again...

Code: [Select]
<13>1 2023-12-20T20:43:21+01:00 firewall.home kernel - - [meta sequenceId="1878"] <6>pid 21945 (eastpect), jid 0, uid 0: exited on signal 6
<13>1 2023-12-20T20:43:21+01:00 firewall.home kernel - - [meta sequenceId="1879"] 401.362026 [ 294] generic_netmap_unregister Emulated adapter for igb0 deactivated
<13>1 2023-12-20T20:43:21+01:00 firewall.home kernel - - [meta sequenceId="1880"] 401.369131 [1068] generic_netmap_dtor       Native netmap adapter for igb0 restored
<13>1 2023-12-20T20:43:21+01:00 firewall.home kernel - - [meta sequenceId="1881"] 401.376436 [1076] generic_netmap_dtor       Emulated netmap adapter for igb0 destroyed
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1882"] 412.699095 [1171] generic_netmap_attach     Emulated adapter for ovpns2 created (prev was NULL)
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1883"] 412.707363 [1076] generic_netmap_dtor       Emulated netmap adapter for ovpns2 destroyed
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1884"] 412.715227 [1171] generic_netmap_attach     Emulated adapter for ovpns2 created (prev was NULL)
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1885"] 412.723631 [ 319] generic_netmap_register   Emulated adapter for ovpns2 activated
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1886"] <6>pid 27219 (eastpect), jid 0, uid 0: exited on signal 11
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1887"] 412.757927 [ 294] generic_netmap_unregister Emulated adapter for ovpns2 deactivated
<13>1 2023-12-20T20:43:32+01:00 firewall.home kernel - - [meta sequenceId="1888"] 412.765200 [1076] generic_netmap_dtor       Emulated netmap adapter for ovpns2 destroyed
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1889"] 414.524322 [1171] generic_netmap_attach     Emulated adapter for igb0 created (prev was igb0)
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1890"] 414.532417 [1068] generic_netmap_dtor       Native netmap adapter for igb0 restored
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1891"] 414.539801 [1076] generic_netmap_dtor       Emulated netmap adapter for igb0 destroyed
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1892"] 414.547487 [1171] generic_netmap_attach     Emulated adapter for igb0 created (prev was igb0)
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1893"] 414.555701 [ 319] generic_netmap_register   Emulated adapter for igb0 activated
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1894"] <6>pid 33034 (eastpect), jid 0, uid 0: exited on signal 11
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1895"] 414.593492 [ 294] generic_netmap_unregister Emulated adapter for igb0 deactivated
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1896"] 414.600598 [1068] generic_netmap_dtor       Native netmap adapter for igb0 restored
<13>1 2023-12-20T20:43:34+01:00 firewall.home kernel - - [meta sequenceId="1897"] 414.607900 [1076] generic_netmap_dtor       Emulated netmap adapter for igb0 destroyed
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1898"] 425.959164 [1171] generic_netmap_attach     Emulated adapter for ovpns2 created (prev was NULL)
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1899"] 425.967430 [1076] generic_netmap_dtor       Emulated netmap adapter for ovpns2 destroyed
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1900"] 425.975296 [1171] generic_netmap_attach     Emulated adapter for ovpns2 created (prev was NULL)
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1901"] 425.983700 [ 319] generic_netmap_register   Emulated adapter for ovpns2 activated
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1902"] <6>pid 33623 (eastpect), jid 0, uid 0: exited on signal 11
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1903"] 426.018064 [ 294] generic_netmap_unregister Emulated adapter for ovpns2 deactivated
<13>1 2023-12-20T20:43:46+01:00 firewall.home kernel - - [meta sequenceId="1904"] 426.025339 [1076] generic_netmap_dtor       Emulated netmap adapter for ovpns2 destroyed
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1905"] 427.781521 [1171] generic_netmap_attach     Emulated adapter for igb0 created (prev was igb0)
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1906"] 427.789617 [1068] generic_netmap_dtor       Native netmap adapter for igb0 restored
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1907"] 427.796970 [1076] generic_netmap_dtor       Emulated netmap adapter for igb0 destroyed
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1908"] 427.804684 [1171] generic_netmap_attach     Emulated adapter for igb0 created (prev was igb0)
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1909"] 427.812898 [ 319] generic_netmap_register   Emulated adapter for igb0 activated
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1910"] <6>pid 33815 (eastpect), jid 0, uid 0: exited on signal 11
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1911"] 427.850884 [ 294] generic_netmap_unregister Emulated adapter for igb0 deactivated
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1912"] 427.857990 [1068] generic_netmap_dtor       Native netmap adapter for igb0 restored
<13>1 2023-12-20T20:43:47+01:00 firewall.home kernel - - [meta sequenceId="1913"] 427.865296 [1076] generic_netmap_dtor       Emulated netmap adapter for igb0 destroyed
<13>1 2023-12-20T20:43:59+01:00 firewall.home kernel - - [meta sequenceId="1914"] 439.144693 [1171] generic_netmap_attach     Emulated adapter for ovpns2 created (prev was NULL)

