"
Could you use DHCP to use (hand-out) your (local) DNS server to your LAN clients?
Services -> DHCP -> Server : DNS servers (here only specify your (local) DNS)
Services -> DHCP -> Server : DNS servers (here only specify your (local) DNS)
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
16.7 Legacy Series / Re: Video Games and OPNSense - Rainbow Six Siege
December 13, 2016, 05:07:09 PM
Your UPNP capure shows no configuration for IP's to allow access, and the default deny rule isn't selected.
Here are my captures (for consoles in CDIR range 192.168.0.80/29):
- UPNP settings
- Firewall showing UPNP and multicast
- NAT outbound hybrid with UPNP rule.
Here are my captures (for consoles in CDIR range 192.168.0.80/29):
- UPNP settings
- Firewall showing UPNP and multicast
- NAT outbound hybrid with UPNP rule.
#3
16.7 Legacy Series / Re: HW acceleration settings are not applied to all nics
December 11, 2016, 08:38:07 PM
I can't seem to find any code that sets or disables the "VLAN_HWCSUM". (may not implemented yet...only in GUI)
The other hardware accelerated (TSO, TSO6, LRO, LRO6, RXCSUM TXCSUM, etc..) options are disabled on your RE0 and RE1 devices.
That realtek chip may not like the default driver very much.
There are some who have updated the RE driver with varied success (and failures), and that is on plain FreeBSD 11.0 or 10.3.
https://forums.freebsd.org/threads/55861/
The other hardware accelerated (TSO, TSO6, LRO, LRO6, RXCSUM TXCSUM, etc..) options are disabled on your RE0 and RE1 devices.
That realtek chip may not like the default driver very much.
There are some who have updated the RE driver with varied success (and failures), and that is on plain FreeBSD 11.0 or 10.3.
https://forums.freebsd.org/threads/55861/
#4
16.7 Legacy Series / Re: HW acceleration settings are not applied to all nics
December 09, 2016, 04:36:59 PM
Is the ifconfig listing performed after you applied the settings in the screenshot?
Did you restart the interfaces or did you reboot?
Did you restart the interfaces or did you reboot?
#5
15.7 Legacy Series / Re: [SOLVED] Updated "private addresses" using unbound (DNS resolver)
November 16, 2016, 10:08:47 PM
I created an github account and created a pull request, to fix a private address space type-o.
192.254 should have been 169.254.
Unbound now, can not resolve some legal dns names in the 192.254 range, whoops. :-X
192.254 should have been 169.254.
Unbound now, can not resolve some legal dns names in the 192.254 range, whoops. :-X
#6
16.7 Legacy Series / Re: Power saving not working when AC-line can not be detected.
August 08, 2016, 06:53:35 PM
This is not a bump, I had to reply, to add CPU temp history. (see attachment)
#7
16.7 Legacy Series / Power saving not working when AC-line can not be detected.
August 08, 2016, 06:32:08 PM
I have a mini itx motherboard that I use for Opnsense.
It has a intel Avoton (Atom) CPU.
However the powerd settings don't seem to have an effect on CPU temperatures. (remained at ~45°C for all Cores)
I did some investigation and it seems there are just a few settings missing from the GUI and a conf file.
powerd -v (from the command-line)
Hiadaptive is not bad, but it could be better (greener).
powerd manpage:
So I looked at the C-states of my machine, C1 and C2 are supported.
It always stayed in C1 becasue of the defaults.
The clockspeed would move down, but nothing significant in temperatures.
So I ran a search for powerd, and came across this wiki.
https://wiki.freebsd.org/TuningPowerConsumption
(/etc/rc.conf):
Replace "Cmax" with what is supported by your machine, but the hardware will do what it can to get to the highest C-state possible on your machine.
I tested this, with "Cmax" and "C8" is what is determined by freebsd, but my hardware only supports "C2".
Using "C2" is relatively safe, higher level C-states might not be ideal for more production level environments.
For instance "C3" is turning off cores, "C3" might work might not work or you might loose too much responsiveness, But hey it's router not a laptop. C-state "C2" will do fine.
