Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Donbruno

Pages1
#1
German - Deutsch / Re: nach dem Update 25.1.7_4 keine WEB UI
June 08, 2025, 02:02:29 PM
ok diese Page die dargstellt wird, befindet sich im Verzeichnis vom NGINX...

#2
German - Deutsch / Re: nach dem Update 25.1.7_4 keine WEB UI
June 08, 2025, 01:43:10 PM
Quote from: Donbruno on June 08, 2025, 01:18:34 PMhabs eingetragen und gerebootet... gleicher effekt...

kann man den einzelne Dienste in der Konsole stoppnen?

Code Select
root@fw:~ # service -e
/usr/local/etc/rc.d/syslog-ng
/etc/rc.d/hostid
/etc/rc.d/hostid_save
/etc/rc.d/kldxref
/etc/rc.d/var_run
/etc/rc.d/devmatch
/etc/rc.d/cleanvar
/etc/rc.d/rctl
/etc/rc.d/ip6addrctl
/etc/rc.d/mixer
/etc/rc.d/netif
/etc/rc.d/devd
/etc/rc.d/resolv
/etc/rc.d/virecover
/etc/rc.d/newsyslog
/etc/rc.d/dmesg
/etc/rc.d/gptboot
/etc/rc.d/motd
/etc/rc.d/os-release
/etc/rc.d/syslogd
/usr/local/etc/rc.d/oscrowdsec
/etc/rc.d/savecore
/usr/local/etc/rc.d/dnscrypt-proxy
/usr/local/etc/rc.d/eastpect
/usr/local/etc/rc.d/acme_http_challenge
/usr/local/etc/rc.d/suricata
/etc/rc.d/utx
/etc/rc.d/cron
/usr/local/etc/rc.d/ddclient
/usr/local/etc/rc.d/crowdsec
/usr/local/etc/rc.d/nginx
/usr/local/etc/rc.d/php_fpm
/etc/rc.d/bgfsck
/usr/local/etc/rc.d/crowdsec_firewall
#3
German - Deutsch / Re: nach dem Update 25.1.7_4 keine WEB UI
June 08, 2025, 01:18:34 PM
habs eingetragen und gerebootet... gleicher effekt...

kann man den einzelne Dienste in der Konsole stoppnen?
#4
German - Deutsch / nach dem Update 25.1.7_4 keine WEB UI
June 08, 2025, 12:23:55 PM
Hallo,

nach dem ich ein Update auf  OPNsense 25.1.7_4 durchgeführt habe, geht meine Web UI nicht mehr.

es kommt auf https://192.168.178.1/index.php -- >
Code Select
Server Error Sorry, but something went wrong on our side. There is nothing you can do except waiting until we fix the issue.
auf fw.xxx.xx internes Routing auf nginx, kommt gar nichts, nicht erreichbar. Die Zertificate sind über letsencryped gemacht. und weiterleitung von http auf https

auf der Serial Konsole kommt, beim Neustart der Dienste:

Code Select

Writing firmware settings: FreeBSD OPNsense SunnyValley
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: No changes to trust store were made.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring cron...done.
Setting timezone: Europe/Berlin
Setting hostname: xxxxxxxxxxxxxxx
Generating /etc/resolv.conf...done.
Generating /etc/hosts...done.
Configuring loopback interface...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring LAN interface...done.
Configuring WLAN interface...done.
Configuring wg1 interface...done.
Configuring WAN interface...done.
Setting up routes...done.
Setting up gateway monitor...done.
Configuring firewall.......done.
Starting DHCPv4 service...done.
Starting NTP service...done.
Starting Unbound DNS...done.
Starting web GUI...done.
Syncing OpenVPN settings...done.
Configuring WireGuard VPN...done.
Stopping crowdsec_firewall.
Stopping ddclient.
Waiting for PIDS: 11484.
Stopping crowdsec.
Waiting for PIDS: 38223.
Stopping php_fpm.
Waiting for PIDS: 98676.
Stopping nginx.
Waiting for PIDS: 95260.
Stopping acme_http_challenge.
Waiting for PIDS: 84738.
Stopping suricata.
Waiting for PIDS: 65654983.246009 [ 294] generic_netmap_unregister Emulated adapter for wg1 deactivated
983.253829 [1072] generic_netmap_dtor       Emulated netmap adapter for wg1 destroyed
983.334633 [ 294] generic_netmap_unregister Emulated adapter for pppoe1 deactivated
983.342694 [1072] generic_netmap_dtor       Emulated netmap adapter for pppoe1 destroyed
.
Stopping dnscrypt_proxy.
Waiting for PIDS: 42411, 42411.
Stopping eastpect.
Waiting for PIDS: 51924.
No matching processes were found
crowdsec not running? (check /var/run/crowdsec_daemon.pid).
crowdsec_firewall is not running.
Loaded: 141 parsers, 10 postoverflows, 761 scenarios, 8 contexts, 4 appsec-configs, 114 appsec-rules, 139 collections
Starting crowdsec.
Starting eastpect.
dnscrypt_proxy already running?  (pid=27807).
Starting suricata.
Info: conf-yaml-loader: Including configuration file installed_rules.yaml.
Info: conf-yaml-loader: Configuration node 'rule-files' redefined.
Info: conf-yaml-loader: Including configuration file custom.yaml.
rmdir: /var/etc/acme-client/home/deploy: Not a directory
rmdir: /var/etc/acme-client/home/dnsapi: Not a directory
rmdir: /var/etc/acme-client/home/notify: Not a directory
Starting acme_http_challenge.
sh: /usr/local/etc/rc.d/php-fpm: not found
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx.
Performing sanity check on php-fpm configuration:
[08-Jun-2025 12:19:51] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful
Starting php_fpm.
crowdsec already running?  (pid=3298).
Starting ddclient.
crowdsec_firewall already running?  (pid=8175).



