Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - wbennett

#1
Got updated to 2.6 yesterday.
#2
Quote from: ureyni on June 25, 2026, 02:17:54 PMHi,

Could you try following command please:

root@OPNsense:~ # pkg clean
Nothing to do.
root@OPNsense:~ # pkg autoremove
Checking integrity... done (0 conflicting)
Nothing to do.
root@OPNsense:~ # pkg -d update -f -r SunnyValley
Updating SunnyValley repository catalogue...
DBG(1)[39444]> PkgRepo: verifying update for SunnyValley
DBG(1)[39444]> Pkgrepo, begin update of '/var/db/pkg/repos/SunnyValley/db'
DBG(1)[39444]> (fetch) Request to fetch https://updates.zenarmor.net/opnsense/FreeBSD:14:amd64/26.1/6d16b468-1a2c-4e63-aa90-803de1816773/meta.conf
DBG(1)[39444]> (fetch) Fetch: fetcher used: https
Fetching meta.conf: 100%    179 B   0.2kB/s    00:01   
DBG(1)[39444]> (fetch) Request to fetch https://updates.zenarmor.net/opnsense/FreeBSD:14:amd64/26.1/6d16b468-1a2c-4e63-aa90-803de1816773/data.pkg
DBG(1)[39444]> (fetch) Fetch: fetcher used: https
Fetching data.pkg: 100%   21 KiB  21.1kB/s    00:01   
DBG(1)[39444]> PkgRepo: extracting data of repo SunnyValley
DBG(1)[39766]> PkgRepo: extracting signature of repo in a sandbox
DBG(1)[39444]> Pkgrepo, reading new metadata
Processing entries: 100%
SunnyValley repository update completed. 14 packages processed.
SunnyValley is up to date.
root@OPNsense:~ #
Run the commands but nothing changed. Still on 2.5.1 and after checking for update shows packages are up to date.
#3
Quote from: Taunt9930 on June 24, 2026, 08:23:14 PMShould we be being offered an update to 2.6.x? Version 2.5.1 from May 22 is showing as up to date for me.
Same
#4
Quote from: Patrick M. Hausen on May 09, 2026, 10:07:59 PMPerfectly possible, I run that at home. Open a ticket with Q-Feeds support to get a second API key for use in AGH.

AGH does need an upstream server, though. So if you don't want to run Unbound as a recursive server, you need to cofigure your ISP, 1.1.1.1, or whatever you prefer. I use Unbound.

Did you have to pay for a second API key?
#5
Hi,
I am a Q-Feeds plus subscriber and I am just wondering if there is a way to use Q-Feeds with Adguard home as the only DNS server (No Unbound) and what the pros and cons of doing so would be.

Thanks!
#6
Quote from: yeraycito on January 16, 2026, 04:09:26 PMBy default, discovery is configured on all interfaces. I tried restricting it to LAN only, but the service stops and won't restart. If I switch it back to all interfaces, it works without problems.
I am seeing the same. I tried restricting it to LAN and Wireguard and the service stops and won't restart.
#7
I am seeing many blocks, all to the WAN interface but not a single block from the LAN. Is this normal behaviour or is there something I messed up?
#8
Quote from: Patrick M. Hausen on October 13, 2025, 06:56:43 PMBecause a packet from a host on the LAN network is coming IN to the firewall through the LAN interface. IN and OUT are from the interface point of view.
Thanks Patrick!
#9
Quote from: Maurice on October 13, 2025, 07:13:55 PMSecurity: Q-Feeds Connect: Events shows every event twice. Also, the interface column is empty.

(Sorry if this is a known issue, just started testing Q-Feeds and didn't read all 200+ comments.)

You cannot view this attachment.
I am seeing the same, no interface and every event twice.
#10
Hello, excuse me if this is a stupid question but can you please explain why for the LAN firewall rule the direction is IN?

Thanks!
#11
Zenarmor (Sensei) / OPNsense Security Audit
October 09, 2025, 06:27:08 PM
Hello,

Ran a security on my OPNsense running the 25.7.5 and received the following:


"***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.7.5 (amd64) at Thu Oct  9 13:17:25 ADT 2025
Fetching vuln.xml.xz: .......... done
mongodb70-7.0.16_1 is vulnerable:
  MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior
  CVE: CVE-2025-6706
  WWW: https://vuxml.freebsd.org/freebsd/5e64770c-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- may be susceptible to privilege escalation due to $mergeCursors stage
  CVE: CVE-2025-6713
  WWW: https://vuxml.freebsd.org/freebsd/77dc1fc4-5bc5-11f0-834f-b42e991fc52e.html

  mongodb -- MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
  CVE: CVE-2025-10060
  WWW: https://vuxml.freebsd.org/freebsd/6d16b410-a2ca-11f0-8402-b42e991fc52e.html

  MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
  CVE: CVE-2025-6710
  WWW: https://vuxml.freebsd.org/freebsd/59ed4b19-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication
  CVE: CVE-2025-6709
  WWW: https://vuxml.freebsd.org/freebsd/5b87eef6-52aa-11f0-b522-b42e991fc52e.html

  mongodb -- Malformed $group Query May Cause MongoDB Server to Crash
  CVE: CVE-2025-10061
  WWW: https://vuxml.freebsd.org/freebsd/a5395e02-a2ca-11f0-8402-b42e991fc52e.html

  MongoDB -- Race condition in privilege cache invalidation cycle
  CVE: CVE-2025-6707
  WWW: https://vuxml.freebsd.org/freebsd/5cd2bd2b-52aa-11f0-b522-b42e991fc52e.html

  MongoDB -- Incomplete Redaction of Sensitive Information in MongoDB Server Logs
  CVE: CVE-2025-6711
  WWW: https://vuxml.freebsd.org/freebsd/72ddee1f-5bc5-11f0-834f-b42e991fc52e.html

  MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
  CVE: CVE-2025-6714
  WWW: https://vuxml.freebsd.org/freebsd/79251dc8-5bc5-11f0-834f-b42e991fc52e.html

  mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query
  CVE: CVE-2025-10059
  WWW: https://vuxml.freebsd.org/freebsd/4329e3bd-a2ca-11f0-8402-b42e991fc52e.html

10 problem(s) in 1 installed package(s) found.
***DONE***

Anything to be concerned about?
#12
Hello, if possible, I would like to try this out as well. Cheers!
#14
Not an answer but just wondering how you updated to RC2? Thanks!
#15
Thank you!