"
tks!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: PowerShell script to assist with ISC DHCP to DNSMasq DHCP migration
June 15, 2025, 06:50:03 AM #2
General Discussion / Re: PowerShell script to assist with ISC DHCP to DNSMasq DHCP migration
June 15, 2025, 02:01:47 AM
Now can you ELI5 how to get around the error?
Networking and Windows in general, I'm pretty good at. Powershell is a whole new realm to me :-D
Get-ExecutionPolicy shows "Restricted"
Code Select
Convert-OPNSenseISCDHCPtoDNSMasqDHCP.ps1 cannot be loaded because running scripts is
disabled on this system. For more information, see about_Execution_Policies at
https:/go.microsoft.com/fwlink/?LinkID=135170.Networking and Windows in general, I'm pretty good at. Powershell is a whole new realm to me :-D
Get-ExecutionPolicy shows "Restricted"
#3
25.1, 25.4 Production Series / Re: ACME client - send email after renewal?
May 12, 2025, 06:29:17 AM
You and me both!
#4
25.1, 25.4 Production Series / Re: 25.1.6 dnsmasq failure wg0 interface
May 11, 2025, 01:41:32 AM
Solved.
Thank you.
Thank you.
#5
25.1, 25.4 Production Series / 25.1.6 dnsmasq failure wg0 interface
May 10, 2025, 04:27:14 AM
(Initially posted on Reddit)
Recreated the issue I saw yesterday when upgrading to 25.1.6. Same with 25.1.6_2
I've been using dnsmasq for years. Post upgrade, it wouldn't start:
My wireguard interface is configured as:
VPN_wg0 appears In the list of interfaces in the dnsmasq config dropdown.
Removing and re-adding the VPN-wg0 to dnsmasq allows it to start, but it fails after a reboot with the unknown interface error.
I tried renaming VPN_wg0 to just wg0 (yes, I know, it's just a description). As before, fails at reboot with the same error but manually starting it works.
Now wondering if I need to remove and reinstall wireguard.
Recreated the issue I saw yesterday when upgrading to 25.1.6. Same with 25.1.6_2
I've been using dnsmasq for years. Post upgrade, it wouldn't start:
Code Select
2025-05-10T08:03:57 Critical dnsmasq FAILED to start up
2025-05-10T08:03:57 Critical dnsmasq unknown interface wg0My wireguard interface is configured as:
Code Select
Interfaces: [VPN_wg0]
Basic configuration full help
Enable Enable Interface
Lock Prevent interface removal
Identifier opt10
Device wg0
Description VPN_wg0VPN_wg0 appears In the list of interfaces in the dnsmasq config dropdown.
Removing and re-adding the VPN-wg0 to dnsmasq allows it to start, but it fails after a reboot with the unknown interface error.
I tried renaming VPN_wg0 to just wg0 (yes, I know, it's just a description). As before, fails at reboot with the same error but manually starting it works.
Now wondering if I need to remove and reinstall wireguard.
#6
Tutorials and FAQs / Re: ACME sftp automation
December 28, 2022, 02:40:54 AM
Ok, think I've got it working (well, I got the green "Connection and upload test successful" message)
I didn't take full notes as I've been trying all sorts of things over the last week, but I think this is how I did it ::)
(Intermediate steps may be missing)
I didn't take full notes as I've been trying all sorts of things over the last week, but I think this is how I did it ::)
(Intermediate steps may be missing)
- On the ubuntu box, create a user id (non admin), for opnsense to log into using sftp
- ssh into the firewall and get the contents of /var/etc/acme-client/sftp-config/id.ecdsa.pub
- ssh into the ubuntu box as the id that will be used by opnsense acme for the sftp.
- Add the contents of the id.ecdsa.pub file to the .ssh/authorized_keys file.
- ssh into the firewall as admin account.
- sudo su - to get the opnsense menu
- Option 8 to get the shell
- sftp to the ubuntu box as the id that will be used by opnsense acme for the sftp.
- Enter 'yes' to accept the fingerprint
- On the acme automations gui, create the new automation and select the 'upload certificate via SFTP' Run Command.
