Messages

Thank you, I appreciate the information

Thank you, I will check that out

[- 127.0.0.1]

Hi, I've got an issue where every device in my network can resolve DNS, but the OPNsense system itself can't, meaning it's not possible to check for updates, also DNS lookups don't work. The setup consists of Unbound DNS being the upstream of Adguard.

I've followed the usual guides present in this thread (the two DNS server options checkboxes are unticked in System->Settings->General, no DNS servers are present there, Unbound is set to run on port 5353 and so on).

What's weird is that if I just enter a public DNS (like 8.8.8.8 ) in System->Settings->General, the OPNsense system itself can suddenly resolve all DNS queries. I'd like it to use at least Unbound as well though.

Could anyone possibly help me with this?

You have to add localhost (127.0.0.1) to the /usr/local/AdGuardHome/AdGuardHome.yaml in the following section:

dns:
  bind_hosts:
    - 127.0.0.1
    - 192.168.1.1 (whatever the OPNsense address is)
  portL 53

After that, restart the AdGuardHome service from the OPNsense console.

Opnsense 24.7.4 Installation:


1 - Activate mimugmail's community repository:


SSH Opnsense: fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf


2 - Install AdGuardHome ( os-adguardhome-maxit ) from System - Firmware - Plugins


3 - Opnsense: System - Settings - General:


- DNS Servers: all empty

- Allow DNS server list to be overridden by DHCP/PPP on WAN: uncheked

- Do not use the local DNS service as a nameserver for this system: uncheked


4 - Disable Unbound


5 - Activate and start AdGuardHome from Services - AdGuardHome - General ( Primary DNS cheked )


6 - Navigate to http://your.opnsense:3000/ to complete the setup


7 - In Adguard Home - Settings - DNS settings - Upstream DNS Servers:   Set the desired servers ( 1.1.1.1,   8.8.8.8  etc ):

  tls://1.1.1.1

  tls://1.0.0.1

  https://odoh.cloudflare-dns.com/dns-query

  quic://dns0.eu


8 - In Adguard Home - Settings - DNS settings - Bootstrap DNS servers:

  1.1.1.1

  1.0.0.1

  193.110.81.0

  185.253.5.0

I like this configuration approach of having AdGuard Home handling all things DNS on default port 53, and disabling UnBound DNS, it's cleaner and has no redirects.

1.- Is there an advantage of keeping UnBound DNS enabled and being the man-in-the-middle?
2.- Is there a disadvantage of disabling UnBound DNS and use ONLY AdGuard Home?

Thanks

Zenarmor multi-core support is expected to arrive in Q2 of 2025, you can follow the updates.

It would be better for the year 2040

Sorry for the inconvenience, but we had to prioritize working on other features.

If I enable other services like AdGuard Home, will the multi-core capabilities of FreeBSD be leveraged? Meaning AdGuard Home service, will run on a different core than the cores being used by Zenarmor and OPNsense itself ? Thank you

In the Devices section I have already assigned a name to each of these IP addresses (graph below), they show OK (with the name) in the Top Devices section, but not in the Top Local Hosts section, why is this?

I have the Home License in trial mode, thank you

To be honest, it was a pain to even find the htop binary/package.  I'm not going to be any help unfortunately...I could never find an easy way to do this either.

No worries, I agree it is a pain to find this type of information, thank you very much for the help

[403 Forbidden]

Looks like it's here now for current version of OPNsense.

https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/All/htop-3.3.0_2.pkg

When you need to update it, I "delete pkg htop" and then "add pkg htop <url>".  Just updated using this link and it works as expected.

Is there a way to list the packages available and their respective versions from the pkg.freebsd.org site? I try to go there to look and I always get, I have tried different folders but always the same:

403 Forbidden

nginx

Thank you

ZA also has DNSBL, why not to use only ZA and disable PiHole?

I am using Unbound DNS Blocklist, it is working fine, now I installed and activated Home subscription (trial) for Zenarmor, it also has adBlocking, do I need both? or I can disable Unbound DNS Blocklist? Thanks

Thinking to migrate to a CPU with 6 cores / 12 threads vs 4 cores / 4 threads I have today, will OPNsense take full advantage of it while using IDS/IPS/Zenarmor/Other Tool functionality? Thanks

Looks like it's here now for current version of OPNsense.

https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/All/htop-3.3.0_2.pkg

When you need to update it, I "delete pkg htop" and then "add pkg htop <url>".  Just updated using this link and it works as expected.

Thanks a lot, appreciate the help

Thank you all for the feedback, it is working now, I appreciate the help

I just install the pre-compiled version without issue using this command (assuming amd64 platform).

Code Select Expand

sudo pkg add https://pkg.freebsd.org/FreeBSD:13:amd64/quarterly/All/htop-3.2.2_1.pkg

Do you have an updated link? I get back package not found, thank you

I have browsed all over, was directed to the mimugmail repository, but htop is not there, tried to compile it from source didn't work, please any assistance or guidance will be appreciated.

As a side note, I don't understand why it is so complicated to install such a basic package.

Thank you