So I added "/etc/rc.conf" with "C2" to my config and rebooted my machine.
et voilá, CPU core temperatures dropped to ~39°C, a nice drop from 45°C.
Solving the undetermined power state option:
/usr/local/www/system_advanced_misc.php
first part is to define the default state of the three powerd options.
NEW
The second parts are to create a copy of the normal state option for the three powerd options in the GUI.
And add a help text, for when normal mode is used by powerd.
OLD @ ~ line 111
NEW
OLD @ ~ line 339
NEW
It has a intel Avoton (Atom) CPU.
However the powerd settings don't seem to have an effect on CPU temperatures. (remained at ~45°C for all Cores)
I did some investigation and it seems there are just a few settings missing from the GUI and a conf file.
powerd -v (from the command-line)
QuoteHowever the normal option is not influenced or changeable from the GUI, but it is stored as "hadp" when empty.
powerd: unable to determine AC line status <=== Important for "-n" option of powerd !!!
load 10%, current freq 1200 MHz (13), wanted freq 1200 MHz
load 6%, current freq 1200 MHz (13), wanted freq 1200 MHz
load 8%, current freq 1200 MHz (13), wanted freq 1200 MHz
load 10%, current freq 1200 MHz (13), wanted freq 1200 MHz
load 6%, current freq 1200 MHz (13), wanted freq 1200 MHz
Hiadaptive is not bad, but it could be better (greener).
powerd manpage:
Quote
-n mode Selects the mode to use normally when the AC line state is
unknown.
So I looked at the C-states of my machine, C1 and C2 are supported.
It always stayed in C1 becasue of the defaults.
The clockspeed would move down, but nothing significant in temperatures.
So I ran a search for powerd, and came across this wiki.
https://wiki.freebsd.org/TuningPowerConsumption
(/etc/rc.conf):
Quote
performance_cx_lowest="Cmax"
economy_cx_lowest="Cmax"
Replace "Cmax" with what is supported by your machine, but the hardware will do what it can to get to the highest C-state possible on your machine.
I tested this, with "Cmax" and "C8" is what is determined by freebsd, but my hardware only supports "C2".
Using "C2" is relatively safe, higher level C-states might not be ideal for more production level environments.
For instance "C3" is turning off cores, "C3" might work might not work or you might loose too much responsiveness, But hey it's router not a laptop. C-state "C2" will do fine.
So I added "/etc/rc.conf" with "C2" to my config and rebooted my machine.
et voilá, CPU core temperatures dropped to ~39°C, a nice drop from 45°C.
Solving the undetermined power state option:
/usr/local/www/system_advanced_misc.php
first part is to define the default state of the three powerd options.
- powerd_ac_mode (tidy this a bit, to be nearer to it's own code, with some remarks added)
- powerd_battery_mode
- powerd_normal_mode (missing!!!, and needed for when AC can not be determined)
Code Select
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig = array();
$pconfig['powerd_enable'] = isset($config['system']['powerd_enable']);
$pconfig['crypto_hardware'] = !empty($config['system']['crypto_hardware']) ? $config['system']['crypto_hardware'] : null;
$pconfig['cryptodev_enable'] = isset($config['system']['cryptodev_enable']);
$pconfig['thermal_hardware'] = !empty($config['system']['thermal_hardware']) ? $config['system']['thermal_hardware'] : null;
$pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']);
$pconfig['use_mfs_tmp'] = isset($config['system']['use_mfs_tmp']);
$pconfig['powerd_ac_mode'] = "hadp";
$pconfig['rrdbackup'] = !empty($config['system']['rrdbackup']) ? $config['system']['rrdbackup'] : null;
$pconfig['dhcpbackup'] = !empty($config['system']['dhcpbackup']) ? $config['system']['dhcpbackup'] : null;
$pconfig['netflowbackup'] = !empty($config['system']['netflowbackup']) ? $config['system']['netflowbackup'] : null;
