Messages

My Zenarmor policies aren't activating based on the current time, which is in DST. My OpnSense timezone is set to Europe/London which is currently UTC+1, i.e. UTC with +1 hour of DST. I have two Zenarmor policies which have time schedules and both of them are activating/deactivating based on UTC, or 1 hour later than they should be. So a policy scheduled to be enabled at 19:00 localtime (UTC - 18:00) is only activating at 20:00 localtime (UTC - 19:00).

Where current times are displayed in OpnSense and Zenarmor they are showing the correct DST time, e.g. the Zenarmor Live Sessions view shows connections in current time. The policies are shown as changing in Live Sessions, but 1 hour later than they should be doing, so there's no lag io policy changeover that's affecting things.

All software versions are current:

OpnSense - 24.1.6
Zenarmor Agent - 1.17
Zenarmor Engine - 1.17.1
Zenarmor Database - 1.17.24042216

For now I'll have to revert my schedules to UTC otherwise my teenager will be even more irritable because he's losing an hour of gaming time! It would be good to know how to make the schedules work to the current timezone. If I can't find a way to do that I predict more irritability when the clocks change at the end of the year and my schedules then activate and deactivate an hour earlier.

I've had a couple of problems where I've made a typo whilst enterering a reservation in Kea and have created two reservations with the same IP address. The web GUI allows duplicate IPs without any warning but when you next apply/restart the Kea server it fails due to the duplicate addresses, e.g.

<131>1 2024-02-08T11:02:45+00:00 OPNsense.xxxx.com kea-dhcp4 34887 - [meta sequenceId="7"] ERROR [kea-dhcp4.dhcp4.0x8325d8000] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /usr/local/etc/kea/kea-dhcp4.conf, reason: failed to add new host using the HW address 'xx:3a:xx:67:a2:xx and DUID '(null)' to the IPv4 subnet id '1' for the address 10.0.1.64: There's already a reservation for this address