Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - seelk

Pages1
#1
26.1 Series / Re: ntopng plugin issue (26.1.2)
February 13, 2026, 03:18:15 PM
Quote from: IdolPlemeniti on February 13, 2026, 10:28:48 AMOld cofiguration?

Can you please elaborate?
#2
26.1 Series / ntopng plugin issue (26.1.2)
February 12, 2026, 10:54:03 PM
I'm currently stuck in an endless loop to change the password for ntopng after initially logging in with admin/admin.  I have reinstalled the plugin, including redis, to no avail.  I have restarted the plugins, disabled them, deleted cookies, followed instructions from https://www.ntop.org/guides/ntopng/faq.html#cannot-login-into-the-gui but no success.  Is anyone experiencing the same thing?  I'm running out of options.
#3
26.1 Series / Re: [SOLVED] 26.1.1 to 26.1.2 upgrade issue
February 12, 2026, 04:18:19 PM
Marking this as solved.  Ultimately what ended up working was the following:

pkg upgrade -fy (download and overwrite every single package)
opnsense-update -fk (ensure the Kernel is also explicitly rewritten)
reboot
#4
26.1 Series / Re: 26.1.1 to 26.1.2 upgrade issue
February 12, 2026, 03:58:54 PM
Quote from: newsense on February 12, 2026, 03:39:49 PMWhat happens if you check for updates again?

What is the output for "opnsense-update -g"

While troubleshooting, Gemini recommended I run "opnsense-update -fb", which I did.  It went through the update process.  However, I'm still having issues with the same services not starting.  Gemini recommended the following:

pkg update -f
pkg install -f ldns (this fixed the SSH issue)
pkg install -f crowdsec ntopng

CrowdSec appears to be fixed but Host discovery service and ntopng fail to start.  Running a Health audit still shows checksum mismatches for many files.
#5
26.1 Series / [SOLVED] 26.1.1 to 26.1.2 upgrade issue
February 12, 2026, 03:10:26 PM
While upgrading from 26.1.1 to 26.1.2 the system froze.  I was forced to poweroff the system as it was unresponsive.  Upon reboot, I continued the upgrade and it appears to have finished successfully.  However, the following services fail to start:  CrowdSec, Host discovery service, ntopng and Secure Shell Daemon.  As the latter indicates, I am unable to connect via SSH.  Also in the TTY I get the following message upon booting:

Code Select
SSH:   ld-elf.so.1: Shared object "libldns.so.3" not found, required by "ssh-keygen"
Attached are the results of the Health audit I ran.  Please help!
#6
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
January 06, 2024, 11:20:19 PM
Sounds good.  I'll disable them.  Thank you doktornotor and cookiemonster for your help.
#7
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
January 06, 2024, 09:40:35 PM
Is the logging for every automatically generated rule (a count of 18+ rules) controlled by those two settings?

Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
#8
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
January 02, 2024, 11:37:24 PM
It would be good for me to know what's getting blocked where the source and destination are not internal.  For example, LAN to WAN and WAN to LAN blocked packets would be good to log. Is this possible?
#9
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
January 02, 2024, 09:12:36 PM
I believe I found the setting (see link below) related to this rule.  I wonder if disabling this option will have an adverse effect, preventing useful blocked entries from being recorded?

https://imgur.com/a/1cl64HG
#10
23.7 Legacy Series / Re: OPNsense is logging many deny entries internally
January 02, 2024, 08:59:50 PM
Is this an automatically generated rule?  If so, it does not appear I can edit it.

https://imgur.com/a/2hudnTu
#11
23.7 Legacy Series / [SOLVED] OPNsense is logging many deny entries internally
January 02, 2024, 03:57:29 AM
I'm noticing many log entries denying traffic between my Home Assistant VM (192.168.86.26) and Google Home Mini devices (192.168.84.110 and 192.168.84.100):

Code Select
<134>1 2024-01-01T21:34:46-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283486"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4470,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:46-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283487"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4471,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:47-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283488"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4472,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:47-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283490"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4473,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:48-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283491"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4474,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:50-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283494"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4475,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:53-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283506"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4476,0,DF,6,tcp,180,192.168.86.26,192.168.84.110,38328,8009,128,PA,2383448238:2383448366,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:56-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283512"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4477,0,DF,6,tcp,307,192.168.86.26,192.168.84.110,38328,8009,255,FPA,2383448366:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:34:59-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283529"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4478,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:12-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283612"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4479,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:21-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283643"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4480,0,DF,6,tcp,52,192.168.86.26,192.168.84.110,38328,8009,0,A,,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:35:39-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283674"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4481,0,DF,6,tcp,435,192.168.86.26,192.168.84.110,38328,8009,383,FPA,2383448238:2383448621,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:36:07-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283725"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,4482,0,DF,6,tcp,52,192.168.86.26,192.168.84.110,38328,8009,0,A,,1396268932,501,,nop;nop;TS
<134>1 2024-01-01T21:36:11-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283732"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.100,42176,8009,0,R,1183885780,,0,,
<134>1 2024-01-01T21:36:51-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283859"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:37:36-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="283965"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:38:13-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284062"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.100,42176,8009,0,R,1183885780,,0,,
<134>1 2024-01-01T21:38:22-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284095"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:39:06-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284217"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,
<134>1 2024-01-01T21:39:52-05:00 OPNsense.lan filterlog 69404 - [meta sequenceId="284308"] 7,,,02f4bab031b57d1e30553ce08e0ec131,igc0,match,block,in,4,0x0,,64,0,0,DF,6,tcp,40,192.168.86.26,192.168.84.110,38328,8009,0,R,2383448238,,0,,

The amount of log entries related are in the thousands in just the last couple of days.  I am not sure what's causing this, moreover it's making it a bit difficult to analyze the logs for blocked traffic.

Do you know what's causing this traffic to be blocked?  If this is something that can be ignored, is it possible to prevent the rule from triggering and/or logging?
Pages1