Messages

thanks for the reply.

Sy

Hi,

It seems that there is Synflood attach in your network. Zenarmor reports this. Most probably, synflood attack causes to eat up system resources and Zenarmor engine is crashing. Can you check the reported devices?

The devices with MAC Addresses: 00:0c:29:20:11:20 count:56921
f8:75:a4:cc:70:0b count:5340

Local IP: 192.168.1.222 count:56921, 192.168.1.1 count:4127

this only occured after the update. the ip in question (192.168.1.222) is a local ubuntu server with docker & portainer running a few containers.


Seimus

Are you doing maybe some port scanning?

Regards,
S.

not that i am aware of.

this is the reply i got from support.

Hi Ugur,
 
Did you check the local device for synflood issue. The attackers are creating many sessions and doesn't proceed. The system caches are full for a while and can not resource on the machine. Please check the following link to prevent synflood on OPNsense and check the local devices whixh Zenarmor has reported.
 
https://docs.opnsense.org/manual/firewall_settings.html#enable-syncookies
 
 
Best regards

i been reading some user have reported issue with the em0 nic. could it be a driver issue ? i have a spare intel i350 lying around should i use that instead?

hello
firstly i would like to thank everyone here in advanced for your assistance.
i am a complete novice when it comes to opnsense Linux and zenamor so my apologise for my simple questions.
i been able to install opnsense and zenamor via online tutorials and had been running fine for the last few months, however the other day i did a update on opnsense and zenamor was part of the upgrade package...
i upadate process was finished i did a reboot and everything was running fine for about 15min then i started getting errors. the internet connection breaks every10-15min for about 3-4 min constantly
looking at the console i see the message
"generic_netmap_dtor emulated netmap adapter for em0 destroyed"

i keeps the process until i turn off the zenamor packet engine.

i tried looking on the web for a solution but there are a gazillion solutions but i dont know which one applies to me?
when i look at the notifications i get the message
Syn Flood Detected
source :engine
detial:

Syn flood has been detected. Top 5 flooder actors {"local_hw":[{"hw":"000c29201120", "count":56921},{"hw":"f875a4cc700b", "count":5340}], "remote_hw":[{"hw":"f875a4cc700b", "count":56921},{"hw":"88c39711a792", "count":1905},{"hw":"5c0214b056dc", "count":1086},{"hw":"9c9d7e91e89d", "count":995},{"hw":"143fa6aa1a01", "count":588}], "local_ip":[{"ip":"192.168.1.222", "count":56921},{"ip":"192.168.1.1", "count":4127},{"ip":"2606:4700::6811:1802", "count":536},{"ip":"2600:1901:0:5736::f800", "count":248},{"ip":"2600:1901:0:aab1::2100", "count":33}], "remote_ip":[{"ip":"192.168.1.207", "count":1905},{"ip":"192.168.1.206", "count":1086},{"ip":"185.128.114.203", "count":1031},{"ip":"192.168.1.191", "count":995},{"ip":"fe80::c69f:44ef:9517:3402", "count":564}]}

now this is jibberish to me :(
after turning of the packet engine the connection is stable
Engine   2.0   Jun 11, 2025 17:08
Database   2.0.25060914   Jun 11, 2025 17:08
Agent   2.0.2   Jun 11, 2025 16:51
UI   2.0.59



i have a subscription but when i try access the sunnyvalley support site i get an error 1034 hence unable to contact directly to the zenamor support page.

any solution to my issue??

thanks for the feedback EricPerl,

A quick search on "opnsense iptv" reveals a few pages (OPN docs and forums, github) indicating that DHCP is relatively common.
But they often also indicate the use of DHCP options specific to the ISP, including classless-routes which I suspect is used to push routing info.

IGMP proxy also appears to be a critical component

from what im led to believe.. is that the dhcp element is required, as from my attachment. IGMP is also a must and will configure that after i can get this internet dropping issue resolved.

as mentioned i get the Vlans working 35,55 on Pfsense with no dropouts and started playing with igmp and firewall rules but i found the Pfsense UI confusing a constantly clicking back and forward so i got tired of it and  really like the Opnsense UI. setting up the pppoe with vlan35  was a bit different on Opnsense than Pfsense but from what i am lead to belive if it work their.. it should work on Opnsense aswell..... well in theory :)

hi dseven
much appricated for the reply.

