Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - lmoore

Pages1 2
#1
26.1 Series / Re: "Redirect external DNS requests to local DNS resolver"
Today at 07:22:36 AM
In my environment I have a tight set of rule for DNS allowing queries from my internal DNS servers to only Quad9 DNS servers.

On my network there is a gaming PC and a TV which insist on querying 8.8.8.8. To avoid these connection attempts being logged by my DNS blocking rules, I've just created a rule to redirect these request to my internal DNS servers.

I am running OPNsense 26.1.5 and created one rule in Firewall: NAT: Destination NAT.

The two networks where these queries originate are in my UNTRUSTED firewall group.

A rule would appear like in the image Destination NAT Rule. I've included the relevant settings for this rule too.

You may already have a rule to allow DNS traffic to 127.0.0.1. If not, I expect the Default pass rule to work here, otherwise in the settings under Options, you could change the Firewall rule to pass.
#2
26.1 Series / Re: DHCP4 Legacy not showing all leases.
March 12, 2026, 11:24:15 AM
Is the MAC address on your server still using the same one used prior to re-installing the OS?

ISC DHCP permits setting a static lease outside of the defined range, I've been doing this for years.

I don't use DHCP on my LAN interface in OPNsense as there is another DHCP server on that network.

I do use OPNsense ISC DHCPv4 (Legacy) on another interface and assign a static address to a device outside of the defined range. It appears in my Leases view. I should add, I have enabled the 'Deny unknown clients' setting on this interface.

I don't see any reason why the behaviour would be any different on the LAN interface. It's odd you're not seeing it in the Leases - have you enabled 'Show inactive', just in case it has become flagged as inactive.

In my configuration I've only entered the MAC, IP address, hostname, description, lease time and maximum lease time. Everything else is left blank.

Is the ISC DHCPv4 service running?

Cheers,

Larry.
#3
26.1 Series / [SOLVED] Re: Large number of files accumulating in /tmp with name beginning with tmp
March 12, 2026, 02:40:07 AM
Quote from: franco on March 11, 2026, 11:29:14 AMCan you try this patch and see if that's better?

    # opnsense-patch https://github.com/opnsense/core/commit/914e5a20e
    # rm /tmp/tmpcfd_*
    # service configd restart

One lingering file for each cache is expected.  On my end that's 11 files after a reboot. Shouldn't grow that substantially anymore.


Thank you Franco.

I applied the patch as instructed and left it for a while. I observed two of these files in /tmp after the hour rolled over.

I later updated to 26.1.4 and also left it for a while. I now have the 11 files in /tmp

Cheers,

Larry.
#4
26.1 Series / Re: Rule or alias not matching
March 11, 2026, 03:41:10 AM
Alternatively, move the rule which rejects all other traffic, without enabling Quick, so it is above the other two rules in your screen shot.
#5
26.1 Series / Re: Rule or alias not matching
March 11, 2026, 03:34:26 AM
Quote from: clarknova on March 10, 2026, 06:55:33 PMAs you can also see in the screenshot, I have only one block rule in the floating rules. I can confirm there are no block rules in the group or on the interface specific to that network.


You could check the table using pfctl:

pfctl -t allowed_internet -T show

Is your block rule logging and does anything appear in these logs.

To check, enable Quick and Log in the three rules and see if there is any change in behaviour.
#6
26.1 Series / Re: Large number of files accumulating in /tmp with name beginning with tmpcfd_
March 11, 2026, 02:26:53 AM
Quote from: meyergru on March 10, 2026, 07:35:46 PMI saw this, too. The culprit may be the HomeAssistant OPNsense plugin. In its default settings, it scans every 30 seconds.


I don't use HomeAssistant so I can rule that one out.

My dashboard hasn't changed in quite a long time, so I can't attribute this to any changes there.

I'm also seeing a file being created at 1-minute past the hour, every hour. I suspect this is coming from 'List syslog applications'

-rw-------  1 root wheel  996 Mar 10 20:01:00 2026 /tmp/tmpcfd_4lh8ob0g
-rw-------  1 root wheel  996 Mar 10 21:01:00 2026 /tmp/tmpcfd_9huvt4nu
-rw-------  1 root wheel  996 Mar 10 22:01:00 2026 /tmp/tmpcfd_at5fi5vz
-rw-------  1 root wheel  996 Mar 10 23:01:00 2026 /tmp/tmpcfd_qv73ag34
-rw-------  1 root wheel  996 Mar 11 00:01:00 2026 /tmp/tmpcfd_gi8c4loh
-rw-------  1 root wheel  996 Mar 11 01:01:00 2026 /tmp/tmpcfd_9kffqpd0
-rw-------  1 root wheel  996 Mar 11 02:01:00 2026 /tmp/tmpcfd_x9_d4gxs
-rw-------  1 root wheel  996 Mar 11 03:01:00 2026 /tmp/tmpcfd_t8q1_nka
-rw-------  1 root wheel  996 Mar 11 04:01:00 2026 /tmp/tmpcfd_dhdxd_yw
-rw-------  1 root wheel  996 Mar 11 05:01:00 2026 /tmp/tmpcfd_3mxtse4h
-rw-------  1 root wheel  996 Mar 11 06:01:00 2026 /tmp/tmpcfd_vjq5o7w2
-rw-------  1 root wheel  996 Mar 11 07:01:00 2026 /tmp/tmpcfd_8s7x39sc
-rw-------  1 root wheel  996 Mar 11 08:01:00 2026 /tmp/tmpcfd_8wjw98ip
-rw-------  1 root wheel  996 Mar 11 09:01:00 2026 /tmp/tmpcfd_zd1xusvd

This is what's in these files:

