1
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
24.7, 24.10 Production Series / Re: Kernel 24.7.8 Issues
« on: November 14, 2024, 02:09:22 pm »
Same here but no answer/fix.
3
24.7, 24.10 Production Series / Re: Issue with NAT Rule Description and "Default deny / state violation rule" Label
« on: November 07, 2024, 07:29:07 am »
Sadly to say, i have the same issue but no solution.
The Firewall live view (Labels) are simply wrong displayed.
The Firewall live view (Labels) are simply wrong displayed.
4
24.7, 24.10 Production Series / Re: [SOLVED] Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 30, 2024, 10:36:00 am »
deleted
5
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 29, 2024, 12:15:32 pm »
It turned out that the auto-generated rules cause this issue.
Hopefully it will fixed soon.
Hopefully it will fixed soon.
6
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 25, 2024, 01:09:42 pm »
Just another nonsense, similar rule.
7
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 25, 2024, 12:52:31 pm »
Screenshot here (just one example),
This is a NAT Rule for incoming HTTPS-Traffic to an internal reverse proxy.
This rule is labelled as "Allow Proxy external HTTPS Access".
But instead it shows a completely wrong label.
This is a NAT Rule for incoming HTTPS-Traffic to an internal reverse proxy.
This rule is labelled as "Allow Proxy external HTTPS Access".
But instead it shows a completely wrong label.
8
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 25, 2024, 12:35:26 pm »no such issue on 24.7.7 here. Changed rules recently?
No, only updating OPNsense. Also found it in CE 24.7.6.
To be sure, logging for these rules must be enabled.
And yes, some portforwarding is also required.
9
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 25, 2024, 12:14:54 pm »I just checked this on my unit CE 24.7.7 and I don't see this behavior.
Thanks for the info.
I checked this on a few firewalls, the problem exists everywhere.
I think this issue belongs to the auto-generated rules.
10
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7)
« on: October 25, 2024, 11:28:43 am »
Does not help, also after rebooting, issue persists.
Just for info, this issue also persists in the community edition OPNsense 24.7.7-amd64
Just for info, this issue also persists in the community edition OPNsense 24.7.7-amd64
11
24.7, 24.10 Production Series / Re: Incorrect rule labels assigned in firewall live view (24.10_7)
« on: October 25, 2024, 10:40:41 am »By labels you mean the descriptions used by rules?
And what do you mean wrong? How they are wrong?
Yes, the description and if it is blocked or not, completely wrong.
For example, i have a rule that should allow something (with description/label), the firewall live view shows a wrong (other) rule and blocked instead of allowed, and vice versa.
Hopefully this is only a display-issue. This is a OPNsense-HA-Cluster in a datacenter, so when I saw that, I had a heart attack first.
We have alot of OPNsense´s out there, that´s the first time i saw this.
12
24.7, 24.10 Production Series / Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
« on: October 25, 2024, 10:13:35 am »
Since upgrade to OPNsense 24.10_7-amd64 Business Edition, the labels in the firewall live view are completely wrong. Is there any known issue?
Hopefully this is only a display issue?
EDIT: issue persists also on community edition 24.7.7
Hopefully this is only a display issue?
EDIT: issue persists also on community edition 24.7.7
13
German - Deutsch / Re: Mehr als 255 VHIDs bei CARP?
« on: June 25, 2024, 03:02:59 pm »Das Sense nicht ideal im Thema Routing sind, sehen wir immer wieder, wenn es z.B. um VoIP und ähnliches zeitkritisches geht
Ist zumindest mir neu, in unserem RZ wäre mir da nichts davon aufgefallen...
14
German - Deutsch / Re: Mehr als 255 VHIDs bei CARP?
« on: June 25, 2024, 02:51:18 pm »
VHID LAN- oder WAN-Seitig?
15
German - Deutsch / Re: WAN DHCP kein reconnect wenn Cable-Modem neu startet oder kurz ausfällt
« on: May 17, 2024, 10:27:02 am »
@mooh
Der ISP vergibt immer die gleiche Adresse, je nach Anschluss eben das dazugehörige Netz.
Den Fall, den du schilderst deckt sich mit meinen.... Lease noch gültig... Fühlt sich so an als würde der Provider zufallsbasiert aufhören zu routen, warum auch immer.
Wir haben je nach Location mit unterschiedlichsten Providern zutun (EU), daher ist es gerne mal ein Abenteuer.
Bisher war es bei Businessanschlüssen immer ein statisch zu konfigurierendes WAN, neuerdings (durch Fiber etc.) mehr und mehr über DHCP.
Letztes Abenteuer: Der Provider setzt einen ping via dessen Gateway auf die OPNSense, antwortet diese nicht (default), bricht das Providerseitige Routing ab. Da muss man erstmal draufkommen.
Was Kundenerziehung angeht, da rede ich lieber nicht drüber
Der ISP vergibt immer die gleiche Adresse, je nach Anschluss eben das dazugehörige Netz.
Den Fall, den du schilderst deckt sich mit meinen.... Lease noch gültig... Fühlt sich so an als würde der Provider zufallsbasiert aufhören zu routen, warum auch immer.
Wir haben je nach Location mit unterschiedlichsten Providern zutun (EU), daher ist es gerne mal ein Abenteuer.
Bisher war es bei Businessanschlüssen immer ein statisch zu konfigurierendes WAN, neuerdings (durch Fiber etc.) mehr und mehr über DHCP.
Letztes Abenteuer: Der Provider setzt einen ping via dessen Gateway auf die OPNSense, antwortet diese nicht (default), bricht das Providerseitige Routing ab. Da muss man erstmal draufkommen.
Was Kundenerziehung angeht, da rede ich lieber nicht drüber