7
General Discussion / Re: Error: System: Firmware > Updates
« on: November 12, 2023, 03:25:23 pm »
Hi Franco

Thanks for your replay. Looks like there where no interfering processes:

Code: [Select]
root@firewall:~ # killall pkg
No matching processes were found
root@firewall:~ # killall pkg-static
No matching processes were found


8
General Discussion / Re: Error: System: Firmware > Updates
« on: November 01, 2023, 10:20:44 pm »
DNS should not be the problem in this case....

Checked for new firmware today and got the following:

Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.10 at Wed Nov  1 22:16:50 CET 2023
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 861 packages processed.
Updating SunnyValley repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: ... done
Processing entries: ....... done
SunnyValley repository update completed. 64 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
pkg: sqlite error while executing iterator in file pkgdb_iterator.c:1110: attempt to write a readonly database
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

9
General Discussion / Re: Error: System: Firmware > Updates
« on: October 14, 2023, 12:10:29 pm »
Addendum:

If I run a connectivity audit I receive the following error:

Code: [Select]
***GOT REQUEST TO AUDIT CONNECTIVITY***
Currently running OPNsense 23.4.2_1 at Sat Oct 14 12:09:26 CEST 2023
Checking connectivity for host: opnsense-update.deciso.com -> 89.149.211.205
PING 89.149.211.205 (89.149.211.205): 1500 data bytes
1508 bytes from 89.149.211.205: icmp_seq=0 ttl=49 time=17.991 ms
1508 bytes from 89.149.211.205: icmp_seq=1 ttl=49 time=17.968 ms
1508 bytes from 89.149.211.205: icmp_seq=2 ttl=49 time=17.980 ms
1508 bytes from 89.149.211.205: icmp_seq=3 ttl=49 time=17.947 ms

--- 89.149.211.205 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 17.947/17.972/17.991/0.016 ms
Checking connectivity for repository (IPv4): https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.4
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 845 packages processed.
Updating SunnyValley repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .. done
Processing entries: .... done
SunnyValley repository update completed. 31 packages processed.
All repositories are up to date.
Checking connectivity for host: opnsense-update.deciso.com -> 2001:1af8:4f00:a005:5::
ping: UDP connect: No route to host
Checking connectivity for repository (IPv6): https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.4
Updating OPNsense repository catalogue...
pkg: https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.4/latest/meta.txz: Non-recoverable resolver failure
repository OPNsense has no meta file, using default settings
pkg: https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.4/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.4/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository OPNsense
Updating SunnyValley repository catalogue...
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/meta.txz: Non-recoverable resolver failure
repository SunnyValley has no meta file, using default settings
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository SunnyValley
Error updating repositories!
***DONE***


Health audit seams to be ok:

Code: [Select]
***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 23.4.2_1 at Sat Oct 14 12:07:02 CEST 2023
>>> Check installed kernel version
Version 23.1.11 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 23.1.11 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense
SunnyValley
>>> Check installed plugins
os-OPNBEcore 1.1_2
os-acme-client 3.17
os-etpro-telemetry 1.6_1
os-net-snmp 1.5_2
os-nut 1.8.1_2
os-sensei 1.15.1
os-sensei-updater 1.15
os-sunnyvalley 1.2_3
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .....
os-sensei-1.15.1: missing file /usr/local/zenarmor/output/archive/.placeholder
Checking all packages........ done
>>> Check for core packages consistency
Core package "opnsense-business" has 68 dependencies to check.
Checking packages: ..................................................................... done
***DONE***

10
General Discussion / Error: System: Firmware > Updates
« on: October 14, 2023, 12:03:47 pm »
Hello

Since view months I receive the following error once I try to update to newer version. Usually the error disappears if I try to upgrade a second or third time.


Code: [Select]
***GOT REQUEST TO UPDATE***
Currently running OPNsense 23.4.2_1 at Sat Oct 14 11:53:05 CEST 2023
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
pkg-static: sqlite error while executing CREATE TABLE IF NOT EXISTS repo_update (n INT); in file pkgdb.c:2333: attempt to write a readonly database
Processing entries:
pkg-static: sqlite error while executing INSERT OR REPLACE INTO packages (origin, name, version, comment, desc, arch, maintainer, www, prefix, pkgsize, flatsize, licenselogic, cksum, path, manifestdigest, olddigest, vital)VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11, ?12, ?13, ?14, ?15, ?16, ?17) in file update.c:165: attempt to write a readonly database
Processing entries... done
pkg-static: sqlite error while executing CREATE INDEX packages_origin ON packages(origin COLLATE NOCASE);CREATE INDEX packages_name ON packages(name COLLATE NOCASE);CREATE INDEX packages_uid_nocase ON packages(name COLLATE NOCASE, origin COLLATE NOCASE);CREATE INDEX packages_version_nocase ON packages(name COLLATE NOCASE, version);CREATE INDEX packages_uid ON packages(name, origin);CREATE INDEX packages_version ON packages(name, version);CREATE UNIQUE INDEX packages_digest ON packages(manifestdigest); in file pkgdb.c:2333: attempt to write a readonly database
Unable to update repository OPNsense
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
Error updating repositories!
Starting web GUI...done.
Generating RRD graphs...done.
***DONE***