{"captiveportal":"portalauth (captiveportal)","audit":"audit (audit)","configd.py":"configd (configd.py)","kernel":"kernel (kernel)","lighttpd":"lighttpd (lighttpd)","pkg":"pkg (pkg)","pkg-static":"pkg (pkg-static)","ppp":"ppps (ppp)","unbound":"resolver (unbound)","routed":"routing (routed)","olsrd":"routing (olsrd)","zebra":"routing (zebra)","ospfd":"routing (ospfd)","bgpd":"routing (bgpd)","hostapd":"wireless (hostapd)","ddclient":"ddclient (ddclient)","dhcpd":"dhcpd (dhcpd)","dhcrelay":"dhcrelay (dhcrelay)","dnsmasq":"dnsmasq (dnsmasq)","dpinger":"gateways (dpinger)","hostwatch":"hostwatch (hostwatch)","charon":"ipsec (charon)","kea-dhcp4":"kea (kea-dhcp4)","kea-dhcp6":"kea (kea-dhcp6)","kea-ctrl-agent":"kea (kea-ctrl-agent)","monit":"monit (monit)","ntp":"ntpd (ntp)","ntpd":"ntpd (ntpd)","ntpdate":"ntpd (ntpdate)","openvpn":"openvpn (openvpn)","firewall":"firewall (firewall)","filterlog":"filter (filterlog)","suricata":"suricata (suricata)","wireguard":"wireguard (wireguard)"}
#7
26.1 Series / Re: FW live view not working regex
March 10, 2026, 04:16:16 PM
Quote from: franco on March 10, 2026, 03:17:36 PM"not seen before" was directed towards the fact that regex are/were supported in the JS here, not the regex itself :D


Search for Disjunction in JS. You should get a few hits.

Cheers,

Larry.
#8
26.1 Series / Re: Large number of files accumulating in /tmp with name beginning with tmpcfd_
March 10, 2026, 03:53:28 PM
Quote from: franco on March 10, 2026, 03:16:12 PMHi Larry,

The backend log will also show how many times something is requested:

# opnsense-log -f configd


Cheers,
Franco

Could be 'request arp table' but not every time.

-rw-------  1 root wheel  4233 Mar 10 22:39:17 2026 /tmp/tmpcfd_8kdanosl
-rw-------  1 root wheel  4233 Mar 10 22:39:48 2026 /tmp/tmpcfd_0sgm5bur
-rw-------  1 root wheel  4232 Mar 10 22:40:19 2026 /tmp/tmpcfd_jj1uzk8m
-rw-------  1 root wheel  4232 Mar 10 22:40:49 2026 /tmp/tmpcfd_wn8rez9i
-rw-------  1 root wheel  4233 Mar 10 22:41:20 2026 /tmp/tmpcfd_6o5ga9xl

