Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - fuskadoo

Pages1
#1
General Discussion / Re: Rule Separators
August 05, 2024, 09:38:19 AM
> Please remember, I'm not trying to be unfriendly. I merely want to share our side of the picture, because I feel it gets lost in the excitement and disappointment over trying something new.

Understand, and get it.  No unfriendlies taken at any time.  I also want to clarify that I didn't say "I moved and NEED this one thing", I simply said I really miss it.  ;)  Hearing the Dev side of it I can see why time hasn't been burnt on it, so thanks for sharing that.  But I still miss it.  :)

Regards and best

#2
General Discussion / Re: Rule Separators
August 05, 2024, 04:48:16 AM
Completely agree with "Anything that improves the readability and maintainability of firewall rules is not in fact 'non-functional' ".  It's the same reason the "automatically generated" rules are collapsed and out of view.  You just don't want to see those most of the time, but still need them.  I moved from pfsense in the last year, and love OPNsense, but honestly, I miss this ONE feature a lot.  It's just the pure organization visually, and ability to quickly find sections to make adjustments.

In the meantime I just create a disabled "fake rule" with a recognizable comment separator such as:

****************************** Rules for routing clients to VPN ********************************

and put those rules below it.  The only downside is that it's not collapsible.  I hope this can be available some day in the future, but completely understand that resources are limited.

Thanks for all the hard work on OPNsense.
#3
24.7, 24.10 Production Series / Re: Kernal Panic - WPA broken for wifi after 24.7 update
August 01, 2024, 08:52:28 AM
Hi Franco,

I just saw this a few minutes ago which is a duplicate that I didn't initially find in my search. 

https://forum.opnsense.org/index.php?topic=41870.0

It is quite strange that with OPEN auth it seems to function fine.  But the second I enable WPA it fails and gets hung until I completely remove the wifi device and interface. It looks like it's well noted and hopefully these tips can help solving it at some point.

Take care.
#4
24.7, 24.10 Production Series / Re: Kernal Panic - WPA broken for wifi after 24.7 update
August 01, 2024, 08:29:59 AM
What I have figured out is there is something really broken with WPA.  This has always worked beautifully until I got to 24.7.

What I have found so far:
1) Remove the wireless device all together, and remove the interface (setup over from scratch)
2) Reboot and then add it back in under INTERFACE > WIRELESS > DEVICES (listed as run0)
3) When I look under WIRELESS STATUS and it's working!  It can scan and see other access points!
4) Then I set the wireless device to ACCESS POINT and leave as authentication OPEN.  It works!  I can connect to the AP.
5) Now here is where it breaks!  When I enable WPA by clicking the box, the access point disappears and ceases to work going forward

6) Kernel panic!  If I try to go back to open authentication by unchecking WPA, it kernel craps and hard reboots the device.  It shouldn't kernel panic regardless, but something with WPA in 24.7 is really amiss. Picture attached.

I have submitted crash logs through the GUI.  Please let me know how I can troubleshoot this to help get a fix.

Thank you.
#5
24.7, 24.10 Production Series / Kernal Panic - WPA broken for wifi after 24.7 update
August 01, 2024, 03:43:01 AM
Hardware: Qotom-Q355G4

After updating to 24.7, Ralink wifi gets broken and I cannot get it working again.  I use the built in basic wifi just as an isolated IoT for a few basic risky devices, so it's important.  Also I don't even see the SSID being broadcast anymore, so it has me wondering if it's loading properly.  It's there an look correct in Interfaces > Wiresless > Devices.

In the wireless logs I can see that right after upgrade it changes to "WPA rekeying GTK" repeating instead of doing proper handshakes.

