1
23.1 Legacy Series / Re: 23.1.7_3 Unbound starting error due to special characters in hostname
« on: June 11, 2023, 11:52:39 am »
filing a bug report will increase the change to be addressed.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
General Discussion / Re: Unbound DNSBL on selection of interfaces?
« on: April 05, 2023, 08:38:06 pm »
You already found my bug report if i am correct.
https://github.com/opnsense/core/issues/5712#issuecomment-1495674768
https://github.com/opnsense/core/issues/5712#issuecomment-1495674768
3
General Discussion / Re: OPNsense no longer saves changes
« on: April 02, 2023, 10:04:39 am »
Did your recently update (or made suspicious changes) or started this out of the blue?
4
General Discussion / Re: Advantages OPNsense (23.1.3) vs PFsense (23.01)
« on: March 14, 2023, 09:00:59 pm »
From a more technical POV. OPNsense devs working years to move the codebase to MVC. How well is pfSense faring? Is that addressed at all, or are they refactoring (only?) in the "+" version? I did not follow that exactly, but my gut feeling was that they wanted to start from "scratch". (which is not bad per se).
Also it is still unclear to me what parts are "open" and "close source". Is it open source with some closed source modules (usually enterprise stuff). So more like "Untangle".
Anyway, pfsense did a terrible way communicating the road ahead.
Also it is still unclear to me what parts are "open" and "close source". Is it open source with some closed source modules (usually enterprise stuff). So more like "Untangle".
Anyway, pfsense did a terrible way communicating the road ahead.
5
General Discussion / Re: Advantages OPNsense (23.1.3) vs PFsense (23.01)
« on: March 13, 2023, 08:51:27 pm »Changing BE is also possible on OPNsense using bectl command. I always create BE before doing updates or minor config changes for simple rollbacks if needed. Using bemanager you can also export BE to other locations so that it can be use as full bare metal backup
Is there a guide for this?
6
General Discussion / Re: This Forum: unread posts incorrect?
« on: March 09, 2023, 09:00:29 pm »
That sounds plausible! It is subtracting the currently read items. Will verify the next time.
7
General Discussion / This Forum: unread posts incorrect?
« on: March 09, 2023, 06:57:40 pm »
Question: More people with the same issue?
I regularly use the "Show unread posts since last visit." I notice that i get more pages than actually exists. So the 4th page are really the same items like page 3.
I regularly use the "Show unread posts since last visit." I notice that i get more pages than actually exists. So the 4th page are really the same items like page 3.
8
General Discussion / Re: DNS to local address
« on: March 08, 2023, 08:16:09 pm »
note, your example is a external domain, like : forum.opnsense.org. So it tries to resolve on the internet (gateway).
Is a private domain also an option? like "opnsense.local" or "opnsense.lan"?
In the other case i think you also have to take a look at "reflection". (https://docs.opnsense.org/manual/nat.html)
Is a private domain also an option? like "opnsense.local" or "opnsense.lan"?
In the other case i think you also have to take a look at "reflection". (https://docs.opnsense.org/manual/nat.html)
9
23.1 Legacy Series / Re: unbranded Android devices cannot acccess google service
« on: March 04, 2023, 12:39:27 pm »
Sure you did not enable some DNSBL lists? (dns sinkhole).
nslookup googleadservices.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: googleadservices.com
Address: 0.0.0.0
nslookup googleadservices.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: googleadservices.com
Address: 0.0.0.0
10
23.1 Legacy Series / Re: Cannot access whatsapp web
« on: March 04, 2023, 12:38:00 pm »
Sure you did not enable some DNSBL lists? (dns sinkhole)
11
General Discussion / Re: enabling / disabling intrusion detection resets ip addresses
« on: March 03, 2023, 10:27:52 pm »
It is quite common to give network devices hard static ip's (outside of the DHCP range. Usually reserve .2-20 for this).
If you want DHCP *but* always the same IP's you can use MAC address mappings in OPNsense. (not really sure, but i do these also outside of the DHCP scope.
So, example
192.168.1.2 -> 192.168.1.20 (reserved static network devices)
192.168.1.20 - > 192.168.1.200 (my own MAC mappings)
192.168.1.201 -> 192.168.1.254 (random devices like guest devices)
If you want DHCP *but* always the same IP's you can use MAC address mappings in OPNsense. (not really sure, but i do these also outside of the DHCP scope.
So, example
192.168.1.2 -> 192.168.1.20 (reserved static network devices)
192.168.1.20 - > 192.168.1.200 (my own MAC mappings)
192.168.1.201 -> 192.168.1.254 (random devices like guest devices)
12
23.1 Legacy Series / Re: Have to reset firewall state every night
« on: March 03, 2023, 10:20:45 pm »
Well, we use a "free" product. The developers can only fix this if you figure out how to reproduce the issues. (or you can to inspect other reported bugs if someone else already did).
13
23.1 Legacy Series / Re: Alias name restriction (Firewall:Alias)
« on: March 03, 2023, 10:16:04 pm »
It seems the regex is incorrect. You can file a bug here https://github.com/opnsense/core/issues
14
23.1 Legacy Series / Re: Exception on unbound blocklist
« on: March 01, 2023, 11:00:14 pm »
Yes, you can enter multiple entries.
type: "googleadservices.com" followed by <ENTER> key.
It is crap user interface design. TrueNAS is also using this and this makes it crap to copy paste multiple entries.
type: "googleadservices.com" followed by <ENTER> key.
It is crap user interface design. TrueNAS is also using this and this makes it crap to copy paste multiple entries.
15
23.1 Legacy Series / Re: Exception on unbound blocklist
« on: March 01, 2023, 07:41:55 pm »
Add it to "Whitelist Domains" and make sure to restart the client (or do a dns flush)