<13>1 2026-03-10T22:39:53+08:00 gatekeeper configd.py 576 - [meta sequenceId="320232"] [e5b7bb5b-1113-465a-90d2-00be38fe3568] Get sysctl value(s)
<13>1 2026-03-10T22:39:53+08:00 gatekeeper configd.py 576 - [meta sequenceId="320233"] [baa385eb-9508-4869-a4d2-59396a1cbba3] show WireGuard statistics [dump]
<13>1 2026-03-10T22:39:54+08:00 gatekeeper configd.py 576 - [meta sequenceId="320234"] [81be3cbc-c6ab-44f4-8e17-01525f7b8315] request ifconfig
<13>1 2026-03-10T22:39:54+08:00 gatekeeper configd.py 576 - [meta sequenceId="320235"] [4b7824f1-4e0b-4dba-babf-48c32ced43e2] show system routing table
<13>1 2026-03-10T22:39:54+08:00 gatekeeper configd.py 576 - [meta sequenceId="320236"] [2f3b4927-adb0-4606-8e9d-ce195a91989f] Reading primary IP addresses of
<13>1 2026-03-10T22:39:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320237"] [761b705a-d76d-4b39-96b1-2b1c83452914] request ifconfig
<13>1 2026-03-10T22:39:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320238"] [5b49612f-9f8b-4930-a593-5a144e57ecb1] show WireGuard statistics [dump]
<13>1 2026-03-10T22:39:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320239"] [7f697ada-5ead-4b09-b517-d215e89fd056] show system routing table
<13>1 2026-03-10T22:39:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320240"] [29693ea1-a251-40f0-83cd-a9604c2e38dc] Reading primary IP addresses of
<13>1 2026-03-10T22:39:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320241"] [5e35a063-4200-4a39-b49d-fb0f013e91dd] request nut status
<13>1 2026-03-10T22:39:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320242"] [015c9b10-3081-4387-85a8-f7b95e73f471] Get sysctl value(s)
<13>1 2026-03-10T22:39:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320243"] [4090e0b1-0d2e-4b0d-9ab0-37d45b911e2b] retrieve ups status
<13>1 2026-03-10T22:39:58+08:00 gatekeeper configd.py 576 - [meta sequenceId="320244"] [f9fec04b-23b2-4d64-803b-61b27ced7d78] request arp table
<13>1 2026-03-10T22:39:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320245"] [96960158-8ff3-4ed5-bc68-a8d8e5e929b3] request ifconfig
<13>1 2026-03-10T22:39:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320246"] [86d8370c-5a85-45eb-8a03-f54e24d64373] request arp table
<13>1 2026-03-10T22:39:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320247"] [794c30fa-10d2-4d11-80eb-985e9b394bfa] list gateway status
<13>1 2026-03-10T22:40:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320248"] [7daa0120-d1ec-45bc-bb73-3a0e8b8b703d] request ifconfig
<13>1 2026-03-10T22:40:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320249"] [16b4cbc2-22a9-40e4-85d8-7d9acea9b80a] list gateway status
<13>1 2026-03-10T22:40:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320250"] [b3a020d1-33f5-4443-a9bc-d84e563c988c] request nut status
<13>1 2026-03-10T22:40:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320251"] [0bcadd5a-0f3e-427c-9009-076394f695c2] retrieve ups status
<13>1 2026-03-10T22:40:03+08:00 gatekeeper configd.py 576 - [meta sequenceId="320252"] [cab12f25-d725-4c71-96ca-c92aa545a791] Get sysctl value(s)
<13>1 2026-03-10T22:40:03+08:00 gatekeeper configd.py 576 - [meta sequenceId="320253"] [546c2c52-e78b-4feb-a536-e345ab807c66] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:04+08:00 gatekeeper configd.py 576 - [meta sequenceId="320254"] [5ebb63f8-835a-4b66-bf50-b287b59dad83] request ifconfig
<13>1 2026-03-10T22:40:04+08:00 gatekeeper configd.py 576 - [meta sequenceId="320255"] [331b29ed-1623-4649-815a-970f7bd81992] show system routing table
<13>1 2026-03-10T22:40:04+08:00 gatekeeper configd.py 576 - [meta sequenceId="320256"] [81a8b51c-315a-4e51-b030-0176ab679bd2] Reading primary IP addresses of
<13>1 2026-03-10T22:40:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320257"] [b09626ae-9118-4945-b006-7bc738360649] request ifconfig
<13>1 2026-03-10T22:40:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320258"] [a6749288-67d2-495a-a361-adc616dac351] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320259"] [7d4671c5-8bcb-486b-af57-b289a7a29b38] show system routing table
<13>1 2026-03-10T22:40:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320260"] [be14c046-fca4-4afb-8b25-3f64a0306707] Reading primary IP addresses of
<13>1 2026-03-10T22:40:08+08:00 gatekeeper configd.py 576 - [meta sequenceId="320261"] [10ad5333-0e17-4b0e-9182-a14696ebbd0e] request nut status
<13>1 2026-03-10T22:40:08+08:00 gatekeeper configd.py 576 - [meta sequenceId="320262"] [8bb77b70-5f7a-4d32-88e2-d65d06ee9904] Get sysctl value(s)
<13>1 2026-03-10T22:40:08+08:00 gatekeeper configd.py 576 - [meta sequenceId="320263"] [389b327d-06c9-4bfd-b671-b0af7735d3fe] retrieve ups status
<13>1 2026-03-10T22:40:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320264"] [50f2d415-b3ff-495c-a9b7-922c8d28f51f] request arp table
<13>1 2026-03-10T22:40:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320265"] [15cb4849-9c47-4c18-849d-d8677a15028a] request ifconfig
<13>1 2026-03-10T22:40:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320266"] [885c7086-a09f-4929-b905-db7c15d038ad] request arp table
<13>1 2026-03-10T22:40:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320267"] [c34517a3-6af2-4a86-b130-ad16281cc14a] list gateway status
<13>1 2026-03-10T22:40:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320268"] [2a03bfeb-b80f-4811-be17-217bb5bbe812] request nut status