I'm fairly sure that you do *not* want to make OPNsense a DHCP client on VLAN 55. It may be trying to use that as a route to the internet, and presumably your ISP wouldn't allow that.

from my previous post, another users same isp and iptv claims to have the setting correct for the wan interface, also claiming they had it up and running in Pfsense and was trying to get it to work on Opnsense. the picture i attched  in my previous post is the config they uses. i will however try the same config without the DHCP. I looked into the menu of the isp router i could inly see the 2 vlans (35,55) with dhcp.

How are you planning on physically connecting the IPTV box? Does the IPTV box work if you connect it directly to the ONT (with OPNsense out of the picture)?

second part of the question, the iptv will only work when connected to the isp given router (zxyel) and not directly from the ONT... aprrently they are preconfigured with the relevant vlan's. I tried adding a switch between the ONT and Opnsense and simply connecting the STB to the switch (no joy).

the first par, My Opnsense box is a Lenovo M920q, it has an onboard eth port (em0) and Intel i350 4xport PCI NIC (igb0 igb1 igb2 igb3)
ONT- Opnsense WAN igb0
Lan = em0
IPTV lan igb3

igb3 port will go directly to the STB.
all other lan traffic will be on em0

If you need to share a physical connection from the OPNsense location to the IPTV box location, perhaps you could create VLAN 55 devices on both WAN and LAN, and create a bridge between them

thats the issue i am having, as soon as i add the Vlan55 on the wan interface my internet connections drops :(

Hey dish, thanks for the reply.

Your ISP/TV will require specific configuration, google your provider name + pfsense or opnsense etc and hopefully you can find it. If not you look for a guide for another provider and adopt it to yours. Check your service provider support page for the IPTV configuration.

thats major issue here, i moved here to turkey for work (airline industry) and the level of freedom for usage and hardware choice compared to other nations internet providers is massive. your 'locked on the hardware they give you' and will not divulge a micro bit of information to prevent you from using alternative hardware and just reply it not possible and they will not provide support. mind you me they will provide a really crusty isp firmware locked zyxel router where you can not even change the DNS and with out 10 devices connected it starts to hang and crash. im constantly rebooting 2-3 times a day ( changed the router 2 times barely better). if reading and searching the 'alternative means'  i managed to get pfsense running but switched to Opnsense i found it lot more intuitive and better eye candy + zenarmor.

i managed to get some info from another forum with the same isp and configures exactly the way picture attached indicates. they also used dhcp and reported no issue but my Net connection drops after a few minutes when i add vlan 55 to wan interface.

Here is an example for KPN netherlands (just translate the page), your config will end up similar.
https://j4me.synology.me/ - scroll down to iptv settings
Basically need specific interface config, igmp proxy, specific dhcp settings for tvbox so it pulls info from TVprovider, open up broadcasting, block the TV vlan from spamming your LAN etc

thank for that i seen a vid on that as well and came across it a few time and will definitely take a deep dive after i get this Vlan55 issue from dropping my net connection problem resolved.

I got tired of it and in the end the simple solution for me was to install the android app from the TV provider on my smartTV or GoogleTV dongle. This takes 5mins of your time and works just as well.

i agree it a faster and cleaner solution, even that didn't work for me after i installed Zenarmor, apparently it was adblocking a feature needed to run the app. took my 2-3 hours of figuring it out because the discription was ad blocked and had no information at all it to being related to the iptv app.
however, i am willing to loose a few more brain cells and cognitive functionality for now one reason being i like the idea if the net goes down i can still stream the iptv via the stb ( like the medieval sat dish :)))  )

Tried everything except for bridging with no luck..
i was curious to see if it's an isolated issue so I decided to install Pfsense on my spare machine did the configuration and both vlans (35,55) on the wan interface and did not encounter any internet outage.
these are the steps i had taken within Opnsense:
1. Create Vlan 35 with (WAN) igb0 as the parent device
2. add point-to-point (pppoe) link interface vlan35
3. add interface (pppoe0) in interface assignments.
4. Create vlan55 with Wan as the parent device
5. add vlan55 interface via interface assignments
as stated above, without steps 4 and 5 internet works.

not sure what is going on but any help would be appreciated

Merhaba herkes,
Öncelikle, ağ konusunda bir uzman değilim ve Opnsense konusunda da oldukça acemiyim, bu yüzden eğer sorun basit ya da saçmaysa şimdiden özür dilerim.

