Messages

Hello, I have the OpnSense Crowdsec plugin and it works fine. No issues there.

I've been trying to figure how to setup the Appsec Component on it.

I realize this requires installing the Appsec collections and amending the acquisition file (not sure where to find this file). After that one has to amend the bouncer / remediation component. How do I do this, which is the file that needs to be amended.

Any help would be highly appreciated.

Hi; going through the same thing; I'm running OPNSense on Proxmox and was very happy with it for 2+ months, but then started crashing. Tried both 24.1 and 24.7 but In my case, it appears that Proxmox was "gracefully" shutting down and rebooting OPNSense. OPNSense debug didn't indicate a Kernel Panic.

To fix it, I installed 24.7 and removed all additional NIC / Virtual bridges, and am presently running OPNSense as a basic / simple home router. No Surricata, Zenarmor, Crodsec, Vlans, Port Forwarding, Wireguard, or Proton VPN. Managed to get it running for 25 hrs and it crashed last night. This time it was a Kernel Panic.

I've now installed 24.7.5 and os-cpu-microcode-amd; if after this it crashes, I'll remove 2 memory dimms that I had installed on July 31st. I doubt though that this is a memory issue for me, cause the host system has ADGuard Home and a few basic containers working, and they all are operating fine.

If even after that, I can't achieve any form of stability, I'm disheartened to say, I'm gonna give PFSense CE a try.

If PFSense also crashes, then I have no option but to treat this as a hardware issue.

I've spent 4 months on my home lab, media server, web hosting; and now to see it all cash... is disheartening.

Can anyone please assist; I've tried 24.7 and 24.1 but still no luck; have OPNSense on Proxmox.

Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV>
  AMD Features=0x20100800<SYSCALL,NX,LM>
  AMD Features2=0x3<LAHF,CMP>
Hypervisor: Origin = "KVMKVMKVM"
real memory  = 12884901888 (12288 MB)
avail memory = 12447125504 (11870 MB)
Event timer "LAPIC" quality 100
ACPI APIC Table: <BOCHS  BXPC    >
FreeBSD/SMP: Multiprocessor System Detected: 6 CPUs
FreeBSD/SMP: 1 package(s) x 6 core(s)
random: unblocking device.
ioapic0 <Version 1.1> irqs 0-23
Launching APs: 2 5 4 1 3
wlan: mac acl policy registered
random: entropy device external interface
kbd1 at kbdmux0
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0.
vtvga0: <VT VGA driver>
kvmclock0: <KVM paravirtual clock>
Timecounter "kvmclock" frequency 1000000000 Hz quality 975
kvmclock0: registered as a time-of-day clock, resolution 0.000001s
smbios0: <System Management BIOS> at iomem 0xf5260-0xf527e
smbios0: Version: 2.8, BCD Revision: 2.8
aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS>
acpi0: <BOCHS BXPC>
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 100000000 Hz quality 950
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pcib0: could not evaluate _ADR - AE_NOT_FOUND
pci0: <ACPI PCI bus> on pcib0
isab0: <PCI-ISA bridge> at device 1.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel PIIX3 WDMA2 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf0e0-0xf0ef at device 1.1 on pci0
ata0: <ATA channel> at channel 0 on atapci0
ata1: <ATA channel> at channel 1 on atapci0
uhci0: <Intel 82371SB (PIIX3) USB controller> port 0xf040-0xf05f irq 11 at device 1.2 on pci0
usbus0 on uhci0
usbus0: 12Mbps Full Speed USB v1.0
pci0: <bridge> at device 1.3 (no driver attached)
vgapci0: <VGA-compatible display> mem 0xfd000000-0xfdffffff,0xfeb10000-0xfeb10fff at device 2.0 on pci0
vgapci0: Boot video device
virtio_pci0: <VirtIO PCI (legacy) Balloon adapter> port 0xf000-0xf03f mem 0xc0a0000000-0xc0a0003fff irq 11 at device 3.0 on pci0
vtballoon0: <VirtIO Balloon Adapter> on virtio_pci0
pcib1: <ACPI PCI-PCI bridge> mem 0xc000000000-0xc0000000ff irq 10 at device 5.0 on pci0
pci1: <ACPI PCI bus> on pcib1
virtio_pci1: <VirtIO PCI (legacy) SCSI adapter> port 0xe000-0xe03f mem 0xfe800000-0xfe800fff,0xc080000000-0xc080003fff irq 10 at device 1.0 on pci1
vtscsi0: <VirtIO SCSI Adapter> on virtio_pci1
virtio_pci2: <VirtIO PCI (legacy) Network adapter> port 0xf060-0xf07f mem 0xfeb11000-0xfeb11fff,0xc0a0004000-0xc0a0007fff irq 10 at device 18.0 on pci0
vtnet0: <VirtIO Networking Adapter> on virtio_pci2
vtnet0: Ethernet address: bc:24:11:00:2f:f4
vtnet0: netmap queues/slots: TX 1/256, RX 1/512
000.000765 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci3: <VirtIO PCI (legacy) Network adapter> port 0xf080-0xf09f mem 0xfeb12000-0xfeb12fff,0xc0a0008000-0xc0a000bfff irq 11 at device 19.0 on pci0
vtnet1: <VirtIO Networking Adapter> on virtio_pci3
vtnet1: Ethernet address: bc:24:11:3d:0e:98
vtnet1: netmap queues/slots: TX 1/256, RX 1/512
000.000766 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci4: <VirtIO PCI (legacy) Network adapter> port 0xf0a0-0xf0bf mem 0xfeb13000-0xfeb13fff,0xc0a000c000-0xc0a000ffff irq 11 at device 20.0 on pci0
vtnet2: <VirtIO Networking Adapter> on virtio_pci4
vtnet2: Ethernet address: bc:24:11:7e:de:a1
vtnet2: netmap queues/slots: TX 1/256, RX 1/512
000.000767 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci5: <VirtIO PCI (legacy) Network adapter> port 0xf0c0-0xf0df mem 0xfeb14000-0xfeb14fff,0xc0a0010000-0xc0a0013fff irq 10 at device 21.0 on pci0
vtnet3: <VirtIO Networking Adapter> on virtio_pci5
vtnet3: Ethernet address: bc:24:11:e4:e6:b2
vtnet3: netmap queues/slots: TX 1/256, RX 1/512
000.000768 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
pcib2: <ACPI PCI-PCI bridge> mem 0xc000001000-0xc0000010ff irq 10 at device 30.0 on pci0
pci2: <ACPI PCI bus> on pcib2
pcib3: <ACPI PCI-PCI bridge> mem 0xc000002000-0xc0000020ff irq 11 at device 31.0 on pci0
pci3: <ACPI PCI bus> on pcib3
acpi_syscontainer0: <System Container> on acpi0
vmgenc0: <VM Generation Counter> on acpi0
acpi_syscontainer1: <System Container> port 0xaf00-0xaf0b on acpi0
acpi_syscontainer2: <System Container> port 0xafe0-0xafe3 on acpi0
acpi_syscontainer3: <System Container> port 0xae00-0xae17 on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
WARNING: Device "psm" is Giant locked and may be deleted before FreeBSD 14.0.
psm0: model IntelliMouse Explorer, device ID 4
fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0
fdc0: does not respond
device_attach: fdc0 attach returned 6
orm0: <ISA Option ROM> at iomem 0xe7800-0xeffff pnpid ORM0000 on isa0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0
attimer0: <AT timer> at port 0x40 on isa0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
fdc0: No FDOUT register!
Timecounters tick every 10.000 msec
Trying to mount root from ufs:/dev/gpt/rootfs [rw]...
ugen0.1: <Intel UHCI root HUB> at usbus0
uhub0 on usbus0
uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
da0 at vtscsi0 bus 0 scbus2 target 0 lun 0
da0: <QEMU QEMU HARDDISK 2.5+> Fixed Direct Access SPC-3 SCSI device
da0: 300.000MB/s transfers
da0: Command Queueing enabled
da0: 65536MB (134217728 512 byte sectors)
cd0 at ata1 bus 0 scbus1 target 0 lun 0
cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device
cd0: Serial Number QM00003
cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
cd0: Attempt to query device size failed: NOT READY, Medium not present
uhub0: 2 ports with 2 removable, self powered
ugen0.2: <QEMU QEMU USB Tablet> at usbus0
intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0
intsmb0: intr IRQ 9 enabled revision 0
smbus0: <System Management Bus> on intsmb0
uhid0 on uhub0
uhid0: <QEMU QEMU USB Tablet, class 0/0, rev 2.00/0.00, addr 2> on usbus0
lo0: link state changed to UP
pflog0: permanently promiscuous mode enabled
vtnet0: link state changed to UP
vtnet1: link state changed to UP
Waiting (max 60 seconds) for system process `vnlru' to stop... done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining... 1 0 0 0 done
All buffers synced.
Uptime: 2m28s
uhid0: detached
uhub0: detached
Rebooting...
cpu_reset: Stopping other CPUs

Hi; I've been running OPNSense virtualized on Proxmox for 3 months; but over the past 2 weeks have been seeing frequent restarts. I've been back and forth between 24.7 and 24.1; have installed / removed Zenarmor, Surricata, Crowdsec but still keep facing the issue, which is now becoming more and more frequent.

