Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - rovingclimber

Pages1
#1
22.1 Legacy Series / Add DNS SRV record for KMS
July 13, 2022, 01:18:51 PM
Hi all!

Hoping someone can help.

I'm trying to somehow add SRV record for KMS activation server. For reference:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn502531(v=ws.11)

However there doesn't appear to be a way to add a SRV record as an override to unbound, only A / AAA / TXT.

I tried installing bind plugin on non-standard port, which allows you to add a SRV, and setting up a domain override from unbound with domain "_tcp" to forward to bind, but the UI won't accept that as a domain name.

I'm sure there must be other people out there trying to set up automatic KMS activation using OPNSense for DNS? If anyone's made this work any hints would be appreciated!

Thanks
#2
21.1 Legacy Series / configd_ctl.py logging billions of "config_changed" messages
July 28, 2021, 10:41:40 AM
Good morning!

Hope someone here might help me diagnose this one ... recently upgraded to OPNsense 21.1.9-amd64, and I noticed this morning very high cpu usage on my opnsense box. I'm relatively new to opnsense but a little poking around shows this:

PIDUSERNAMEPRINICESIZERESSTATECTIMEWCPUCOMMAND
19011root103010361560CPU11412:37100.00%/usr/local/sbin/syslogd -s -c -c -P /var/run/syslog.pid -p /var/run/legacy_log -S /var/run/legacy_logpriv -k -s -s -f /var/etc/syslog.conf
59064root103063821141CPU3316.9H98.97%/usr/local/bin/python3 /usr/local/opnsense/service/configd_ctl.py -e -t 0.5 system event config_changed (python3.7)
30701root830355096CPU220:2736.47%/usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid{syslog-ng}
11root155ki31064RUN0436.3H19.29%[idle{idle: cpu0}]

And my log file is full of millions of repeated events like this:

2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:
2021-07-28T08:35:59   configctl[59064]   event @ 1627453482.74 msg:

I tried restarting the configd service but problem still persists. I haven't yet tried restarting the box as two of us working from home today, but then the whole point of a resilient firewall is that I shouldn't need to, right? Any ideas gratefully received!
Pages1