Messages

1

24.7 Production Series / Re: [SOLVED] Port Forward rules do not respect the "Interface" field

« on: November 13, 2024, 08:18:38 pm »

I sincerely apologise, it was late when writing this. Turns out the service I was testing with was being accessed via ipv6, making me think the redirect was working but not being logged for some reason. It didn't occur to me at the time of writing that I had set it up for ipv6. Very sorry for being a hassle.

2

24.7 Production Series / Re: [POSSIBLE BUG] Port Forward rules do not respect the "Interface" field

« on: November 13, 2024, 10:52:46 am »

Reflection is turned off in the Firewall->Advanced menu, following a piece of advice I had read on here some time ago.

3

24.7 Production Series / [SOLVED] Port Forward rules do not respect the "Interface" field

« on: November 12, 2024, 10:11:32 pm »

When adding a port forwarding rule for a certain interface or set of interfaces, the expected behaviour would be for that rule to apply only for the interface(s) selected, even if the source field contains a "superset" of the subnets of those interfaces. In essence, the rule should apply to the "intersection" of the "source" and "interfaces" fields, assuming I understand the meaning of the "interfaces" field correctly.

Currently, the interfaces field seems to be ignored when applying said rules, leading to unexpected results.

There is an issue reported on GitHub (https://github.com/opnsense/core/issues/7952) that has, erroneously in my opinion, received the "support" label. Since it does not seem to be getting any attention, I assume because of that, I thought posting this here would help in bringing some much wanted attention, or at the very least acknowledging, said issue.

4

24.7 Production Series / Re: PSA: Test kernel with Intel fixes is available for testing

« on: October 25, 2024, 07:31:35 pm »

I seem to be having issues with the intel3 kernel with PPPoE and DHCPv6 on WAN. Very similar to the problem discussed a little while ago with dhcp6c. Reverting to the intel2 kernel and restarting seems to consistently fix the issue. To re-iterate, WAN receives an IPv6 address but not a prefix. It seems weird since I use an igb interface, and most of the changes regarding that were already present in intel2. Happy to provide more info if needed.

Edit: Clicking apply in the interface settings seems to work, it's just after boot up that it is not picked up. Will try to narrow it down more.

Edit 2: Seems like an ISP issue, just something to keep an eye on.

5

24.7 Production Series / Re: PPPOE is constantly reconnecting

« on: October 22, 2024, 09:27:17 pm »

Check if you have “Block private networks” checked in the interface settings. If so, try unchecking it.

6

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 30, 2024, 06:21:48 pm »

I know. It hasn't occurred much since that report and is really minor. I consider this solved as the patch works. Thanks for the help and the work you are putting in the project! Good luck with the issue reports and I will probably be available to test anything that comes up. Cheers!

7

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 27, 2024, 04:20:38 pm »

Scratch that, it did pick up a prefix after 8 mins. Used to be much quicker. Don't think it is an ISP issue, as it is the first time I've seen it take this long.

8

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 27, 2024, 04:17:28 pm »

Doesn't seem to get a prefix anymore (with request prefix only disabled). It used to with 24.7.4 with the same config.

9

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 26, 2024, 09:47:49 pm »

Haven't applied the patched build. The work around of requesting just a prefix works for now. Do you want me to test it?

10

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 26, 2024, 09:39:06 pm »

I believe so

11

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 26, 2024, 03:38:55 pm »

I remember you writing that the relevant patch won't be in 24.7.5, but just to confirm, the behaviour seems to be the same. Otherwise smooth as always!

12

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 22, 2024, 11:09:07 am »

This is a bit odd:

2024-09-19T22:22:05   Informational   ppp   [opt3] IFACE: Rename interface ng0 to pppoe0   
2024-09-19T22:22:05   Informational   ppp   [opt3] IFACE: Up event   
2024-09-19T22:22:05   Notice   ppp   ppp-linkup: executing on pppoe0 for inet   
2024-09-19T22:22:05   Informational   ppp   [opt3] xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx
2024-09-19T22:22:05   Informational   ppp   [opt3] IPCP: LayerUp   

According to the log ppp-linkup is calledbefore ng0 is renamed to pppoe0, but it's already told the interface name is pppoe0. In theory that's asking for trouble, but I've never seen someone raise such an issue before.


Cheers,
Franco

I don't think I have a peculiar configuration. There is a vlan on top of the physical WANPARENT interface, with pppoe0 on top of that.

13

24.7 Production Series / Re: IPv6 prefix delegation not working with 24.7.1-.3

« on: September 22, 2024, 02:22:24 am »

Robert,

As per my earlier comments I wrote this patch to try https://github.com/opnsense/dhcp6c/commit/d2e5fb474f

# pkg add -f https://pkg.opnsense.org/FreeBSD:14:amd64/snapshots/misc/dhcp6c-20240907_3.pkg

Reboot to see if it helps.


Thanks,
Franco

It seems to have completely fixed my case. A prefix, (with an address for the interface itself) is picked up immediately, similar to pre 24.7.4. If you want anything else tested, I will probably be available.

14

24.7 Production Series / Re: IPv6 prefix delegation not working with 24.7.1-.3

« on: September 22, 2024, 02:11:10 am »

Do you have "Request only a prefix" unset? It would be better to set this option if that's the case. If it's already set we need to try and ignore this zero lifetime NA that doesn't even provide an address.

I don't know how similar this issue is to mine but setting this does actually give me a prefix. I will play around with this some more, but it seems promising so far. I will also try the new dhcp6c patch. I am available to test theories if you want.

15

24.7 Production Series / Re: 24.7.4 Erratic PPPoE IPv6 Problems

« on: September 20, 2024, 12:57:07 pm »

Left it alone last night with crowdsec disabled. Nothing has changed. Attached the pppoe log.