Messages

Latest ports update for crowdsec will hit 26.1.2. We had to freeze ports for the release procedure of 26.1 to avoid last minute surprises and 26.1.1 was "rushed" out for OpenSSL/Python which should have been in 26.1 but would have "exploded" the 26.1 release timeline. ;)


Cheers,
Franco

As usual, your prompt response is appreciated and on point!  Thx Franco and have a great weekend in advance . . .

Just wondering about Crowdstrike updates - do we have to wait until the plugin maintainer updates the plugin or is there another way?

BTW - Updated to rules(New) and all is well ;-)

Feel free to wait a bit. 26.1.1 brings a lot of immediate feedback improvement and a few fixes. It will get even better in later 26.1.x IMO.


Cheers,
Franco

Now I upgraded to 26.1.1 - looking fine . . . Before I migrate the rules, just one last question - Besides the presentation (GUI) changes on the new Rules interface - are there any other benefits (performance, logic, etc) to migrate from old rules ??

Thx and keep up the great work!

Just wanted to report another successful upgrade from GUI to 26.1_4 from 25.7.11_9 on a home lab Proxmox VM instance . . . I decided to keep ISC DHCP for now, but not sure about converting to new ruleset GUI (Tried in a test instance with simple install and all worked well)

My rules are not very complex, although I have multiple VLANs and setup Firehole many moons ago as floating rules - so worried about breakage.

Should I wait a bit or take the plunge with new rules ??  Fun thing, with snapshots and VM backups - can always revert ;-)

Great update!  Many Thanks . . . and congrats!

With Zenarmor in your list I would recommend waiting for 26.1.1 next week just to be sure. You can keep ISC-DHCP for the foreseeable future. I'm certainly guilty of it too.  ;)

If you want to migrate to Dnsmasq you can do it in 26.1.x or 26.7.x. ISC-DHCP won't be gone in 2027 if things continue as normal but it's likely going to drop to community plugin status by then.


Cheers,
Franco

Thanks Franco for the prompt response!  Filed under "good to know" ;-)  Have a great weekend in advance!

Happy belated New Year - and Happy Friday on top!  Firstly, congrats on 26.1 !  Looking good . . .

Question about upgrading from OPNsense 25.7.11_9-amd64 - I have a virtual instance running under Proxmox - quite smoothly I might add for some time.  Took me a while to configure multiple VLANs, Zenarmor, Unbound, Netbird and ISC DHCP that everything works, but once all set up - has been very stable (even after multiple upgrades over the last 16 months)

I'm a bit nervous about the ISC DHCP changeover to DNSMasq - not just because of many static leases (saw Network Guy article which I've tested on a test instance - worked well)

My question is, for a relatively small HomeLab environment - Should I just upgrade to 26.1 and keep ISC DHCP as a plugin??  Any downsides to keeping ISC moving forward?

If I do choose to change to DNSMasq, should I do it BEFORE or AFTER the 26.1 upgrade ?!?

The old saying of "Don't touch a running system" always comes to mind in this scenario :-)

Thanks in advance and once again, Congrats on the new release!

Quick update - for kicks, I changed to development branch - did the Update - then installed netbird plugin - the changed back to community branch and netbird development plugin stays installed ;-)  Strange way to test a single plugin, but better than nothing . . .

Understood - Thx.  Any timeline when it goes into stable community?

Go to Firmware and change from Community to Development.

Install all updates.

Afterwards go to plugins and you can find a os-netbird-devel if you check the show community plugins checkbox.

Thanks! But that means I need to run development tree - so there is no way to just install that one plugin under community release??

I'd like to get netbird running on my 25.7 box - but the plugin is not in the community repo - after some research, I found it here: https://github.com/opnsense/plugins/tree/master but not sure how to get it installed ?!?

Any tips would be welcome!

what happens with the ISC DHCP services

Nothing, really. ISC DHCP4 is still part of 25.7.

Understood - so even though DNSMasq DHCP is standard in 25.7 when using the setup wizard, if you import an older 25.1 backup file which had ISC it will then activate ISC just like before . . . no conflict with DNSMaq . . .

Quick question - if I have 4 different VLANs and ISC DHCP currently configured and working in 25.1 - save a backup of the config - then install a fresh instance of 25.7 and import the 25.1 config - what happens with the ISC DHCP services ?? Do they get automatically translated into DNSMasq DHCP ? Or should the backup be imported without DHCP and manually configure DNSMasq?

Thx in advance!

If I manually start the ddclient from the console, seems to work fine:  ddclient -daemon=0 -debug -verbose -noquiet

Under general settings I have the interval set to default 300 seconds - but there are no automatic updates being performed - nothing in the logs except the manual updates ?!?

The native backend doesn't use ddclient.conf nor ddclient itself. Look at /usr/local/etc/ddclient.json instead.

I know it's confusing. Maybe one day we will even remove the ddclient backend or split the plugins into two.


Cheers,
Franco

Gotcha !  So when I choose "native" backend - it clears out the ddclient.conf - and doesn't work.

When I change backend back to ddclient - it seems to keep my ddclient.conf after hitting apply. Only thing is, I don't see it updating automatically (respecting the 300 second default interval) . . . shouldn't I see an update attempt every 5 minutes in the ddclient logs ??

 

That is to be expected since each apply will generate the complete configuration file with the information found in the config.xml.

Huh? Maybe I'm not explaining this correctly.  If I use the GUI under Dynamic DNS to create a DynDNS account configuration using native backend - and save it using apply, it doesn't work.  When I look at the resulting ddclient.conf I see only:

root@FoxOPN:/usr/local/etc # cat ddclient.conf
syslog=yes                  # log update msgs to syslog
pid=/var/run/ddclient.pid   # record PID in file.

Which doesn't show the items I placed in the GUI under accounts like login, password, ssl, etc.

Is the ddclient.conf being generated on the fly together with the config.xml settings?  I don't get it . . .