Messages

Now how do I mark this post a "Solved" ?!?

Edit the Title in your Topic Start Post/Comment :)

Thx - DONE!

Well that was quick - after experimenting around I think I solved it myself - as FYI for those curious, I had Zenarmor configured to use "native netmap" - since forever - after changing to "emulated netmap" it works again . . .

File this under "Good to know" category!  Now how do I mark this post a "Solved" ?!?

Happy Sunday to all . . .

Greetings - just noticed on my 26.1.2 updated virtual instance - seeing flatlines on all internal interfaces in the Reporting > Traffic menu
When I show WAN traffic, it works ?!?  Prior to upgrading from 25.7 and changing to new rules, this was working ??

Netflow cache not showing data (see attached pic)- I tried repairing then resetting the netflow data - no change

YES - I'm running Zenarmor - and when I turn it off - the data seems to flow again (as opposed to last time this happened it didn't help) ?!?

Similar issue as reported in this post:
https://forum.opnsense.org/index.php?topic=45608.msg228098

Any hints what can be done short of uninstalling Zenarmor?

I'm tempted to perform a fresh install and import my config file and take my chances . . . This instance has been updated since I think 23.1 version ?!?

Thx in advance -

Latest ports update for crowdsec will hit 26.1.2. We had to freeze ports for the release procedure of 26.1 to avoid last minute surprises and 26.1.1 was "rushed" out for OpenSSL/Python which should have been in 26.1 but would have "exploded" the 26.1 release timeline. ;)


Cheers,
Franco

As usual, your prompt response is appreciated and on point!  Thx Franco and have a great weekend in advance . . .

Just wondering about Crowdstrike updates - do we have to wait until the plugin maintainer updates the plugin or is there another way?

BTW - Updated to rules(New) and all is well ;-)

Feel free to wait a bit. 26.1.1 brings a lot of immediate feedback improvement and a few fixes. It will get even better in later 26.1.x IMO.


Cheers,
Franco

Now I upgraded to 26.1.1 - looking fine . . . Before I migrate the rules, just one last question - Besides the presentation (GUI) changes on the new Rules interface - are there any other benefits (performance, logic, etc) to migrate from old rules ??

Thx and keep up the great work!

Just wanted to report another successful upgrade from GUI to 26.1_4 from 25.7.11_9 on a home lab Proxmox VM instance . . . I decided to keep ISC DHCP for now, but not sure about converting to new ruleset GUI (Tried in a test instance with simple install and all worked well)

My rules are not very complex, although I have multiple VLANs and setup Firehole many moons ago as floating rules - so worried about breakage.

Should I wait a bit or take the plunge with new rules ??  Fun thing, with snapshots and VM backups - can always revert ;-)

Great update!  Many Thanks . . . and congrats!

With Zenarmor in your list I would recommend waiting for 26.1.1 next week just to be sure. You can keep ISC-DHCP for the foreseeable future. I'm certainly guilty of it too.  ;)

If you want to migrate to Dnsmasq you can do it in 26.1.x or 26.7.x. ISC-DHCP won't be gone in 2027 if things continue as normal but it's likely going to drop to community plugin status by then.


Cheers,
Franco

Thanks Franco for the prompt response!  Filed under "good to know" ;-)  Have a great weekend in advance!

Happy belated New Year - and Happy Friday on top!  Firstly, congrats on 26.1 !  Looking good . . .

Question about upgrading from OPNsense 25.7.11_9-amd64 - I have a virtual instance running under Proxmox - quite smoothly I might add for some time.  Took me a while to configure multiple VLANs, Zenarmor, Unbound, Netbird and ISC DHCP that everything works, but once all set up - has been very stable (even after multiple upgrades over the last 16 months)

I'm a bit nervous about the ISC DHCP changeover to DNSMasq - not just because of many static leases (saw Network Guy article which I've tested on a test instance - worked well)

My question is, for a relatively small HomeLab environment - Should I just upgrade to 26.1 and keep ISC DHCP as a plugin??  Any downsides to keeping ISC moving forward?

If I do choose to change to DNSMasq, should I do it BEFORE or AFTER the 26.1 upgrade ?!?

The old saying of "Don't touch a running system" always comes to mind in this scenario :-)

Thanks in advance and once again, Congrats on the new release!

Quick update - for kicks, I changed to development branch - did the Update - then installed netbird plugin - the changed back to community branch and netbird development plugin stays installed ;-)  Strange way to test a single plugin, but better than nothing . . .

Understood - Thx.  Any timeline when it goes into stable community?

Go to Firmware and change from Community to Development.

Install all updates.

Afterwards go to plugins and you can find a os-netbird-devel if you check the show community plugins checkbox.

Thanks! But that means I need to run development tree - so there is no way to just install that one plugin under community release??

I'd like to get netbird running on my 25.7 box - but the plugin is not in the community repo - after some research, I found it here: https://github.com/opnsense/plugins/tree/master but not sure how to get it installed ?!?

Any tips would be welcome!

what happens with the ISC DHCP services

Nothing, really. ISC DHCP4 is still part of 25.7.

Understood - so even though DNSMasq DHCP is standard in 25.7 when using the setup wizard, if you import an older 25.1 backup file which had ISC it will then activate ISC just like before . . . no conflict with DNSMaq . . .

Quick question - if I have 4 different VLANs and ISC DHCP currently configured and working in 25.1 - save a backup of the config - then install a fresh instance of 25.7 and import the 25.1 config - what happens with the ISC DHCP services ?? Do they get automatically translated into DNSMasq DHCP ? Or should the backup be imported without DHCP and manually configure DNSMasq?

Thx in advance!