Code Select

# cat /var/log/wireless/latest.log

<31>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="23"] run0_wlan1: STA 22:6a:10:ba:15:73 WPA: received EAPOL-Key frame (2/2 Group)
<30>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="24"] run0_wlan1: STA 22:6a:10:ba:15:73 WPA: group key handshake completed (RSN)
<31>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="25"] run0_wlan1: STA 4c:a1:61:04:d8:27 WPA: received EAPOL-Key frame (2/2 Group)
<30>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="26"] run0_wlan1: STA 4c:a1:61:04:d8:27 WPA: group key handshake completed (RSN)
<31>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="27"] run0_wlan1: STA 22:6a:10:ba:14:e4 WPA: received EAPOL-Key frame (2/2 Group)
<30>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="28"] run0_wlan1: STA 22:6a:10:ba:14:e4 WPA: group key handshake completed (RSN)
<31>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="29"] run0_wlan1: STA 22:6a:10:ba:15:67 WPA: received EAPOL-Key frame (2/2 Group)
<30>1 2024-07-31T16:43:15-05:00 home.arpa hostapd 7345 - [meta sequenceId="30"] run0_wlan1: STA 22:6a:10:ba:15:67 WPA: group key handshake completed (RSN)
<31>1 2024-07-31T16:43:16-05:00 home.arpa hostapd 7345 - [meta sequenceId="31"] run0_wlan1: STA 33:61:32:3a:52:1c WPA: EAPOL-Key timeout
<31>1 2024-07-31T16:43:16-05:00 home.arpa hostapd 7345 - [meta sequenceId="32"] run0_wlan1: STA 33:61:32:3a:52:1c WPA: sending 1/2 msg of Group Key Handshake
<31>1 2024-07-31T16:43:16-05:00 home.arpa hostapd 7345 - [meta sequenceId="33"] run0_wlan1: STA 33:61:32:3a:52:1c WPA: received EAPOL-Key frame (2/2 Group)
<30>1 2024-07-31T16:43:16-05:00 home.arpa hostapd 7345 - [meta sequenceId="34"] run0_wlan1: STA 33:61:32:3a:52:1c WPA: group key handshake completed (RSN)
<31>1 2024-07-31T16:50:10-05:00 home.arpa hostapd 48511 - [meta sequenceId="1"] run0_wlan1: WPA rekeying GTK
<31>1 2024-07-31T16:51:11-05:00 home.arpa hostapd 48511 - [meta sequenceId="1"] run0_wlan1: WPA rekeying GTK
<31>1 2024-07-31T16:52:11-05:00 home.arpa hostapd 48511 - [meta sequenceId="2"] run0_wlan1: WPA rekeying GTK
<31>1 2024-07-31T16:53:10-05:00 home.arpa hostapd 48511 - [meta sequenceId="1"] run0_wlan1: WPA rekeying GTK
<31>1 2024-07-31T16:55:34-05:00 home.arpa hostapd 46747 - [meta sequenceId="1"] run0_wlan1: WPA rekeying GTK


# dmesg | grep run0
Code Select

run0 on uhub1
run0: <Ralink 802.11 n WLAN, class 0/0, rev 2.00/1.01, addr 1> on usbus0
run0: MAC/BBP RT5390 (rev 0x0503), RF RT5370 (MIMO 1T1R), address 24:0a:64:a0:fc:34
run0: [HT] Enabling 802.11n
wlan0: changing name to 'run0_wlan1'
run0: firmware RT3071 ver. 0.33 loaded
run0: firmware RT3071 ver. 0.33 loaded
run0: firmware RT3071 ver. 0.33 loaded


Code Select
#  sysctl -n net.wlan.devices
run0


Anyone know how to troubleshoot this issue with 24.7?

#6
Virtual private networks / Re: Unbound DNS outgoing wireguard interface
January 06, 2024, 07:44:08 AM
It looks like "outgoing network interfaces" was removed completely.  I just moved over from pfsense and really surprised this is missing now.  Did you find another way to do this?  It's pretty critical.
#7
General Discussion / Re: Delete image from the Picture dashboard widget
December 18, 2023, 04:44:19 AM
Would love to know this as well.  I was playing with the widget to see how it works, but now I see it's making my backups larger and I cannot figure out how to delete it!
Pages1