- SFTP Host - the host name of the ubuntu box
- Host Key - leave blank
- Username - the id that will be used by opnsense acme for the sftp
- Identity Type - leave as ECDSA
- Remote Path - leave blank.
- Hit 'Save' (possibly overkill)
- Re-edit the automation and hit the 'Test Connection' button
#7
Tutorials and FAQs / ACME sftp automation
December 25, 2022, 05:02:52 AM
Does anyone have simple, step-by-step instructions on getting the sftp automation to work? It's doing my head in. :-\
I just want to upload the new certs to a folder on an Ubuntu box.
Going in circles as to what to put in the 'Host Key' field and what I need to do on the Ubuntu box itself.
User to be used on Ubuntu has been created and I can successfully log in as it via command-line ssh and sftp.
TIA
I just want to upload the new certs to a folder on an Ubuntu box.
Going in circles as to what to put in the 'Host Key' field and what I need to do on the Ubuntu box itself.
User to be used on Ubuntu has been created and I can successfully log in as it via command-line ssh and sftp.
TIA
#8
22.1 Legacy Series / Re: OPNSense, UPS, Nut, SNMP-Driver, SNMPv1 or SNMPv3
July 31, 2022, 07:27:31 AM
I believe it's a MIB issue. Have the mib file, beyond my current skill level to make it work though. :o
#9
22.1 Legacy Series / Re: OPNSense, UPS, Nut, SNMP-Driver, SNMPv1 or SNMPv3
July 20, 2022, 04:02:54 AM
Bashing my head against the wall here.
Followed your instructions (finally, someone who's documented the snmp config process fully)
Config appears ok ie. Nut service is running and diagnostics is showing correctly and updating (tested by switching off the power, input.voltage etc dropped to 0
Trying to avoid a usb connection if I can.
TIA
Followed your instructions (finally, someone who's documented the snmp config process fully)
Config appears ok ie. Nut service is running and diagnostics is showing correctly and updating (tested by switching off the power, input.voltage etc dropped to 0
Quotebattery.charge: 100The System General log file on the other hand is showing errors:
battery.current: 0
battery.runtime: 3780
battery.runtime.elapsed: 0
battery.voltage: 27
battery.voltage.nominal: 24
device.contact: Administrator
device.description: UPS SNMP Card
device.location: [redacted]
device.mfr: CYBERPOWER
device.model: OLS1000ERT2UA
device.serial: [redacted]
device.type: ups
driver.name: snmp-ups
driver.parameter.authProtocol: SHA
driver.parameter.pollinterval: 2
driver.parameter.port: [redacted]
driver.parameter.PrivProtocol: AES
driver.parameter.secLevel: authPriv
driver.parameter.snmp_version: v3
driver.parameter.synchronous: auto
driver.version: 2.8.0
driver.version.data: cyberpower MIB 0.51
driver.version.internal: 1.21
input.frequency: 50
input.voltage: 242.50
output.current: 0
output.frequency: 50
output.voltage: 240
ups.delay.reboot: 0
ups.delay.shutdown: 180
ups.delay.start: 0
ups.firmware: OS02RV11
ups.load: 8
ups.mfr: CYBERPOWER
ups.model: OLS1000ERT2UA
ups.serial: [redacted]
ups.status:
QuoteDate Severity Process LineAny suggestions as to where to look?
2022-07-20T11:56:16 Notice upsmon UPS cyberpower is unavailable
2022-07-20T11:56:11 Notice upsmon Communications with UPS cyberpower lost
2022-07-20T11:56:06 Error upsmon Login on UPS [cyberpower] failed - got [ERR ACCESS-DENIED]
2022-07-20T11:56:06 Warning upsd /usr/local/etc/nut/upsd.users is world readable
2022-07-20T11:56:06 Warning upsd /usr/local/etc/nut/upsd.conf is world readable
2022-07-20T11:56:05 Error snmp-ups [cyberpower] unhandled ASN 0x5 received from .1.3.6.1.4.1.3808.1.1.1.7.2.7.0
2022-07-20T11:54:49 Error upsd mainloop: Interrupted system call
2022-07-20T11:54:49 Error upsmon upsmon parent: read
Trying to avoid a usb connection if I can.
TIA
Pages1