if (!empty($config['system']['powerd_ac_mode'])) {
$pconfig['powerd_ac_mode'] = $config['system']['powerd_ac_mode'];
}
$pconfig['powerd_battery_mode'] = "hadp";
if (!empty($config['system']['powerd_battery_mode'])) {
$pconfig['powerd_battery_mode'] = $config['system']['powerd_battery_mode'];
}
NEW
Code Select
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig = array();
$pconfig['powerd_enable'] = isset($config['system']['powerd_enable']);
$pconfig['crypto_hardware'] = !empty($config['system']['crypto_hardware']) ? $config['system']['crypto_hardware'] : null;
$pconfig['cryptodev_enable'] = isset($config['system']['cryptodev_enable']);
$pconfig['thermal_hardware'] = !empty($config['system']['thermal_hardware']) ? $config['system']['thermal_hardware'] : null;
$pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']);
$pconfig['use_mfs_tmp'] = isset($config['system']['use_mfs_tmp']);
$pconfig['rrdbackup'] = !empty($config['system']['rrdbackup']) ? $config['system']['rrdbackup'] : null;
$pconfig['dhcpbackup'] = !empty($config['system']['dhcpbackup']) ? $config['system']['dhcpbackup'] : null;
$pconfig['netflowbackup'] = !empty($config['system']['netflowbackup']) ? $config['system']['netflowbackup'] : null;
// define powerd default or saved state(s) from the systemconfig
$pconfig['powerd_ac_mode'] = "hadp";
if (!empty($config['system']['powerd_ac_mode'])) {
$pconfig['powerd_ac_mode'] = $config['system']['powerd_ac_mode'];
}
$pconfig['powerd_battery_mode'] = "hadp";
if (!empty($config['system']['powerd_battery_mode'])) {
$pconfig['powerd_battery_mode'] = $config['system']['powerd_battery_mode'];
}
$pconfig['powerd_normal_mode'] = "hadp";
if (!empty($config['system']['powerd_normal_mode'])) {
$pconfig['powerd_battery_mode'] = $config['system']['powerd_normal_mode'];
}
The second parts are to create a copy of the normal state option for the three powerd options in the GUI.
And add a help text, for when normal mode is used by powerd.
OLD @ ~ line 111
Code Select
if (count($input_errors) == 0) {
if (!empty($pconfig['powerd_enable'])) {
$config['system']['powerd_enable'] = true;
} elseif (isset($config['system']['powerd_enable'])) {
unset($config['system']['powerd_enable']);
}
$config['system']['powerd_ac_mode'] = $pconfig['powerd_ac_mode'];
$config['system']['powerd_battery_mode'] = $pconfig['powerd_battery_mode'];
NEW
Code Select
if (count($input_errors) == 0) {
if (!empty($pconfig['powerd_enable'])) {
$config['system']['powerd_enable'] = true;
} elseif (isset($config['system']['powerd_enable'])) {
unset($config['system']['powerd_enable']);
}
$config['system']['powerd_ac_mode'] = $pconfig['powerd_ac_mode'];
$config['system']['powerd_battery_mode'] = $pconfig['powerd_battery_mode'];
$config['system']['powerd_normal_mode'] = $pconfig['powerd_normal_mode'];
OLD @ ~ line 339
Code Select
<tr>
<td><a id="help_for_powerd_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use PowerD"); ?></td>
<td>
<input name="powerd_enable" type="checkbox" id="powerd_enable" value="yes" <?=!empty($pconfig['powerd_enable']) ? "checked=\"checked\"" : "";?> />
<div class="hidden" for="help_for_powerd_enable">
<?=gettext("The powerd utility monitors the system state and sets various power control " .
"options accordingly. It offers four modes (maximum, minimum, adaptive " .
"and hiadaptive) that can be individually selected while on AC power or batteries. " .
"The modes maximum, minimum, adaptive and hiadaptive may be abbreviated max, " .
"min, adp, hadp. Maximum mode chooses the highest performance values. Minimum " .
"mode selects the lowest performance values to get the most power savings. " .
"Adaptive mode attempts to strike a balance by degrading performance when " .
"the system appears idle and increasing it when the system is busy. It " .
"offers a good balance between a small performance loss for greatly " .