<13>1 2026-03-10T22:40:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320269"] [1cc78cd2-7ef4-4b9f-8134-7f6901b03496] retrieve ups status
<13>1 2026-03-10T22:40:11+08:00 gatekeeper configd.py 576 - [meta sequenceId="320270"] [50fc40d6-fbda-470b-8bbb-6b6e20dbfb25] request ifconfig
<13>1 2026-03-10T22:40:11+08:00 gatekeeper configd.py 576 - [meta sequenceId="320271"] [9ab454f3-907a-4562-bebf-62fce9ca0807] list gateway status
<13>1 2026-03-10T22:40:13+08:00 gatekeeper configd.py 576 - [meta sequenceId="320272"] [9e3c5287-e942-4db8-b5e4-7aa53d18fae3] Get sysctl value(s)
<13>1 2026-03-10T22:40:13+08:00 gatekeeper configd.py 576 - [meta sequenceId="320273"] [2ada19fe-2ea4-46dc-8d2f-b67a7b612e18] Get sysctl value(s)
<13>1 2026-03-10T22:40:13+08:00 gatekeeper configd.py 576 - [meta sequenceId="320274"] [1bfce9c5-bdcc-477e-b3c0-c575d40b6c13] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:14+08:00 gatekeeper configd.py 576 - [meta sequenceId="320275"] [3fe92c37-7d99-46f3-92c9-d5a291264c23] request ifconfig
<13>1 2026-03-10T22:40:14+08:00 gatekeeper configd.py 576 - [meta sequenceId="320276"] [20a9b2f9-c10b-4e60-95f9-cf0d3a1b43ff] show system routing table
<13>1 2026-03-10T22:40:15+08:00 gatekeeper configd.py 576 - [meta sequenceId="320277"] [0fa45d0b-c937-4ee3-a86b-52988dd3b064] Reading primary IP addresses of
<13>1 2026-03-10T22:40:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320278"] [f1fb43db-2dad-4068-9d76-814dbc75d12a] request ifconfig
<13>1 2026-03-10T22:40:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320279"] [8da1a044-ca1c-4d15-999f-84830e8e609a] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320280"] [8507d79b-3e13-4175-9742-69fe9b501baf] show system routing table
<13>1 2026-03-10T22:40:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320281"] [93328cc8-962b-4ce0-9d53-87524d61ebcf] Reading primary IP addresses of
<13>1 2026-03-10T22:40:18+08:00 gatekeeper configd.py 576 - [meta sequenceId="320282"] [0ce93f46-214a-40cb-b8aa-bb1da18bd921] request nut status
<13>1 2026-03-10T22:40:18+08:00 gatekeeper configd.py 576 - [meta sequenceId="320283"] [8b29ae2e-84d3-40ea-b432-3c6730e0e577] Get sysctl value(s)
<13>1 2026-03-10T22:40:18+08:00 gatekeeper configd.py 576 - [meta sequenceId="320284"] [b6bde1a0-f5c5-431b-9a7a-31389751c206] retrieve ups status
<13>1 2026-03-10T22:40:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320285"] [624b6430-01bc-4df0-861c-cfc265b60450] request arp table
<13>1 2026-03-10T22:40:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320286"] [7db1c799-e374-4ec9-889d-a02b1f131b4c] request ifconfig
<13>1 2026-03-10T22:40:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320287"] [a571d9a5-afb4-41f7-8c4a-aad67a7c128b] request arp table
<13>1 2026-03-10T22:40:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320288"] [9d5e568e-3247-43a8-bc30-9c98c601f0ba] list gateway status
<13>1 2026-03-10T22:40:20+08:00 gatekeeper configd.py 576 - [meta sequenceId="320289"] [fe6040b4-b2c0-442f-9dc2-184fbf79da9a] request nut status
<13>1 2026-03-10T22:40:20+08:00 gatekeeper configd.py 576 - [meta sequenceId="320290"] [a6bd7b19-c825-4d4e-8484-4814e38b30d7] retrieve ups status
<13>1 2026-03-10T22:40:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320291"] [066b6a12-b8c9-43f6-8c5a-e24e125cd111] request ifconfig
<13>1 2026-03-10T22:40:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320292"] [16e97963-09cd-4844-834f-64ea537781b8] list gateway status
<13>1 2026-03-10T22:40:23+08:00 gatekeeper configd.py 576 - [meta sequenceId="320293"] [3de14fc4-879d-4484-9556-57c062aa70db] Get sysctl value(s)
<13>1 2026-03-10T22:40:23+08:00 gatekeeper configd.py 576 - [meta sequenceId="320294"] [bb2714d7-f118-4559-b86a-01c4bfe78b75] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:24+08:00 gatekeeper configd.py 576 - [meta sequenceId="320295"] [6ec3e384-c440-4f60-8379-9ec5bfc09ac3] request ifconfig
<13>1 2026-03-10T22:40:25+08:00 gatekeeper configd.py 576 - [meta sequenceId="320296"] [80b2cb44-f0a7-46d0-ac24-9d3418a383a8] show system routing table
<13>1 2026-03-10T22:40:25+08:00 gatekeeper configd.py 576 - [meta sequenceId="320297"] [57614362-96ef-4b46-a0dc-532e4bfa5570] Reading primary IP addresses of
<13>1 2026-03-10T22:40:26+08:00 gatekeeper configd.py 576 - [meta sequenceId="320298"] [c2dd9a77-1400-40f1-b438-8398c4bbcd5a] request ifconfig
<13>1 2026-03-10T22:40:26+08:00 gatekeeper configd.py 576 - [meta sequenceId="320299"] [14d15699-cdaf-40ee-9146-f80094e20c1b] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:26+08:00 gatekeeper configd.py 576 - [meta sequenceId="320300"] [e3af1fdd-fe0d-429a-a0fe-6f056e9dbd09] show system routing table
<13>1 2026-03-10T22:40:26+08:00 gatekeeper configd.py 576 - [meta sequenceId="320301"] [3b165464-d7b8-4458-adcc-a8eb1d787c55] Reading primary IP addresses of
<13>1 2026-03-10T22:40:28+08:00 gatekeeper configd.py 576 - [meta sequenceId="320302"] [dcd2ffb1-e136-43bf-bcc2-6193ad259d8a] request nut status
<13>1 2026-03-10T22:40:28+08:00 gatekeeper configd.py 576 - [meta sequenceId="320303"] [be6f75e9-eaa5-4792-a2be-70406141ad9b] Get sysctl value(s)
<13>1 2026-03-10T22:40:28+08:00 gatekeeper configd.py 576 - [meta sequenceId="320304"] [5c1b017d-4f19-45d1-8289-796bbd654fe5] retrieve ups status
