"Quote from: yeraycito on January 16, 2026, 04:09:26 PMBy default, discovery is configured on all interfaces. I tried restricting it to LAN only, but the service stops and won't restart. If I switch it back to all interfaces, it works without problems.I am seeing the same. I tried restricting it to LAN and Wireguard and the service stops and won't restart.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
25.7, 25.10 Series / Re: 25.7.11_1 host discovery issue
January 16, 2026, 11:50:55 PM #2
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 18, 2025, 12:16:11 AM
I am seeing many blocks, all to the WAN interface but not a single block from the LAN. Is this normal behaviour or is there something I messed up?
#3
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 13, 2025, 07:42:36 PMQuote from: Patrick M. Hausen on October 13, 2025, 06:56:43 PMBecause a packet from a host on the LAN network is coming IN to the firewall through the LAN interface. IN and OUT are from the interface point of view.Thanks Patrick!
#4
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 13, 2025, 07:40:42 PMQuote from: Maurice on October 13, 2025, 07:13:55 PMSecurity: Q-Feeds Connect: Events shows every event twice. Also, the interface column is empty.I am seeing the same, no interface and every event twice.
(Sorry if this is a known issue, just started testing Q-Feeds and didn't read all 200+ comments.)
You cannot view this attachment.
#5
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 13, 2025, 06:49:42 PM
Hello, excuse me if this is a stupid question but can you please explain why for the LAN firewall rule the direction is IN?
Thanks!
Thanks!
#6
Zenarmor (Sensei) / OPNsense Security Audit
October 09, 2025, 06:27:08 PM
Hello,
Ran a security on my OPNsense running the 25.7.5 and received the following:
"***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.7.5 (amd64) at Thu Oct 9 13:17:25 ADT 2025
Fetching vuln.xml.xz: .......... done
mongodb70-7.0.16_1 is vulnerable:
MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior
CVE: CVE-2025-6706
WWW: https://vuxml.freebsd.org/freebsd/5e64770c-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- may be susceptible to privilege escalation due to $mergeCursors stage
CVE: CVE-2025-6713
WWW: https://vuxml.freebsd.org/freebsd/77dc1fc4-5bc5-11f0-834f-b42e991fc52e.html
mongodb -- MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
CVE: CVE-2025-10060
WWW: https://vuxml.freebsd.org/freebsd/6d16b410-a2ca-11f0-8402-b42e991fc52e.html
MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
CVE: CVE-2025-6710
WWW: https://vuxml.freebsd.org/freebsd/59ed4b19-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication
CVE: CVE-2025-6709
WWW: https://vuxml.freebsd.org/freebsd/5b87eef6-52aa-11f0-b522-b42e991fc52e.html
mongodb -- Malformed $group Query May Cause MongoDB Server to Crash
CVE: CVE-2025-10061
WWW: https://vuxml.freebsd.org/freebsd/a5395e02-a2ca-11f0-8402-b42e991fc52e.html
MongoDB -- Race condition in privilege cache invalidation cycle
CVE: CVE-2025-6707
WWW: https://vuxml.freebsd.org/freebsd/5cd2bd2b-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- Incomplete Redaction of Sensitive Information in MongoDB Server Logs
CVE: CVE-2025-6711
WWW: https://vuxml.freebsd.org/freebsd/72ddee1f-5bc5-11f0-834f-b42e991fc52e.html
MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
CVE: CVE-2025-6714
WWW: https://vuxml.freebsd.org/freebsd/79251dc8-5bc5-11f0-834f-b42e991fc52e.html
mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query
CVE: CVE-2025-10059
WWW: https://vuxml.freebsd.org/freebsd/4329e3bd-a2ca-11f0-8402-b42e991fc52e.html
10 problem(s) in 1 installed package(s) found.
***DONE***
Anything to be concerned about?