"increased power savings. Hiadaptive mode is alike adaptive mode, but " .
"tuned for systems where performance and interactivity are more important " .
"than power consumption. It raises frequency faster, drops slower and " .
"keeps twice lower CPU load."); ?>
</div>
</td>
</tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext('On AC Power Mode') ?></td>
<td>
<select name="powerd_ac_mode" class="selectpicker" data-style="btn-default" data-width="auto">
<option value="hadp" <?=$pconfig['powerd_ac_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Hiadaptive");?>
</option>
<option value="adp" <?=$pconfig['powerd_ac_mode']=="adp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Adaptive");?>
</option>
<option value="min" <?=$pconfig['powerd_ac_mode']=="min" ? "selected=\"selected\"" : "";?>>
<?=gettext("Minimum");?>
</option>
<option value="max" <?=$pconfig['powerd_ac_mode']=="max" ? " selected=\"selected\"" : "";?>>
<?=gettext("Maximum");?>
</option>
</select>
</td>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext('On Battery Power Mode') ?></td>
<td>
<select name="powerd_battery_mode" class="selectpicker" data-style="btn-default" data-width="auto">
<option value="hadp"<?=$pconfig['powerd_battery_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Hiadaptive");?>
</option>
<option value="adp" <?=$pconfig['powerd_battery_mode']=="adp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Adaptive");?>
</option>
<option value="min" <?=$pconfig['powerd_battery_mode']=="min" ? "selected=\"selected\"" :"";?>>
<?=gettext("Minimum");?>
</option>
<option value="max" <?=$pconfig['powerd_battery_mode']=="max" ? "selected=\"selected\"" : "";?>>
<?=gettext("Maximum");?>
</option>
</select>
</td>
</tr>
NEW
Code Select
<tr>
<td><a id="help_for_powerd_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use PowerD"); ?></td>
<td>
<input name="powerd_enable" type="checkbox" id="powerd_enable" value="yes" <?=!empty($pconfig['powerd_enable']) ? "checked=\"checked\"" : "";?> />
<div class="hidden" for="help_for_powerd_enable">
<?=gettext("The powerd utility monitors the system state and sets various power control " .
"options accordingly. It offers four modes (maximum, minimum, adaptive " .
"and hiadaptive) that can be individually selected while on AC power or batteries. " .
"The modes maximum, minimum, adaptive and hiadaptive may be abbreviated max, " .
"min, adp, hadp. Maximum mode chooses the highest performance values. Minimum " .
"mode selects the lowest performance values to get the most power savings. " .
"Adaptive mode attempts to strike a balance by degrading performance when " .
"the system appears idle and increasing it when the system is busy. It " .
"offers a good balance between a small performance loss for greatly " .
"increased power savings. Hiadaptive mode is alike adaptive mode, but " .
"tuned for systems where performance and interactivity are more important " .
"than power consumption. It raises frequency faster, drops slower and " .