<13>1 2026-03-10T22:40:29+08:00 gatekeeper configd.py 576 - [meta sequenceId="320305"] [ca35aba2-ec4f-4f0c-a40d-8bbc955dd870] request arp table
<13>1 2026-03-10T22:40:29+08:00 gatekeeper configd.py 576 - [meta sequenceId="320306"] [70698ecd-1012-4a65-9dab-c7adfa16a6b4] request ifconfig
<13>1 2026-03-10T22:40:29+08:00 gatekeeper configd.py 576 - [meta sequenceId="320307"] [71a1d970-7095-4aa9-a5c7-f6520407c951] request arp table
<13>1 2026-03-10T22:40:30+08:00 gatekeeper configd.py 576 - [meta sequenceId="320308"] [eebeb71e-b00d-48b3-93e2-3fb0d9718dff] list gateway status
<13>1 2026-03-10T22:40:30+08:00 gatekeeper configd.py 576 - [meta sequenceId="320309"] [f461b7f3-647b-4a46-965d-a2254f41cba2] request nut status
<13>1 2026-03-10T22:40:31+08:00 gatekeeper configd.py 576 - [meta sequenceId="320310"] [00e92cca-5838-4ea2-a337-4cd514ebb824] retrieve ups status
<13>1 2026-03-10T22:40:31+08:00 gatekeeper configd.py 576 - [meta sequenceId="320311"] [78950339-3edd-4262-8704-b25d1b1d0cb9] request ifconfig
<13>1 2026-03-10T22:40:31+08:00 gatekeeper configd.py 576 - [meta sequenceId="320312"] [225f2420-1f7c-4e94-be78-1469737bce75] list gateway status
<13>1 2026-03-10T22:40:34+08:00 gatekeeper configd.py 576 - [meta sequenceId="320313"] [83bf7386-3c43-4e38-9127-c706d2c6edcb] Get sysctl value(s)
<13>1 2026-03-10T22:40:34+08:00 gatekeeper configd.py 576 - [meta sequenceId="320314"] [36c216ee-ab1f-46f5-847b-73740b19a886] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:35+08:00 gatekeeper configd.py 576 - [meta sequenceId="320315"] [4e8e9697-54bd-4b98-b48b-0c1dbfc3406c] request ifconfig
<13>1 2026-03-10T22:40:35+08:00 gatekeeper configd.py 576 - [meta sequenceId="320316"] [8b21cfae-dba9-41db-8794-da69ad78f468] show system routing table
<13>1 2026-03-10T22:40:35+08:00 gatekeeper configd.py 576 - [meta sequenceId="320317"] [75380787-a3d7-477c-8406-331f75dbbfb7] Reading primary IP addresses of
<13>1 2026-03-10T22:40:36+08:00 gatekeeper configd.py 576 - [meta sequenceId="320318"] [2023c982-a870-469c-89ea-898ccd76c9fd] request ifconfig
<13>1 2026-03-10T22:40:36+08:00 gatekeeper configd.py 576 - [meta sequenceId="320319"] [bf78cacb-d90a-4121-b235-873ad4e7337b] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:36+08:00 gatekeeper configd.py 576 - [meta sequenceId="320320"] [c488162c-c864-428d-80a6-72d540fb245e] show system routing table
<13>1 2026-03-10T22:40:36+08:00 gatekeeper configd.py 576 - [meta sequenceId="320321"] [4d77e7fc-c360-4550-94ca-9b3bd5d0ee2c] Reading primary IP addresses of
<13>1 2026-03-10T22:40:38+08:00 gatekeeper configd.py 576 - [meta sequenceId="320322"] [07c0022b-c643-41ca-91e7-18431d5cf196] Get sysctl value(s)
<13>1 2026-03-10T22:40:38+08:00 gatekeeper configd.py 576 - [meta sequenceId="320323"] [cce751fc-b3fc-4f3a-8487-707115a52793] request nut status
<13>1 2026-03-10T22:40:38+08:00 gatekeeper configd.py 576 - [meta sequenceId="320324"] [3a081f75-1df4-47cd-ad49-f6802a5c3226] retrieve ups status
<13>1 2026-03-10T22:40:39+08:00 gatekeeper configd.py 576 - [meta sequenceId="320325"] [77597f68-01e6-4f39-be95-cf481730af2f] Get sysctl value(s)
<13>1 2026-03-10T22:40:39+08:00 gatekeeper configd.py 576 - [meta sequenceId="320326"] [21a3c99f-4955-408b-ae3c-5cd5fd4dced7] request arp table
<13>1 2026-03-10T22:40:40+08:00 gatekeeper configd.py 576 - [meta sequenceId="320327"] [1fccc4d8-0e88-4e47-bffd-3f185641d5c2] request ifconfig
<13>1 2026-03-10T22:40:40+08:00 gatekeeper configd.py 576 - [meta sequenceId="320328"] [5524dc41-45ad-4d69-a09c-6a63347250f1] request arp table
<13>1 2026-03-10T22:40:40+08:00 gatekeeper configd.py 576 - [meta sequenceId="320329"] [a4e14728-2022-49e2-aff9-3d926c972d89] list gateway status
<13>1 2026-03-10T22:40:41+08:00 gatekeeper configd.py 576 - [meta sequenceId="320330"] [7fe1e59a-4e60-4b74-bee7-e78e628a8463] request nut status
<13>1 2026-03-10T22:40:41+08:00 gatekeeper configd.py 576 - [meta sequenceId="320331"] [3803deb0-c9a3-4258-be68-6693b4d344e7] retrieve ups status
<13>1 2026-03-10T22:40:41+08:00 gatekeeper configd.py 576 - [meta sequenceId="320332"] [3a1e79ec-a7aa-4c7d-90c5-14de51c7c237] request ifconfig
<13>1 2026-03-10T22:40:41+08:00 gatekeeper configd.py 576 - [meta sequenceId="320333"] [6355fe34-752b-4b04-b442-1567486b8019] list gateway status
<13>1 2026-03-10T22:40:44+08:00 gatekeeper configd.py 576 - [meta sequenceId="320334"] [66a42d19-adb8-4c69-8ac4-460821890747] Get sysctl value(s)
<13>1 2026-03-10T22:40:44+08:00 gatekeeper configd.py 576 - [meta sequenceId="320335"] [b6af836b-ebe1-4157-9374-8ec2ebdbae70] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320336"] [e6ea3f6b-164e-4399-9385-b4ed76ed1e4d] request ifconfig
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320337"] [b405a1cd-47fa-467b-a2ce-110fe398dbc6] show system routing table
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320338"] [dd52b8b5-ef15-4685-9c8f-34cb218fa1fe] Reading primary IP addresses of
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320339"] [016a3cb8-ecc0-47da-9745-636556be5e58] request ifconfig
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320340"] [7bff458f-f4bb-435c-8571-1c4a3b770bde] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320341"] [4e9515a5-0317-4941-bfaf-2b03e9d1aefb] show system routing table
