Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - roro

#1
17.1 Legacy Series / BOOT stops Fatal trap 12:
July 08, 2017, 09:51:41 PM
Fatal trap 12:page fault while in kernel mode.

I got this after upgrade from 17.1.8 to 17.1.9.

Is it possible to boot with 17.1.8 again?

Any suggestions?

Regards,
Roro.
#2
Hello,
after upgrade to 17.1.6 DNS via VLAN works again for me.
Thanks.
#3
Hello,
after update DNS not working properly anymore.
Situation.
On one nic there is the DNS server for internal network.
This worked perfect before update.

When I remove that DNS server (in system settings) and let WAN DHCP get the DNS servers.
DNS is working again and internet is possible.

Any solution? :D

================================

Some DIG output

with own DNS server (worked before upgrade)
seeu:~ # dig fox.be

; <<>> DiG 9.11.1 <<>> fox.be
;; global options: +cmd
;; connection timed out; no servers could be reached

========================
with given DNS-servers (wan dhcp).

seeu:~ # dig fox.be

; <<>> DiG 9.11.1 <<>> fox.be
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29808
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;fox.be.            IN   A

;; ANSWER SECTION:
fox.be.         300   IN   A   204.236.227.206

;; Query time: 310 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Apr 29 19:15:53 CEST 2017
;; MSG SIZE  rcvd: 51
#4
Hi there,
Just an update regarding my issue.
It has to do with the states table and clearing this after a disconnect.
I changed the following settings in firewall:
Kill states -> ON.
Firewall Optimization -> Aggressive. (normal behaviour 24 hours now 4 hours).
Now I know those states are gone after wan disconnect and after 4 hours no connection.
Greetings.
#5
A long story in a few lines.

Installing by USB. Tried multiple different USB sticks. No succes. CAM-status errors for the usbstick.

Updated pcengines bios via tinycore (you need FAT instead of FAT32 on usb) otherwise mounting won't work (MORE LOST HOURS).

After more then a day I came with the idea. Lets put serial-img on SDcard instead of USB stick.
For me that was the trick.

I have a msata in the apu2c4.
Now I could boot from SDcard and I finally installed OPNsense via Installer user on the Msata disk.

Hope others benefit from this.

Gutnite.

Is there something wrong with the USB stick (/etc/fstab settings in OPNsense-17)?
Trying to mount root from ufs:/dev/ufs/OPNsense_Install [ro,noatime]...
Mounting filesystems...
tunefs: soft updates set
(da0:umass-sim0:0:0:0): WRITE(10). CDB: 2a 00 00 00 00 10 00 00 10 00
(da0:umass-sim0:0:0:0): CAM status: CCB request completed with an error
(da0:umass-sim0:0:0:0): Retrying command
(da0:umass-sim0:0:0:0): WRITE(10). CDB: 2a 00 00 00 00 10 00 00 10 00
(da0:umass-sim0:0:0:0): CAM status: CCB request completed with an error
(da0:umass-sim0:0:0:0): Retrying command
#6
17.1 Legacy Series / Lobby: Dashboard
February 04, 2017, 02:36:59 PM
Hi,
firewall has 4 columns in Lobby: Dashboard.
System Information get updated every 20 or 30 seconds.

Why don't get Interface List and System Log automated updated?
Or is there a setting to be changed?

Greetings.
#7
17.1 Legacy Series / Re: Upgrade 16.7 to 17.1 succes.
February 01, 2017, 01:19:26 PM
Pr3p,
indeed via console (serial).
Greetings.
#8
17.1 Legacy Series / Upgrade 16.7 to 17.1 succes.
January 31, 2017, 08:15:06 PM
Thanks OPNsense.
Upgrade succesfull.
Versions    OPNsense 17.1-i386
FreeBSD 11.0-RELEASE-p7
LibreSSL 2.4.4
Updates    Click to check for updates.
CPU Type    Geode(TM) Integrated Processor by AMD PCS (1 cores)
#9
Today I disconnected  the LAN utp for 4 hours and again the firewall blocks traffice to the DNS, NTP, etc.
When I do a Filter Reload, the pc's can internet again.

Does anyone know a logfile to check?
#10
Hello,

I have the following test situation:
Disconnect the LAN utp from opnsense firewall. WAN and OPT1 are still connected.
The connected OPT1 network can reach the internet.

After a day.
Connect LAN utp to opnsense firewall.
PC's on the LAN network are now blocked by firewall.

The OPT1 network can still connect to the internet.

Anyone has/had that experience also?
Is there solution, besides rebooting the firewall?

Log from firewall blocked
Jan 23 12:05:41    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:38    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:37    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:27    LAN     192.168.20.100:123     144.76.64.40:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     85.236.36.4:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     87.233.197.123:123    UDP

Greetings Roro.
#11
17.1 Legacy Series / Re: Block private networks from OPT1
November 24, 2016, 08:30:49 PM
Hello,
I knew that.

I did some extra testing:

when Private enabled and Bogon disabled it doesn't work.
when Private disabled and Bogon enables it works.
when Private and Bogon are disabled it works.

Looks like Private is swapped with Bogon. Something for Franco?

Greetings.
#12
17.1 Legacy Series / Block private networks from OPT1
November 24, 2016, 11:37:11 AM
Hello,
I use OPNsense 17.1.a_753-i386 on soekris but I get the following:
@68 block drop in log quick on vr2 inet from 10.10.0.0/8 to any label "Block private networks from OPT1"

When I put utp in OPT2 no problems.

Something wrong in filterrules?
Greetings.
#13
Franco, no problem I will reinstall opnsense.
Thanks for the support.
Roro.
#14
and when I give an enter I get the following:

mountroot>
panic: mountroot: unable to (re-)mount root.
cpuid = 0
KDB: enter: panic
[ thread pid 1 tid 100002 ]
Stopped at      kdb_enter+0x3d: movl    $0,kdb_why
db>
#15
Hi Franco,
I get the following:
uhub0: 4 ports with 4 removable, self powered
Root mount waiting for: usbus1
uhub1: 4 ports with 4 removable, self powered
Trying to mount root from ufs:/dev/ufs/OPNsense0 [rw,async,noatime]...
mountroot: waiting for device /dev/ufs/OPNsense0 ...
Mounting from ufs:/dev/ufs/OPNsense0 failed with error 19.

Loader variables:
  vfs.root.mountfrom=ufs:/dev/ufs/OPNsense0
  vfs.root.mountfrom.options=rw,async,noatime

Manual root filesystem specification:
  <fstype>:<device> [options]
      Mount <device> using filesystem <fstype>
      and with the specified (optional) option list.

    eg. ufs:/dev/da0s1a
        zfs:tank
        cd9660:/dev/acd0 ro
          (which is equivalent to: mount -t cd9660 -o ro /dev/acd0 /)

  ?               List valid disk boot devices
  .               Yield 1 second (for background tasks)
  <empty line>    Abort manual input

mountroot       
Invalid file system specification.

mountroot> ufs:/dev/ufs/OPNsense0
Trying to mount root from ufs:/dev/ufs/OPNsense0 []...
mountroot: waiting for device /dev/ufs/OPNsense0 ...
Mounting from ufs:/dev/ufs/OPNsense0 failed with error 19.

Greetz,
Roro