Following is from the Debug Report; I really wish someone could help me here. Could this be due to this Giant Locked message I keep seeing here.

User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
FreeBSD 13.2-RELEASE-p11 stable/24.1-n255023-99a14409566 SMP amd64
OPNsense 24.1.10_8 10cb2e320
Plugins os-crowdsec-1.0.8_1 os-ddclient-1.22 os-sensei-1.17.6 os-sensei-updater-1.17 os-sunnyvalley-1.4_3 os-theme-cicada-1.36
Time Wed, 18 Sep 2024 20:31:18 -0400
OpenSSL 3.0.14
Python 3.11.9
PHP 8.2.20

CPU: QEMU Virtual CPU version 2.5+ (3400.25-MHz K8-class CPU)
  Origin="AuthenticAMD"  Id=0x60fb1  Family=0xf  Model=0x6b  Stepping=1
  Features=0x1783fbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2,HTT>
  Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV>
  AMD Features=0x20100800<SYSCALL,NX,LM>
  AMD Features2=0x3<LAHF,CMP>
Hypervisor: Origin = "KVMKVMKVM"
real memory  = 12884901888 (12288 MB)
avail memory = 12447125504 (11870 MB)
Event timer "LAPIC" quality 100
ACPI APIC Table: <BOCHS  BXPC    >
FreeBSD/SMP: Multiprocessor System Detected: 6 CPUs
FreeBSD/SMP: 1 package(s) x 6 core(s)
random: unblocking device.
ioapic0 <Version 1.1> irqs 0-23
Launching APs: 1 5 2 3 4
wlan: mac acl policy registered
random: entropy device external interface
kbd1 at kbdmux0
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0.
vtvga0: <VT VGA driver>
kvmclock0: <KVM paravirtual clock>
Timecounter "kvmclock" frequency 1000000000 Hz quality 975
kvmclock0: registered as a time-of-day clock, resolution 0.000001s
smbios0: <System Management BIOS> at iomem 0xf5260-0xf527e
smbios0: Version: 2.8, BCD Revision: 2.8
aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS>
acpi0: <BOCHS BXPC>
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 100000000 Hz quality 950
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pcib0: could not evaluate _ADR - AE_NOT_FOUND
pci0: <ACPI PCI bus> on pcib0
isab0: <PCI-ISA bridge> at device 1.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel PIIX3 WDMA2 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf0e0-0xf0ef at device 1.1 on pci0
ata0: <ATA channel> at channel 0 on atapci0
ata1: <ATA channel> at channel 1 on atapci0
uhci0: <Intel 82371SB (PIIX3) USB controller> port 0xf040-0xf05f irq 11 at device 1.2 on pci0
usbus0 on uhci0
usbus0: 12Mbps Full Speed USB v1.0
pci0: <bridge> at device 1.3 (no driver attached)
vgapci0: <VGA-compatible display> mem 0xfd000000-0xfdffffff,0xfeb10000-0xfeb10fff at device 2.0 on pci0
vgapci0: Boot video device
virtio_pci0: <VirtIO PCI (legacy) Balloon adapter> port 0xf000-0xf03f mem 0xc0a0000000-0xc0a0003fff irq 11 at device 3.0 on pci0
vtballoon0: <VirtIO Balloon Adapter> on virtio_pci0
pcib1: <ACPI PCI-PCI bridge> mem 0xc000000000-0xc0000000ff irq 10 at device 5.0 on pci0
pci1: <ACPI PCI bus> on pcib1
virtio_pci1: <VirtIO PCI (legacy) SCSI adapter> port 0xe000-0xe03f mem 0xfe800000-0xfe800fff,0xc080000000-0xc080003fff irq 10 at device 1.0 on pci1
vtscsi0: <VirtIO SCSI Adapter> on virtio_pci1
virtio_pci2: <VirtIO PCI (legacy) Network adapter> port 0xf060-0xf07f mem 0xfeb11000-0xfeb11fff,0xc0a0004000-0xc0a0007fff irq 10 at device 18.0 on pci0
vtnet0: <VirtIO Networking Adapter> on virtio_pci2
vtnet0: Ethernet address: bc:24:11:7e:40:dc
vtnet0: netmap queues/slots: TX 1/256, RX 1/512
000.000765 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci3: <VirtIO PCI (legacy) Network adapter> port 0xf080-0xf09f mem 0xfeb12000-0xfeb12fff,0xc0a0008000-0xc0a000bfff irq 11 at device 19.0 on pci0
vtnet1: <VirtIO Networking Adapter> on virtio_pci3
vtnet1: Ethernet address: bc:24:11:7e:17:43
vtnet1: netmap queues/slots: TX 1/256, RX 1/512