<13>1 2026-03-10T22:40:46+08:00 gatekeeper configd.py 576 - [meta sequenceId="320342"] [5a0f26fc-9ed1-4e91-9600-a2d539c9f7bb] Reading primary IP addresses of
<13>1 2026-03-10T22:40:48+08:00 gatekeeper configd.py 576 - [meta sequenceId="320343"] [3d5ecb4a-db53-4515-9bfc-36f0e5fa6e20] request nut status
<13>1 2026-03-10T22:40:48+08:00 gatekeeper configd.py 576 - [meta sequenceId="320344"] [9e3f1fa7-c31a-4ef4-8a56-3cf8da5ac8c4] Get sysctl value(s)
<13>1 2026-03-10T22:40:48+08:00 gatekeeper configd.py 576 - [meta sequenceId="320345"] [3b922214-9003-47ed-9f3b-61f85ee355bb] retrieve ups status
<13>1 2026-03-10T22:40:49+08:00 gatekeeper configd.py 576 - [meta sequenceId="320346"] [2b363b3c-f480-41aa-86aa-599214222de4] request arp table
<13>1 2026-03-10T22:40:50+08:00 gatekeeper configd.py 576 - [meta sequenceId="320347"] [fd7ff911-756e-4ec7-84c3-18400289aa14] request ifconfig
<13>1 2026-03-10T22:40:50+08:00 gatekeeper configd.py 576 - [meta sequenceId="320348"] [149c5ed0-e368-46ca-a590-ee3b1991e6bf] request arp table
<13>1 2026-03-10T22:40:50+08:00 gatekeeper configd.py 576 - [meta sequenceId="320349"] [a7956170-ea2c-4b35-acf7-5a96ec582498] list gateway status
<13>1 2026-03-10T22:40:51+08:00 gatekeeper configd.py 576 - [meta sequenceId="320350"] [6f426e08-072c-4364-80d7-ca79b23ca0e1] request nut status
<13>1 2026-03-10T22:40:51+08:00 gatekeeper configd.py 576 - [meta sequenceId="320351"] [826e7bd3-2300-4185-8726-aa058f5c9e32] retrieve ups status
<13>1 2026-03-10T22:40:52+08:00 gatekeeper configd.py 576 - [meta sequenceId="320352"] [b76b7341-ce0d-4e01-9879-d76d3a6194dd] request ifconfig
<13>1 2026-03-10T22:40:52+08:00 gatekeeper configd.py 576 - [meta sequenceId="320353"] [fdac2308-e095-4fcf-9c9a-b01ca6c6901a] list gateway status
<13>1 2026-03-10T22:40:54+08:00 gatekeeper configd.py 576 - [meta sequenceId="320354"] [da5c822a-5582-4dc5-be4e-7cc3e66ecca3] Get sysctl value(s)
<13>1 2026-03-10T22:40:54+08:00 gatekeeper configd.py 576 - [meta sequenceId="320355"] [ddaeb078-41d2-4e4b-af3a-df51ac40e0de] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320356"] [b6b77c50-4486-40a3-860e-4a46699ee754] request ifconfig
<13>1 2026-03-10T22:40:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320357"] [4e17c6f3-f8e1-4f03-93f5-5e1cf81b7c97] show system routing table
<13>1 2026-03-10T22:40:56+08:00 gatekeeper configd.py 576 - [meta sequenceId="320358"] [d9a077ec-0326-4807-908f-775a8449ab99] Reading primary IP addresses of
<13>1 2026-03-10T22:40:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320359"] [759bad0b-3d9c-4804-aaa1-fc5463ebbd48] request ifconfig
<13>1 2026-03-10T22:40:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320360"] [a5fa679e-5e34-44a4-9749-3470509fcfa3] show WireGuard statistics [dump]
<13>1 2026-03-10T22:40:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320361"] [178aae76-33ed-4063-a361-7d87c605ca79] show system routing table
<13>1 2026-03-10T22:40:57+08:00 gatekeeper configd.py 576 - [meta sequenceId="320362"] [fd900541-1ac5-492a-af69-ccf1cf644cd4] Reading primary IP addresses of
<13>1 2026-03-10T22:40:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320363"] [29bf9ee8-1fbf-434e-8a54-7c1b04922bcf] Get sysctl value(s)
<13>1 2026-03-10T22:40:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320364"] [232870a4-e827-420a-9227-21a5b2c582c1] request nut status
<13>1 2026-03-10T22:40:59+08:00 gatekeeper configd.py 576 - [meta sequenceId="320365"] [eedaabed-0f98-43e9-ae03-8d10d5dfe587] retrieve ups status
<13>1 2026-03-10T22:41:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320366"] [4951e3e4-134d-4147-933f-eb3bd27f57ec] request arp table
<13>1 2026-03-10T22:41:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320367"] [9165bccb-f63a-4e03-9cae-a89c411a6779] request ifconfig
<13>1 2026-03-10T22:41:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320368"] [06e4c57b-3da8-4b3c-b31d-e796fb87bfde] request arp table
<13>1 2026-03-10T22:41:00+08:00 gatekeeper configd.py 576 - [meta sequenceId="320369"] [30e808f3-e528-49d7-a501-377ec28ca50b] list gateway status
<13>1 2026-03-10T22:41:01+08:00 gatekeeper configd.py 576 - [meta sequenceId="320370"] [39a91c72-0933-4bc5-82dc-7306493b8bfb] request nut status
<13>1 2026-03-10T22:41:01+08:00 gatekeeper configd.py 576 - [meta sequenceId="320371"] [52e7ff30-c9ad-4807-ab3c-a7e7429a8b6d] retrieve ups status
<13>1 2026-03-10T22:41:02+08:00 gatekeeper configd.py 576 - [meta sequenceId="320372"] [b949e5c7-9597-4832-b12a-830201d80dd6] request ifconfig
<13>1 2026-03-10T22:41:02+08:00 gatekeeper configd.py 576 - [meta sequenceId="320373"] [a623b182-13a0-40f7-9475-7801e685994c] list gateway status
<13>1 2026-03-10T22:41:04+08:00 gatekeeper configd.py 576 - [meta sequenceId="320374"] [df759146-c178-4b00-ae92-feb727547dfb] Get sysctl value(s)
<13>1 2026-03-10T22:41:04+08:00 gatekeeper configd.py 576 - [meta sequenceId="320375"] [b08c3317-d974-439c-b459-a338e2153f6d] show WireGuard statistics [dump]
<13>1 2026-03-10T22:41:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320376"] [d095be4a-1577-47f1-97e3-66d5e73bff95] request ifconfig
<13>1 2026-03-10T22:41:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320377"] [5592db4c-77b3-471e-a728-c38a06e50c8f] show system routing table
<13>1 2026-03-10T22:41:06+08:00 gatekeeper configd.py 576 - [meta sequenceId="320378"] [6f418ce2-8a0a-44ff-901e-fa24e310ec7d] Reading primary IP addresses of