Sometime a similar sqlite error appears once I check for new updates. Also this error disappears after the second or third time.

The unit is on 23.4.2_1 Business and running on a DEC3860.

Any advice whats wrong?

11
Zenarmor (Sensei) / New Zenarmor Release does weird things
« on: August 16, 2023, 01:22:37 am »
I have igb0 with different VLANS:
- 110 MGMT_VLAN --> very restricted
- 150 CLIENT_VLAN

MGMT_VLAN has a dedicated policy listening on VLAN 110.
CLIENT_VLAN is covered with the default policy.

As you can see from live session explorer print screen hosts being connected to VLAN 150 are somehow covered with policy MGMT_VLAN. As things are still somehow working according the default policy for those hosts in VLAN 150 I assume this is only a logging / display issue. But still it leaves an uneasy feeling...


12
Zenarmor (Sensei) / Re: Home subscription - policy disabling itself
« on: August 16, 2023, 12:28:44 am »
Was to fast - I thought due to the only the same version was reinstalled, the fix is not yet included. The problem no longer occurs with me currently

13
Zenarmor (Sensei) / Re: Home subscription - policy disabling itself
« on: August 16, 2023, 12:24:43 am »
Same problem here. Just ran
Code: [Select]
pkg install -fy os-sensei and it was reinstalling os-sensei-1.14.2

Any update on this since 10th of August?

14
General Discussion / Re: DEC2750 firmware upgrade stuck (current firmware newer)
« on: April 29, 2023, 01:00:27 pm »
After reinstalling the package openldap26, health check was successful again. So problem seams to be solved for now.

Never the less I had this issue with stuck updates already view times and I'm not an user who is altering core files or configurations... So the question still resists - why does this come up again and again?

15
General Discussion / Re: DEC2750 firmware upgrade stuck (current firmware newer)
« on: April 29, 2023, 12:51:34 pm »
Thanks Franco.

I have rebooted the firewall and updated to 23.4 and ran health audit with the following output.

Code: [Select]
***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 23.4 at Sat Apr 29 12:45:41 CEST 2023
>>> Check installed kernel version
Version 23.1.5 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 23.1.5 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense
SunnyValley
>>> Check installed plugins
os-OPNBEcore 1.1
os-acme-client 3.16
os-etpro-telemetry 1.6_1
os-net-snmp 1.5_2
os-nut 1.8.1_2
os-sensei 1.12.4
os-sensei-updater 1.12
os-sunnyvalley 1.2_3
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .....
openldap26-client-2.6.4: checksum mismatch for /usr/local/bin/ldapvc
Checking all packages........ done
>>> Check for core packages consistency
Core package "opnsense-business" has 67 dependencies to check.
Checking packages: .................................................................... done
***DONE***

Security audit looks like the following (after 23.4 update  :o )

Code: [Select]
***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 23.4 at Sat Apr 29 12:51:00 CEST 2023
vulnxml file up-to-date
libxml2-2.10.3_1 is vulnerable:
  libxml2 -- multiple vulnerabilities
  CVE: CVE-2023-29469
  CVE: CVE-2023-28484
  WWW: https://vuxml.FreeBSD.org/freebsd/0bd7f07b-dc22-11ed-bf28-589cfc0f81b0.html

curl-7.88.1 is vulnerable:
  curl -- multiple vulnerabilities
  CVE: CVE-2023-27538
  CVE: CVE-2023-27537
  CVE: CVE-2023-27536
  CVE: CVE-2023-27535
  CVE: CVE-2023-27534
  CVE: CVE-2023-27533
  WWW: https://vuxml.FreeBSD.org/freebsd/0d7d104c-c6fb-11ed-8a4b-080027f5fec9.html

py39-setuptools-63.1.0 is vulnerable:
  py39-setuptools -- denial of service vulnerability
  CVE: CVE-2022-40897
  WWW: https://vuxml.FreeBSD.org/freebsd/1b38aec4-4149-4c7d-851c-3c4de3a1fbd0.html

3 problem(s) in 3 installed package(s) found.
***DONE***

Pages: [1] 2 3 ... 6
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2