000.000766 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci4: <VirtIO PCI (legacy) Network adapter> port 0xf0a0-0xf0bf mem 0xfeb13000-0xfeb13fff,0xc0a000c000-0xc0a000ffff irq 11 at device 20.0 on pci0
vtnet2: <VirtIO Networking Adapter> on virtio_pci4
vtnet2: Ethernet address: bc:24:11:82:e1:59
vtnet2: netmap queues/slots: TX 1/256, RX 1/512
000.000767 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
virtio_pci5: <VirtIO PCI (legacy) Network adapter> port 0xf0c0-0xf0df mem 0xfeb14000-0xfeb14fff,0xc0a0010000-0xc0a0013fff irq 10 at device 21.0 on pci0
vtnet3: <VirtIO Networking Adapter> on virtio_pci5
vtnet3: Ethernet address: bc:24:11:ed:21:db
vtnet3: netmap queues/slots: TX 1/256, RX 1/512
000.000768 [ 449] vtnet_netmap_attach       vtnet attached txq=1, txd=256 rxq=1, rxd=512
pcib2: <ACPI PCI-PCI bridge> mem 0xc000001000-0xc0000010ff irq 10 at device 30.0 on pci0
pci2: <ACPI PCI bus> on pcib2
pcib3: <ACPI PCI-PCI bridge> mem 0xc000002000-0xc0000020ff irq 11 at device 31.0 on pci0
pci3: <ACPI PCI bus> on pcib3
acpi_syscontainer0: <System Container> on acpi0
vmgenc0: <VM Generation Counter> on acpi0
acpi_syscontainer1: <System Container> port 0xaf00-0xaf0b on acpi0
acpi_syscontainer2: <System Container> port 0xafe0-0xafe3 on acpi0
acpi_syscontainer3: <System Container> port 0xae00-0xae17 on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
WARNING: Device "psm" is Giant locked and may be deleted before FreeBSD 14.0.
psm0: model IntelliMouse Explorer, device ID 4
fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0
fdc0: does not respond
device_attach: fdc0 attach returned 6
orm0: <ISA Option ROM> at iomem 0xe7800-0xeffff pnpid ORM0000 on isa0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0
attimer0: <AT timer> at port 0x40 on isa0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
fdc0: No FDOUT register!
Timecounters tick every 10.000 msec
Trying to mount root from ufs:/dev/gpt/rootfs [rw]...
ugen0.1: <Intel UHCI root HUB> at usbus0
uhub0 on usbus0
uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
da0 at vtscsi0 bus 0 scbus2 target 0 lun 0
da0: <QEMU QEMU HARDDISK 2.5+> Fixed Direct Access SPC-3 SCSI device
da0: 300.000MB/s transfers
da0: Command Queueing enabled
da0: 65536MB (134217728 512 byte sectors)
cd0 at ata1 bus 0 scbus1 target 0 lun 0
cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device
cd0: Serial Number QM00003
cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
cd0: Attempt to query device size failed: NOT READY, Medium not present
uhub0: 2 ports with 2 removable, self powered
ugen0.2: <QEMU QEMU USB Tablet> at usbus0
intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0
intsmb0: intr IRQ 9 enabled revision 0
smbus0: <System Management Bus> on intsmb0
uhid0 on uhub0
uhid0: <QEMU QEMU USB Tablet, class 0/0, rev 2.00/0.00, addr 2> on usbus0
lo0: link state changed to UP
pflog0: permanently promiscuous mode enabled
vtnet0: link state changed to UP
vtnet1: link state changed to UP
Waiting (max 60 seconds) for system process `vnlru' to stop... done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining... 14 0 0 done
All buffers synced.
Uptime: 2m41s
uhid0: detached
uhub0: detached
Rebooting...
cpu_reset: Stopping other CPUs

Hello, I'm a newbie and have OpnSense running virtualized in Proxmox; things have been going fine but last night after updating the Proxmox Debian Kernel, I am unable to access the web gui, and can't even access the lan gate way at 192.168.1.1.

Funny thing is I'm connect to the LAN and am able to access other devices / services in the LAN, and even have access to Internet.

I have a few vlans and I've restricted access to OpnSense to the LAN.

Has someone out there faced this before, or would have any idea how to resolve or investigate this.

Would highly appreciate any feedback.