İnternetimi TTnet fiber bağlantısından alıyorum ve PON cihazından doğrudan Opnsense kutuma (Lenovo M920Q - 32GB RAM, Intel 8 çekirdekli i7-9700T, 1TB NVMe SSD ve 4 portlu Intel i350) bağlanıyor(igb0).

TTNet internet ve IPTV hizmetlerini aynı fiber bağlantı üzerinden sağlıyor. İnternet VLAN35 üzerinde PPPoE ile, IPTV ise VLAN55 üzerinden iletiliyor.
Burada, YouTube'da ve Google'da bulduğum kurulum kılavuzlarını takip ettim ve internet bağlantısını başarılı ve stabil bir şekilde çalıştırmayı başardım. Zenarmor (home aboneliği) kurdum, politikaları ayarladım ve her şey gayet iyi çalışıyor gibi görünüyor.

Ancak, IPTV VLAN'ı ile ilgili bir sorun yaşıyorum. Yaptığım araştırmalara göre VLAN55'i WAN arayüzüne eklemek oldukça basit görünüyor, ancak birkaç dakika sonra ağdaki internet bağlantısını tamamen kaybediyorum. VLAN55'i sildiğimde veya devre dışı bıraktığımda internet birkaç dakika içinde geri geliyor.
Bunun neden olduğunu bir türlü anlayamıyorum.

Ağ arayüzleriyle ilgili görseli ekledim;
Bir yerde hata mı yapıyorum?

Nihai hedefim IPTV hizmetimi LAN4 (igb3) arayüzü üzerinden TTNet Tivibu sağladığı STB cihazına iletmek ve bunu TV'ye bağlamak. (Bu bir sonraki adımım olacak, o kısmı nasıl yapılandıracağımı çözmeye çalışacağım.)

hello pfry
thankyou for you feedback.

in the picture i didn't include the Vlan55 setup as it breaks my net connection, but you are correct. I create a vlan55 and assign the Parent as igb0 then add the vlan interface in the interface assignments.

i am thinking of experimenting in creating a vlan55 interface on the lan side but i haven't gotten to the stage of bridging them wan Vlan55 to igb3 vlan55
or simply create a vlan on the lan (igb3) and bridge the wan to lan vlan55. i havent done this as of yet as i am still trying to resolve the internet dropout issue

i also created a tcpdump (packet capture) from the diagnostic menu for Wan.Vlan55, Wan.Lan35 and Wan but these are gibberish to me at my knowledge level.

Hello everyone,
firstly im no networking guru and relatively a noob in Opnsense so please accept my apologies in advance if its a stupid/simple issue.

I get the my internet from my ISP's fiber connection and from the PON device it goes strait into my Opnsense box (Lenovo M920Q with 32gb ram, Intel 8-core i7-9700T  1TB NVME SSD and 4 port Intel i350))

My ISP delivers the internet and IPTV services on the Same fiber connection. Internet in on the Vlan35 with pppoe and IPTV on Vlan55.
i followed the setup guides i found on here, youtube and google search and  obtained a good stable connection for the Internet. I have install Zenarmor (home subscription) and setup policies and as said before everything seems to work really good.

then problem i am having is in regards the the IPTV Vlan. Done the research and trying to configure the vlan55 on the Wan interface seems strait forward but
after a few minutes or so i totally loose the Internet on the network. i delete Vlan55 or disable the vlan55 interface and internets comes back a few moments later..
for the life of me , i can not figure out why.??
 
Network Interfaces is attached in the picture;
i am doing something wrong?


my ultimate aim is to stream my iptv service to (lan4 igb3)  to my isp STB which is connected to the TV. (that is my next step... try and figure out how to configure that setup..

(learning curve is getting steeper as i sniff around theseYou cannot view this attachment. system.. it was a breeze with my ASUS home router :))