Messages

Solved -> https://forum.opnsense.org/index.php?topic=45457.0

Looking in the log of unbound, it was notified an error about a specific hostname....I found I entered that with a " " (space) instead to use an underscore ....

Activating  "Register DHCP Static Mappings", now everything seems to work.

Thank you Cedrik for your time.

uh...complicated, I should take my time to carefully read through it.

On unbound i tried to flag the "Register DHCP Static Mappings" as it seems to be what I need, but once I restart the opnsense, unbound does not start because of an error.

If I correctly understand, it could be this https://github.com/opnsense/core/issues/7237

Hi, here an example:

C:\Users\DD>nslookup 192.168.1.155
Server:  OPNsense.localdomain
Address:  192.168.2.1

*** OPNsense.localdomain non è in grado di trovare 192.168.1.155: Non-existent domain

Correct, I am using unbound dns. The other parameters are already as you mentioned: the external dns system is managed through Unboud and the override setting is disabled.

But still I am seeing just the IPs in the column of the hostnames (both source and destination one).

Have you tried to use trace route instead of ping?

Hi,

there is a way to see the host names specified in the KEA dhcp reservations (internal subnets) inside the firewall live view log?

In the live view page, activating " Lookup hostnames", I see two times the IP address (for internal IPs) and the domain for the external IPs.

Thanks

Ok, I thought so...but just in case there would be the chance to exclude domains or it is just not possible?
Thanks

Hello,
I tried to search for an answer but wasn't able to find, but for sure this was already discussed.
How I can exclude domains from a firewall alias? "!" works fine with ip addresses and subnets, but not with domains.

I tried like this !youtube.com , should i use some additional character?

What I am doing wrong?
Thanks

I create here /usr/local/opnsense/service/conf/actions.d  the file actions_VPN_GW_CZ_routes.conf

inside there is this

[trace]
command:traceroute -s 192.168.2.1 10.2.2.1
parameters:
type:script
message:automatic traceroute to VPN CZ gateway
description:automatic traceroute to VPN CZ gateway

I reset the service using
service configd restart

I can see the new line in the CRON drop down menu

But if I try to run
configctl VPN_GW_CZ_routes trace

It returns
Action not allowed or missing

What I am doing wrong?
thanks

yes

yes sorry, i just pasted the example from freebsd page

the command would be something like traceroute -g 192.168.2.1 172.16.7.1 (where both these addresses are from internal subnets)

A is a gateway and B is an IP.

Maybe I found a suitable possible example:

traceroute -g 10.3.0.5 128.182.0.0

would this work considering 10.3.0.5 the gateway and the 128.128.0.0 the ip?

thanks

Hi Franco, yes I understad the guide (I already used it) but I do not know how to properly populate the .conf file with the command that perform the traceroute from A to B.

Thanks

Hi , I want to create a job following this https://docs.opnsense.org/development/backend/configd.html
that periodically perform a trace-route from internal gateway A to internal ip B

can you help me understand how to fill the .conf file for this ?

Thanks

did you go tosystem-settings-cron add a a new job using "Update and reload firewall aliases".

Just remember to set the time when this task shall run.