ein ping an 8.8.8.8 geht raus...

Kann mir da einer helfen?

Gruß
Bruno

#5
General Discussion / Re: which filterlists aka spamhaus do you use?
March 07, 2025, 10:43:08 AM
Quote from: Patrick M. Hausen on March 07, 2025, 10:16:30 AMI use FireHOL level 1, 2 and 3.

but it is only ipv4 right?
#6
General Discussion / which filterlists aka spamhaus do you use?
March 07, 2025, 09:58:33 AM
Hello

which alias/ filterlist aka, spamhaus, do you use for IPv6?

I use geoip too.

Which list are "good"?

greetings
Thomas
#7
General Discussion / Re: Outside access via IPv4 NAT or IPv6 natively possible?
March 07, 2025, 09:56:52 AM
ok it works.

thx...:-)
#8
General Discussion / Outside access via IPv4 NAT or IPv6 natively possible?
March 06, 2025, 07:16:33 PM
Hello OPNsense community,

this question has probably been asked many times :-( but I can't find the right answer.

My problem:

I got a new internet provider, Telnet, that only provides IPv4 via NAT and IPv6 natively.

I used to be able to use ddclient normally and access my internal network via wireguard and use my
HA. Since the changeover, of course, it no longer works.

"The IPv4 address that can be made available on your connection is a so-called private IPv4 address, which is provided via the Carrier Grade NAT
process. The IPv6 address is currently native for us."

Is there a solution for something like this?

A fixed IP with Telnet costs me 25 euros more and I get a 7590 with it so that it is firmly "anchored" with them.

Best regards, Thomas
#9
German - Deutsch / Wiregaurd Zugriff über IPv4 NAT oder IPv6 nativ möglich?
March 06, 2025, 04:14:38 PM
Hallo OPNsense Gemeinde,

die Frage ist bestimmt schon öfters gestellt worden :-( nur so richtig finde ich nichts.

Mein Problem:

Neuen Internet Provider Telnet bekommen, die nur IPv4 über NAT und ipv6 nativ zur Verfügung stellen.
Früher konnte ich ganz normal ddclient benutzten und über wireguard auf mein internes Netz zugreifen und mein
HA benutzen. Seit der Umstellung geht es natürlich nicht mehr.

"Die IPv4-Adresse, die an Ihrem Anschluss zur Verfügung gestellt werden kann,
ist eine sogenannte private IPv4-Adresse, welche über das Carrier Grade NAT
Verfahren bereitgestellt wird. Die IPv6-Adresse ist bei uns aktuell nativ."

Gibt es für sowas eine Lösung?

Eine feste IP bei telnet kostet mich 25 Euro mehr und ich bekomme eine 7590 dazu, damit die bei denen fest "verankert" wird.

Beste Grüße
Thomas
#10
German - Deutsch / The upgrade has finished ... --> kommt ständig, passiert aber nichts
April 19, 2023, 05:50:17 PM
Hallo Forum,

ich habe die Version OPNsense 23.1.5_4-amd64 und jedes mal, wenn ich update klicke, bekomme ich

"The upgrade has finished and your device is being rebooted at the moment, please wait.."

und es passiert nichts....

Läuft da was verkehrt?

MfG
bruno
Pages1