Messages

I am seeing many blocks, all to the WAN interface but not a single block from the LAN. Is this normal behaviour or is there something I messed up?

Because a packet from a host on the LAN network is coming IN to the firewall through the LAN interface. IN and OUT are from the interface point of view.

Thanks Patrick!

Security: Q-Feeds Connect: Events shows every event twice. Also, the interface column is empty.

(Sorry if this is a known issue, just started testing Q-Feeds and didn't read all 200+ comments.)

You cannot view this attachment.

I am seeing the same, no interface and every event twice.

Hello, excuse me if this is a stupid question but can you please explain why for the LAN firewall rule the direction is IN?

Thanks!

Hello,

Ran a security on my OPNsense running the 25.7.5 and received the following:


"***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.7.5 (amd64) at Thu Oct  9 13:17:25 ADT 2025
Fetching vuln.xml.xz: .......... done
mongodb70-7.0.16_1 is vulnerable:
  MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior
  CVE: CVE-2025-6706
  WWW: https://vuxml.freebsd.org/freebsd/5e64770c-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- may be susceptible to privilege escalation due to $mergeCursors stage
  CVE: CVE-2025-6713
  WWW: https://vuxml.freebsd.org/freebsd/77dc1fc4-5bc5-11f0-834f-b42e991fc52e.html

  mongodb -- MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
  CVE: CVE-2025-10060
  WWW: https://vuxml.freebsd.org/freebsd/6d16b410-a2ca-11f0-8402-b42e991fc52e.html

  MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
  CVE: CVE-2025-6710
  WWW: https://vuxml.freebsd.org/freebsd/59ed4b19-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication
  CVE: CVE-2025-6709
  WWW: https://vuxml.freebsd.org/freebsd/5b87eef6-52aa-11f0-b522-b42e991fc52e.html

  mongodb -- Malformed $group Query May Cause MongoDB Server to Crash
  CVE: CVE-2025-10061
  WWW: https://vuxml.freebsd.org/freebsd/a5395e02-a2ca-11f0-8402-b42e991fc52e.html

  MongoDB -- Race condition in privilege cache invalidation cycle
  CVE: CVE-2025-6707
  WWW: https://vuxml.freebsd.org/freebsd/5cd2bd2b-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- Incomplete Redaction of Sensitive Information in MongoDB Server Logs
  CVE: CVE-2025-6711
  WWW: https://vuxml.freebsd.org/freebsd/72ddee1f-5bc5-11f0-834f-b42e991fc52e.html

  MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
  CVE: CVE-2025-6714
  WWW: https://vuxml.freebsd.org/freebsd/79251dc8-5bc5-11f0-834f-b42e991fc52e.html

  mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query
  CVE: CVE-2025-10059
  WWW: https://vuxml.freebsd.org/freebsd/4329e3bd-a2ca-11f0-8402-b42e991fc52e.html

10 problem(s) in 1 installed package(s) found.
***DONE***

Anything to be concerned about?

Hello, if possible, I would like to try this out as well. Cheers!

+1

Not an answer but just wondering how you updated to RC2? Thanks!

Thank you!

Poor opnsense-patch. I think you need to go to /usr/local/etc/opnsense-update.conf and replace "%%CORE_ARCH%%" with "amd64". Sorry.


Cheers,
Franco

Is this manual change still needed or has it been corrected in the upgrade?

Good day,
I just setup a Wireguard server on my OPNsense. Then used the Peer generator to create my client config and copied the config into the Wireguard App on my phone. Everything seems to be working well but I am seeing Errors In on OPNsense Interface Statistics and none on the outbound. What could be the cause of the errors?
Thanks for any help.

Just curious, how many folks out there are using Automatic Firmware Updates? For those who are, have you encountered any problems? For those that aren't, why not? Thanks!

UFS does not use copy on write. If you are worried about uneven drive wear because of logging you either need to switch to ZFS or configure a central logging server

Is the only way to switch to ZFS a complete reinstall?

you're fine - ZFS is a copy on write system https://en.wikipedia.org/wiki/Copy-on-write

I am using UFS, would that be any different?

Good day,

Just wondering how the logging retention affects the hard drive. I am currently keeping logs for seven days and I am not sure if, after the logs are flushed and a new seven day log starts, the same part of the drive is being written to for each seven day retention?

Thanks for any assistance.