<13>1 2026-03-10T22:41:07+08:00 gatekeeper configd.py 576 - [meta sequenceId="320379"] [992f18a8-fee8-4231-bd28-779642d5227f] request ifconfig
<13>1 2026-03-10T22:41:07+08:00 gatekeeper configd.py 576 - [meta sequenceId="320380"] [4064d4f5-acd1-40e7-aba6-42496523e799] show WireGuard statistics [dump]
<13>1 2026-03-10T22:41:07+08:00 gatekeeper configd.py 576 - [meta sequenceId="320381"] [a6728516-1894-4c04-ae94-0ec21d426793] show system routing table
<13>1 2026-03-10T22:41:07+08:00 gatekeeper configd.py 576 - [meta sequenceId="320382"] [438afa26-46f1-49c1-8ad5-93637e7159a1] Reading primary IP addresses of
<13>1 2026-03-10T22:41:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320383"] [971be970-8329-49b5-8e39-1301cbbea906] request nut status
<13>1 2026-03-10T22:41:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320384"] [5d572047-d3ea-4640-a047-91097522bd17] Get sysctl value(s)
<13>1 2026-03-10T22:41:09+08:00 gatekeeper configd.py 576 - [meta sequenceId="320385"] [21e6936b-9c3d-4c5b-acf1-d24cf4be19ce] retrieve ups status
<13>1 2026-03-10T22:41:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320386"] [f7153811-7a25-4a60-9cd0-fc89143247f8] request arp table
<13>1 2026-03-10T22:41:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320387"] [7712f7e4-72be-47d4-944a-c02347674a54] request ifconfig
<13>1 2026-03-10T22:41:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320388"] [a3be8698-39e8-44fe-8cf9-499e611a1ce5] request arp table
<13>1 2026-03-10T22:41:10+08:00 gatekeeper configd.py 576 - [meta sequenceId="320389"] [f5f2148f-2081-471e-ac23-9d82aaab0070] list gateway status
<13>1 2026-03-10T22:41:11+08:00 gatekeeper configd.py 576 - [meta sequenceId="320390"] [f322ca2b-e361-44b1-ab84-bb5d92fe1e9a] request nut status
<13>1 2026-03-10T22:41:11+08:00 gatekeeper configd.py 576 - [meta sequenceId="320391"] [e87f4d96-ba1a-47c5-a896-74cf9203c2f2] retrieve ups status
<13>1 2026-03-10T22:41:12+08:00 gatekeeper configd.py 576 - [meta sequenceId="320392"] [46fc6db0-6d83-44eb-b7f1-1869132aa88e] request ifconfig
<13>1 2026-03-10T22:41:12+08:00 gatekeeper configd.py 576 - [meta sequenceId="320393"] [6037dd5a-9fb4-4d4f-838a-0aac96dd8b38] list gateway status
<13>1 2026-03-10T22:41:14+08:00 gatekeeper configd.py 576 - [meta sequenceId="320394"] [c1824232-0e44-4e9b-a626-ff7ff0550e43] Get sysctl value(s)
<13>1 2026-03-10T22:41:14+08:00 gatekeeper configd.py 576 - [meta sequenceId="320395"] [0a32a220-9235-4101-8158-a9c9260cb0f4] Get sysctl value(s)
<13>1 2026-03-10T22:41:14+08:00 gatekeeper configd.py 576 - [meta sequenceId="320396"] [6ce56edd-60ce-41ce-bb6c-73cf7150b37a] show WireGuard statistics [dump]
<13>1 2026-03-10T22:41:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320397"] [79e01321-ec9f-4d31-afa8-5ce1ccf9eecb] request ifconfig
<13>1 2026-03-10T22:41:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320398"] [4787584a-5d03-4040-a1a0-f03a85ea5190] show system routing table
<13>1 2026-03-10T22:41:16+08:00 gatekeeper configd.py 576 - [meta sequenceId="320399"] [ceec06d9-3af4-449b-936a-0e5743adba59] Reading primary IP addresses of
<13>1 2026-03-10T22:41:17+08:00 gatekeeper configd.py 576 - [meta sequenceId="320400"] [385d2cfd-6747-484f-a508-cc350ff74fa9] request ifconfig
<13>1 2026-03-10T22:41:17+08:00 gatekeeper configd.py 576 - [meta sequenceId="320401"] [8191900c-2c31-46f3-8697-97528ac10fd8] show WireGuard statistics [dump]
<13>1 2026-03-10T22:41:17+08:00 gatekeeper configd.py 576 - [meta sequenceId="320402"] [63a2faa5-0a27-4a51-af24-73e6fcf2064d] show system routing table
<13>1 2026-03-10T22:41:17+08:00 gatekeeper configd.py 576 - [meta sequenceId="320403"] [273204c2-5680-4a17-a7f2-5bf4b6a598a2] Reading primary IP addresses of
<13>1 2026-03-10T22:41:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320404"] [4babc020-381a-451c-b6f3-5685a93142f3] request nut status
<13>1 2026-03-10T22:41:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320405"] [bd7e5af7-51c5-4465-beb9-5565b1c48916] Get sysctl value(s)
<13>1 2026-03-10T22:41:19+08:00 gatekeeper configd.py 576 - [meta sequenceId="320406"] [14784bc6-8816-4de4-a9d5-301aeb550e5a] retrieve ups status
<13>1 2026-03-10T22:41:20+08:00 gatekeeper configd.py 576 - [meta sequenceId="320407"] [11e8610e-69f0-4b2a-abbc-c1664e03dbf7] request arp table
<13>1 2026-03-10T22:41:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320408"] [58be29d7-dfd1-4965-b46e-89716560a7c9] request nut status
<13>1 2026-03-10T22:41:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320409"] [31bdc32b-fd24-4663-834c-1c8e9e0c2870] request ifconfig
<13>1 2026-03-10T22:41:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320410"] [fba80f81-51e5-4b05-9a39-9e930aba61d3] request arp table
<13>1 2026-03-10T22:41:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320411"] [70727266-eeb9-4074-be59-06dd51de6e72] list gateway status
<13>1 2026-03-10T22:41:21+08:00 gatekeeper configd.py 576 - [meta sequenceId="320412"] [fc9e6dee-c3f6-4ef5-a659-796fd4f3b88c] retrieve ups status
<13>1 2026-03-10T22:41:22+08:00 gatekeeper configd.py 576 - [meta sequenceId="320413"] [e36178b3-2ced-4e46-b360-ddb4648b0fcd] request ifconfig
<13>1 2026-03-10T22:41:22+08:00 gatekeeper configd.py 576 - [meta sequenceId="320414"] [f7d90328-6015-494d-a367-9ed7dbeecf92] list gateway status