"keeps twice lower CPU load."); ?>
</div>
</td>
</tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext('On AC Power Mode') ?></td>
<td>
<select name="powerd_ac_mode" class="selectpicker" data-style="btn-default" data-width="auto">
<option value="hadp" <?=$pconfig['powerd_ac_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Hiadaptive");?>
</option>
<option value="adp" <?=$pconfig['powerd_ac_mode']=="adp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Adaptive");?>
</option>
<option value="min" <?=$pconfig['powerd_ac_mode']=="min" ? "selected=\"selected\"" : "";?>>
<?=gettext("Minimum");?>
</option>
<option value="max" <?=$pconfig['powerd_ac_mode']=="max" ? " selected=\"selected\"" : "";?>>
<?=gettext("Maximum");?>
</option>
</select>
</td>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext('On Battery Power Mode') ?></td>
<td>
<select name="powerd_battery_mode" class="selectpicker" data-style="btn-default" data-width="auto">
<option value="hadp"<?=$pconfig['powerd_battery_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Hiadaptive");?>
</option>
<option value="adp" <?=$pconfig['powerd_battery_mode']=="adp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Adaptive");?>
</option>
<option value="min" <?=$pconfig['powerd_battery_mode']=="min" ? "selected=\"selected\"" :"";?>>
<?=gettext("Minimum");?>
</option>
<option value="max" <?=$pconfig['powerd_battery_mode']=="max" ? "selected=\"selected\"" : "";?>>
<?=gettext("Maximum");?>
</option>
</select>
</td>
</tr>
<td><a id="help_for_powerd_normal_mode" href="#" class="showhelp"><i class="fa fa-info-circle text-circle"></i></a> <?=gettext('On Normal Power Mode'); ?></td>
<td>
<select name="powerd_normal_mode" class="selectpicker" data-style="btn-default" data-width="auto">
<option value="hadp"<?=$pconfig['powerd_normal_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Hiadaptive");?>
</option>
<option value="adp" <?=$pconfig['powerd_normal_mode']=="adp" ? "selected=\"selected\"" : "";?>>
<?=gettext("Adaptive");?>
</option>
<option value="min" <?=$pconfig['powerd_normal_mode']=="min" ? "selected=\"selected\"" :"";?>>
<?=gettext("Minimum");?>
</option>
<option value="max" <?=$pconfig['powerd_normal_mode']=="max" ? "selected=\"selected\"" : "";?>>
<?=gettext("Maximum");?>
</option>
</select>
<div class="hidden" for="help_for_powerd_normal_mode">
<?=gettext("If the powerd utility can not determine the power state it uses \"normal\" for control."); ?>
</div>
</td>
</tr>
#8
16.7 Legacy Series / Re: DNS Resolver cannot resolve itself
August 06, 2016, 11:23:39 PM
This worked :)
#9
16.7 Legacy Series / Re: DNS Resolver cannot resolve itself
August 05, 2016, 04:38:06 PM
Seems OK, without the "systems.inc" changes.
However when I tried to fetch a raw "systems.inc", it borked out an error at line 1998, "services_dhcpd_configure();" could not be found, but that is called at line 201? Maybe due to other commits?
However when I tried to fetch a raw "systems.inc", it borked out an error at line 1998, "services_dhcpd_configure();" could not be found, but that is called at line 201? Maybe due to other commits?
#10
16.7 Legacy Series / Re: [SOLVED] can't install opnsense
July 18, 2016, 09:50:14 PM
Have you tried it in a USB 2.0 port? The da0 GPT seems to get rejected, is what I gather from the partial screenshot?
Can you choose UEFI with CSM support "yes" in the bios?
With all the UEFI failures in security, I would not trust UEFI that much. (Lenovo / with copy-paste Intel BIOS SDK with insecure bootcode)
btw.
I use passmark's imageUSB software (http://osforensics.com/tools/write-usb-images.html) or Rufus (https://rufus.akeo.ie/?locale=en_US) to create USB img
Can you choose UEFI with CSM support "yes" in the bios?
With all the UEFI failures in security, I would not trust UEFI that much. (Lenovo / with copy-paste Intel BIOS SDK with insecure bootcode)
btw.
I use passmark's imageUSB software (http://osforensics.com/tools/write-usb-images.html) or Rufus (https://rufus.akeo.ie/?locale=en_US) to create USB img
#11
16.7 Legacy Series / Re: DNS Resolver cannot resolve itself
July 11, 2016, 05:27:41 PM
With "All" selected, opnsense.home is not added to the host_entries.conf file.
So trying to resolve the hostname results in:
With "LAN and LAN ipv6 link-local" selected, hostname does resolve correctly.
That is all performed with my quick and dirty fix (interface --> active_interface), but when you also select localhost in the unbound general options page, you'll get double references to localhost and unbound will refuse to start.
So I undid the fix (active_interface --> interface) and tried with interfaces set to "All" and again with "LAN" only.
Both times the generated "host_entries.conf" file won't contain the localhost names to resolve to for the router.
So I redid my fix (line 519 and 520).
The localhost reference is already statically generated by the lines 504~512 btw.
The choice for "localhost" should be removed in the GUI pull-down menu so a user can not create double entries and have unbound fail to start.
