Messages

The timing is unfortunate. We decided to hotfix this for business users later today. The full batch of SA's includes more changes to pf than necessary (or even relevant to us) so this it has to wait for 26.1.6 or you can build a kernel from https://github.com/opnsense/src/commits/stable/26.1/ directly which has all the commits.


Cheers,
Franco

updated business appliance

thank you for keeping us secured

did you set the MTU on the interface you created for the wireguard tunnel? 

1400 seems to work good for my needs.

then  "Go to Firewall ‣ Settings ‣ Normalization and add a new rule to prevent fragmentation of traffic going through the wireguard tunnel." https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html  clamp MSS to 1360

I have edited my earlier reply with my configuration details to include my current settings for normalization.

opnsense manual says mss needs to be 40 below MTU.
yours seems way too low

better link:  https://docs.opnsense.org/manual/how-tos/wireguard-client.html

did you set the MTU on the interface you created for the wireguard tunnel?   

1400 seems to work good for my needs.

then  "Go to Firewall ‣ Settings ‣ Normalization and add a new rule to prevent fragmentation of traffic going through the wireguard tunnel." https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html   clamp MSS to 1360

To be hotfixed within the hour as 25.10.2_4


Cheers,
Franco

beer shake.  thank you Franco

tun-mtu 1500
fragment 1300
mssfix 1200
Without those enhancements what do you get?


Even using the new instances with opnsense and my provider I can get better speeds than yours

I don't do any tweaking though

updated to latest business  OPNsense 25.10.2_3-amd64

I use this feature a lot but now when I click block domain.  I instantly get an error.   but it appears it does go to the blocklist and is blocked.    under unbound logs I am not seeing anything there

reporting > unbound dns >  click red circle with X through it

oh wait.  I got a crash report I submitted it through the gui interface

you mean unbound- advanced area correct?

No - I mean within the Security --> Q-feeds Connect --> Events tab

That's what you posted in your first screenshot?

This is empty on the latest business edition and community edition
The dashboard plugin show blocked increasing
Events is empty for both versions of Opnsense



UPDATE
For the latest opnsense business edition   I readded both feeds using the api key to the advanced unbound blocklist.

Went into the plugin and turned OFF  register domain feeds in  the plugin.   I am now getting events?     
Is anyone else having this issue?

Should events be populating?

Do you have logging enabled? If I turn off logging, then I don't see any events in that tab just like you even though the number in the widget increases. I normally have logging off to prevent wear on my eMMC memory which is were the logs are written on my Protectli host.

I don't on production or a test firewall
When I was using qfeeds community on the other box I didn't have logging enabled and this populated. I am guessing it's the update within the past few days

you mean unbound- advanced area correct?

3rd

2nd attachment

Should events be populating?

I could not add all three pictures to one post even after resizing

Troubleshooting:
Uninstalled and reinstalled the plugin.
Reapplied both sets of lists, restarted unbound
Rebooted the firewall.
I just installed the community version today

I know it can be done from listening interfaces.   Has anyone come up with a creative way to block access to the router login page?

Everything I've tried from YouTube isn't working or exactly what I am trying to do

As a now plus customer / business opnsense user.

Very nice, I thought it was just a mobile browser change. Wrong!

Looking forward to April when I can get the latest qfeeds plugin installed

had someone previously been changing snapshot settings?

being honest i did something similar, it ended up being i did not understand how snapshots worked. and i rebooted to a previous snapshot without current settings
Business user licensed for the past 3 years, not that it matters

top right of plugins.  there is a community check mark i think its listed as

it will show significantly more apps