Ran a security on my OPNsense running the 25.7.5 and received the following:
"***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.7.5 (amd64) at Thu Oct 9 13:17:25 ADT 2025
Fetching vuln.xml.xz: .......... done
mongodb70-7.0.16_1 is vulnerable:
MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior
CVE: CVE-2025-6706
WWW: https://vuxml.freebsd.org/freebsd/5e64770c-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- may be susceptible to privilege escalation due to $mergeCursors stage
CVE: CVE-2025-6713
WWW: https://vuxml.freebsd.org/freebsd/77dc1fc4-5bc5-11f0-834f-b42e991fc52e.html
mongodb -- MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
CVE: CVE-2025-10060
WWW: https://vuxml.freebsd.org/freebsd/6d16b410-a2ca-11f0-8402-b42e991fc52e.html
MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
CVE: CVE-2025-6710
WWW: https://vuxml.freebsd.org/freebsd/59ed4b19-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication
CVE: CVE-2025-6709
WWW: https://vuxml.freebsd.org/freebsd/5b87eef6-52aa-11f0-b522-b42e991fc52e.html
mongodb -- Malformed $group Query May Cause MongoDB Server to Crash
CVE: CVE-2025-10061
WWW: https://vuxml.freebsd.org/freebsd/a5395e02-a2ca-11f0-8402-b42e991fc52e.html
MongoDB -- Race condition in privilege cache invalidation cycle
CVE: CVE-2025-6707
WWW: https://vuxml.freebsd.org/freebsd/5cd2bd2b-52aa-11f0-b522-b42e991fc52e.html
MongoDB -- Incomplete Redaction of Sensitive Information in MongoDB Server Logs
CVE: CVE-2025-6711
WWW: https://vuxml.freebsd.org/freebsd/72ddee1f-5bc5-11f0-834f-b42e991fc52e.html
MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
CVE: CVE-2025-6714
WWW: https://vuxml.freebsd.org/freebsd/79251dc8-5bc5-11f0-834f-b42e991fc52e.html
mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query
CVE: CVE-2025-10059
WWW: https://vuxml.freebsd.org/freebsd/4329e3bd-a2ca-11f0-8402-b42e991fc52e.html
10 problem(s) in 1 installed package(s) found.
***DONE***
Anything to be concerned about?
#7
Q-Feeds (Threat intelligence) / Re: Looking for testers Q-Feeds plugin
October 09, 2025, 06:11:09 PM
Hello, if possible, I would like to try this out as well. Cheers!
#8
General Discussion / Re: Nominate OPNsense and FreeBSD Foundation for Proton's Fundraiser (Big Reward)!!
November 08, 2024, 11:50:49 AM
+1
#9
24.7, 24.10 Legacy Series / Re: DNS/Adguard Home broken in 24.7
July 19, 2024, 12:40:40 AM
Not an answer but just wondering how you updated to RC2? Thanks!
#10
24.7, 24.10 Legacy Series / Re: How to upgrade from 24.1.10 to RC1?
July 17, 2024, 02:44:25 AM
Thank you!
#11
24.7, 24.10 Legacy Series / Re: How to upgrade from 24.1.10 to RC1?
July 17, 2024, 02:08:40 AMQuote from: franco on July 16, 2024, 05:13:13 PM
Poor opnsense-patch. I think you need to go to /usr/local/etc/opnsense-update.conf and replace "%%CORE_ARCH%%" with "amd64". Sorry.
Cheers,
Franco
Is this manual change still needed or has it been corrected in the upgrade?
#12
Virtual private networks / Wireguard Errors In
May 20, 2024, 09:49:40 PM
Good day,
I just setup a Wireguard server on my OPNsense. Then used the Peer generator to create my client config and copied the config into the Wireguard App on my phone. Everything seems to be working well but I am seeing Errors In on OPNsense Interface Statistics and none on the outbound. What could be the cause of the errors?
Thanks for any help.
I just setup a Wireguard server on my OPNsense. Then used the Peer generator to create my client config and copied the config into the Wireguard App on my phone. Everything seems to be working well but I am seeing Errors In on OPNsense Interface Statistics and none on the outbound. What could be the cause of the errors?
Thanks for any help.
#13
24.1, 24.4 Legacy Series / Automatic Firmware Updates
April 06, 2024, 10:59:01 PM
Just curious, how many folks out there are using Automatic Firmware Updates? For those who are, have you encountered any problems? For those that aren't, why not? Thanks!
#14
23.7 Legacy Series / Re: Limiting drive writes to the same area on the drive.
October 09, 2023, 11:58:07 PMQuote from: bartjsmit on October 09, 2023, 10:57:06 PMIs the only way to switch to ZFS a complete reinstall?
UFS does not use copy on write. If you are worried about uneven drive wear because of logging you either need to switch to ZFS or configure a central logging server
#15
23.7 Legacy Series / Re: Limiting drive writes to the same area on the drive.
October 09, 2023, 01:48:33 PMQuote from: bartjsmit on October 09, 2023, 07:48:03 AMI am using UFS, would that be any different?
you're fine - ZFS is a copy on write system https://en.wikipedia.org/wiki/Copy-on-write
