1
Tutorials and FAQs / Re: Unbound restarting on link up/down in bridge
« on: February 04, 2024, 12:18:02 pm »
Found same threads here
So I decide buy a switch
So I decide buy a switch
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Tutorials and FAQs / Re: Unbound restarting on link up/down in bridge
« on: February 03, 2024, 03:35:13 pm »
It's doesn't help
execute task : unbound_configure_do() is cause restaring
Code: [Select]
2024-02-03T17:33:53 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure dns (execute task : unbound_configure_do())
2024-02-03T17:33:53 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure dns (execute task : dnsmasq_configure_do())
2024-02-03T17:33:53 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure dns ()
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure dhcp (execute task : dhcpd_dhcp_configure())
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure dhcp ()
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure ipsec (execute task : ipsec_configure_do(,opt1))
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: plugins_configure ipsec (,opt1)
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: ROUTING: entering configure using 'opt1'
2024-02-03T17:33:49 Error opnsense /usr/local/etc/rc.linkup: The command `/sbin/ifconfig 'bridge0' addm 'igc3'' failed to execute
2024-02-03T17:33:49 Notice opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for opt1(igc3)
2024-02-03T17:33:49 Notice kernel <6>igc3: link state changed to UP
2024-02-03T17:33:34 Notice kernel <6>igc3: link state changed to DOWNexecute task : unbound_configure_do() is cause restaring
3
Tutorials and FAQs / Unbound restarting on link up/down in bridge
« on: February 03, 2024, 12:39:46 pm »
Hi,
I have 5 ETH ports in software bridge. Unbound is assigned on that bridge. But turning on/off my pc cause link up/down event and unbound restarted.
Can you explain why unbound must be restarted on link up/down event in that configuration?
I have 5 ETH ports in software bridge. Unbound is assigned on that bridge. But turning on/off my pc cause link up/down event and unbound restarted.
Can you explain why unbound must be restarted on link up/down event in that configuration?
4
General Discussion / Re: Legit traffic blocking on one device, BUG?
« on: August 08, 2023, 10:41:25 am »Quote
Have you tried getting a packet capture of the two scenarios? One with the iphone working and one with the tv having trouble.
It's helped! Thank you.
All blocked packets have the same pattern: tcp flags PA (PUSH, ACK). It's "out of state" packets
Normally first packet must be SYN to open new state.
TV after turn off just pause/hibernate sockets. So when I turn on TV after some time sockets wake up as usual. But opnsense was erased old states. It's see new PUSH,ACK packets and block them as out of state.
The same topic here: https://forum.opnsense.org/index.php?topic=20219.0
5
General Discussion / Re: Legit traffic blocking on one device, BUG?
« on: August 06, 2023, 08:53:57 pm »
Made a pic
6
General Discussion / Re: Legit traffic blocking on one device, BUG?
« on: August 06, 2023, 08:04:47 pm »Quote
How do you have your bridge configured? Did you set the tuneables for it?
Configured like in that manual https://docs.opnsense.org/manual/how-tos/lan_bridge.html
net.link.bridge.pfil_member set to 0
net.link.bridge.pfil_bridge set to 1
I have another clients in that bridge and doesn't have any blocking events
Problem only with traffic from one client on mikrotik
Mikrotik have default configuration too. DHCP on WAN, LAN BRIDGE and that's all
Two clients connected over WiFi 5ghz to mikrotik. My iPhone and TV
On iPhone youtube open fast, no blocking events in opnsense (i'm sure that traffic goes through WiFi)
On TV youtube open slowly, many blocking events in opnsense (i have two default pass rules on lan bridge, but it work partially for TV traffic )
I can't realize what's difference bettween packets from TV and iPhone because for opnsense router exists only mikrotik
7
General Discussion / Legit traffic blocking on one device, BUG? [CLOSED]
« on: August 06, 2023, 12:57:01 pm »
Hi,
I have strange problem
My network setup:
OPNsense router with virtual LAN Bridge -> Mikrotik WiFi point - > Device1 and Device 2 connected over WiFi
Local subnets are different on both routers
Problem:
When I open a youtube on Device1 all working fine. When I open youtube on Device2 i've got long loading and many blocking events on opnsense with label Default "deny / state violation rule"
LAN_BRIDGE 2023-08-06T13:17:56 10.0.0.4:41400 52.28.78.142:443 tcp Default deny / state violation rule
10.0.0.4 is local ip address of Mikrotik WiFi point
All rules are default, no any separate rules for Device1 and Device2
How it can be possible?
I have strange problem
My network setup:
OPNsense router with virtual LAN Bridge -> Mikrotik WiFi point - > Device1 and Device 2 connected over WiFi
Local subnets are different on both routers
Problem:
When I open a youtube on Device1 all working fine. When I open youtube on Device2 i've got long loading and many blocking events on opnsense with label Default "deny / state violation rule"
LAN_BRIDGE 2023-08-06T13:17:56 10.0.0.4:41400 52.28.78.142:443 tcp Default deny / state violation rule
10.0.0.4 is local ip address of Mikrotik WiFi point
All rules are default, no any separate rules for Device1 and Device2
How it can be possible?
8
Web Proxy Filtering and Caching / XRAY proxy setup, forwarding
« on: May 05, 2023, 01:32:28 pm »
Hi,
I cant realize how setup forwarding to xray proxy properly.
Setup:
-xray proxy running through ssh on opnsense like a http proxy
If I configurate Firefox to this proxy directly then all works!
But when I try redirect traffic by opnsense I got warning from xray, connection after this is closed
On opnsense I created NAT rule in port forwarding like in manual (transparent proxy)
What difference betwen Firefox proxy redirect and opnsense rule redirect?
Thanks
I cant realize how setup forwarding to xray proxy properly.
Setup:
-xray proxy running through ssh on opnsense like a http proxy
If I configurate Firefox to this proxy directly then all works!
But when I try redirect traffic by opnsense I got warning from xray, connection after this is closed
Quote
[Warning] [723166431] app/proxyman/inbound: connection ends > proxy/http: failed to read http request > malformed HTTP request
On opnsense I created NAT rule in port forwarding like in manual (transparent proxy)
What difference betwen Firefox proxy redirect and opnsense rule redirect?
Thanks
9
General Discussion / Custom proxy setup (closed)
« on: May 01, 2023, 04:29:21 pm »
Hi,
I want install custom proxy client through ssh. How I can redirect traffic by alias destination to this proxy?
NAT -> Port Forwarding?
Thanks
I want install custom proxy client through ssh. How I can redirect traffic by alias destination to this proxy?
NAT -> Port Forwarding?
Thanks
10
General Discussion / Re: Bridge network - Errors out
« on: April 29, 2023, 06:58:22 pm »
The same problem. TOPTON device, intel i226-v. LAN-bridge configurated like in manual
13296 errors out : 21,543,583 packets out
I tried to reconnect all devices, it does not help
13296 errors out : 21,543,583 packets out
I tried to reconnect all devices, it does not help
Pages: [1]