#9
26.1 Series / Re: FW live view not working regex
March 10, 2026, 03:14:34 PM
Quote from: franco on March 10, 2026, 12:55:40 PMHi,

Thanks for the report! I think this is only an intermediate fix:

https://github.com/opnsense/core/commit/92e0d5a96fbe

I asked my colleague to comment on the "443|80|22|23|25" regex use.  Haven't seen this before.


From re_format(7):

     A (modern) RE is one‡ or more non-empty‡ branches, separated by '|'.  It
     matches anything that matches one of the branches.

Cheers,

Larry.
#10
26.1 Series / Large number of files accumulating in /tmp with name beginning with tmpcfd_
March 10, 2026, 03:07:25 PM
I've noticed in the /tmp folder on my firewall a large number of files accumulating and I think they are related to ARP collection.

My system has been up since upgrading to 26.1.3 for 5 days, 16:15. The number of these files is currently 16316 and are being generated on average every 30 seconds.
#11
26.1 Series / Re: VoIP outbound calls not working
March 01, 2026, 07:43:49 PM
Quote from: RoleTue on March 01, 2026, 06:39:40 PMs_local@Gigaset_N670 sip-control: [SIP][IPCConnector.cpp:340] UBUS event [sip-control/local_media] received
s_local@Gigaset_N670 sip-control: [SIP][GuiConnector.cpp:419] Call #1 local media: 192.168.1.100:5004 / 192.168.1.100:5004
s_local@Gigaset_N670 sip-control: [SIP][CallManager.cpp:1640] [xxxxxxxxxx|03bf68594a] Call #1: Starting call with account #03bf68594a to sip:017xxxxxxxx@hiq9a-sbcv461a.kabelbw.de
s_local@Gigaset_N670 sip-control: [PJSIP][pjLog.cpp:68] 15:30:49.717 sip_transport.  .......Request msg INVITE/cseq=30849 (tdta0x7165e4) exceeds UDP size threshold (1300), switching to TCP recommended
s_local@Gigaset_N670 sip-control: [PJSIP][pjLog.cpp:68] 15:30:50.225 sip_transport.  .Request msg INVITE/cseq=30849 (tdta0x7165e4) exceeds UDP size threshold (1300), switching to TCP recommended
s_local@Gigaset_N670 sip-control: [PJSIP][W][pjLog.cpp:64] 15:30:50.230    tsx0x71a67c  .Error sending Request msg INVITE/cseq=30849 (tdta0x7165e4): Message too long
s_local@Gigaset_N670 sip-control: [PJSIP][W][pjLog.cpp:64] 15:30:50.233    tsx0x71a67c  .Transport error, terminating transaction. Err=120090 (Message too long)
s_local@Gigaset_N670 sip-control: [SIP][CallManager.cpp:249] [xxxxxxxxxx|03bf68594a] Call #1: stateChangedHandler: Invite session state: DISCONNCTD
s_local@Gigaset_N670 sip-control: [SIP][Call.cpp:723] [xxxxxxxxxx|03bf68594a] Call #1: disconnected. Reason = 503 Message too long. Duration: 0,0 sec.

Well... what transports does the Fritzbox use when connecting to the ITSP and does it switch to TCP automatically, or does it not exceed the UDP threshold!?

Reading the Vodafone Telephony Interface Specification, it states, and keeping in mind this is a 10 year old document;

 - The SIP UE MUST only use UDP as transport protocol.
 - The SIP UE MUST NOT use TCP, SCTP or TLS.

If VoIP on your Fritzbox is still working, try to work out what is different about its configurations compared to the N670IP Pro, it could be somewhere other than the account settings.

Also, where you set the "SIP Account Name", make this quite short - perhaps only 1 character long and see if this helps.

You may also want to test setting the transport to TCP in case Vodafone have enabled this since they wrote the document.

There may be unnecessary options enabled in your SIP settings which may be contributing to the message size exceeding the limit of 1300.

Disable all Codecs except for G711A, this will make the headers a little smaller.

Have you enabled TCP for port 5060 in your firewall & NAT rules?

Also, section 7 of the Vodafone document states there must not be any request for QoS. This could be interpreted to mean the DiffServ settings should be set to 0 for SIP & RTP. This wont be influencing the message size if the INVITE so wont be related to the length of the UDP message.
#12
26.1 Series / Re: VoIP outbound calls not working
March 01, 2026, 05:13:28 PM
Quote from: RoleTue on March 01, 2026, 11:54:46 AM1772360707.341781      CXIN2W2x3RwSMys8Y4      192.168.1.100  5060    80.69.110.78    5060    0      -      -      -      -      -      <sip:xxxxxxxxxx@hiq9a-sbcv461a.kabelbw.de>      <sip:xxxxxxxxxx@hiq9a-sbcv461a.kabelbw.de>;tag=test_tag_0215532162      -      -      -      -      (empty)    SIP/2.0/UDP 192.168.1.100:5060;received=88.152.184.228  -      401    Unauthorized    -      -      0      -


I suspect this 401 message is from a REGISTER request. Section 5.4 of the document is referring to Registration. If you are receiving incoming calls on this device, then it must be registered. Interesting tag name being used.

The information in section 5.5 relates to placing an outgoing call. I couldn't find in the manual for the N670IP Pro an example of the Digit Map (Dial Plan), just the reference to the Access and Area Codes - these need to be checked and set accordingly.

Before changing your firewall rules get the device making outgoing calls first. Changing rules to match DSCP requires matching them with what is set in your devices QoS settings you will need two for this device, SIP signaling and RTP. The 3 values I've used are set in Asterisk - ignore my RTCP rule as this now uses the value for RTP voice. VoIP handsets have SIP & RTP values set accordingly.

You could set up your Fritzbox and capture the SIP REGISTER and INVITE traffic so you know what you should be seeing from the N670IP

Included attachments are;

SIP REGISTER flow
SIP INVITE flow
Outgoing Call including headers

Cheers,

Larry.

#13
26.1 Series / Re: VoIP outbound calls not working
February 28, 2026, 03:01:08 AM
Now for the final image.
#14
26.1 Series / Re: VoIP outbound calls not working
February 28, 2026, 03:00:35 AM
The remaining images -1.
#15
26.1 Series / Re: VoIP outbound calls not working
February 28, 2026, 02:58:24 AM
I've found this document for Vodafone Germany, which may help.

https://www.vodafone.de/media/downloads/pdf/Vodafone-Kabel-Deutschland-GmbH-Telephony-Interface-Specific.pdf

In my environment I have a separate VLAN for VoIP. The way I've written my rules is to only allow connections from this VLAN to the SIP_Providers alias. In my SIP_Providers alias I have included the ITSP's SIP & RTP server addresses.

With the traffic originating from my network, the rules match the DSCP field and then tags it. This is applied to SIP, RTP voice & RTP video.

The VoIP Outbound NAT rule simply matches these tagged packets.

The outgoing firewall rule simply matches the tagged packets. This removes the need to create rules using RTP ranges, as these will differ between providers.

The screen shots may help to illustrate this.

The QoS settings for the N670IP Pro are on page 55 of the English manual. You could look up the settings on your Fritzbox and replicate them on the N670IP Pro. I doubt this will be the reason your outbound calls are failing.

You may need to reference this site when working out what you need to set for the DSCP/TOS field - https://tucny.com/Home/dscp-tos
Pages1 2