So trying to resolve the hostname results in:
Code Select
C:\>nslookup opnsense.home
Server: UnKnown
Address: 192.168.0.1
*** UnKnown can't find opnsense.home: Non-existent domain
With "LAN and LAN ipv6 link-local" selected, hostname does resolve correctly.
Code Select
C:\>nslookup opnsense.home
Server: OPNsense.home
Address: 192.168.0.1
Name: opnsense.home
Addresses: fe80::6a05:caff:fe0f:c59
192.168.0.1
C:\>
That is all performed with my quick and dirty fix (interface --> active_interface), but when you also select localhost in the unbound general options page, you'll get double references to localhost and unbound will refuse to start.
So I undid the fix (active_interface --> interface) and tried with interfaces set to "All" and again with "LAN" only.
Both times the generated "host_entries.conf" file won't contain the localhost names to resolve to for the router.
Code Select
C:\>nslookup opnsense.home
Server: UnKnown
Address: 192.168.0.1
*** UnKnown can't find opnsense.home: Non-existent domain
So I redid my fix (line 519 and 520).
The localhost reference is already statically generated by the lines 504~512 btw.
The choice for "localhost" should be removed in the GUI pull-down menu so a user can not create double entries and have unbound fail to start.
#12
16.7 Legacy Series / Re: DNS Resolver cannot resolve itself
July 09, 2016, 11:32:24 PM
With the quickfix, like above and only "LAN" selected
Now with "LAN; LAN IPv6 Link-local; Localhost"
(unbound can not be started!!)
Perhaps a check for the "localhost" selection, or maybe delete "localhost"from the options.
Code Select
local-zone: "home" transparent
local-data-ptr: "127.0.0.1 localhost"
local-data: "localhost A 127.0.0.1"
local-data: "localhost.home A 127.0.0.1"
local-data-ptr: "::1 localhost"
local-data: "localhost AAAA ::1"
local-data: "localhost.home AAAA ::1"
local-data-ptr: "192.168.0.1 OPNsense.home"
local-data: "OPNsense.home A 192.168.0.1"
local-data: "OPNsense A 192.168.0.1"
Now with "LAN; LAN IPv6 Link-local; Localhost"
Code Select
local-zone: "home" transparent
local-data-ptr: "127.0.0.1 localhost"
local-data: "localhost A 127.0.0.1"
local-data: "localhost.home A 127.0.0.1"
local-data-ptr: "::1 localhost"
local-data: "localhost AAAA ::1"
local-data: "localhost.home AAAA ::1"
local-data-ptr: "192.168.0.1 OPNsense.home"
local-data: "OPNsense.home A 192.168.0.1"
local-data: "OPNsense A 192.168.0.1"
local-data: "OPNsense.home AAAA fe80::6a05:caff:fe0f:c59"
local-data: "OPNsense AAAA fe80::6a05:caff:fe0f:c59"
local-data-ptr: "127.0.0.1 OPNsense.home"
local-data: "OPNsense.home A 127.0.0.1" (<--- this is double entry and causes issues)
local-data: "OPNsense A 127.0.0.1" (<--- this is double entry and causes issues)
local-data-ptr: "::1 OPNsense.home"
local-data: "OPNsense.home AAAA 127.0.0.1" (<--- this is double entry and causes issues)
local-data: "OPNsense AAAA 127.0.0.1" (<--- this is double entry and causes issues)
(unbound can not be started!!)
Perhaps a check for the "localhost" selection, or maybe delete "localhost"from the options.
#13
16.7 Legacy Series / Re: DNS Resolver cannot resolve itself
July 08, 2016, 04:23:26 PM
That is because the "/var/unbound/host_entries.conf" does not contain the hostname and ip information.
With a single Network Interface selected in the DNS resolve: General menu --> Network Interfaces. You can fix this by editing the "/usr/local/etc/inc/unbound.inc" file.
Edit lines 515 & 516 from this:
into this
After saving the DNS Resolver page a new "/var/unbound/host_entries.conf" will be generated and you can resolve the router itself by hostname.
However this is not "the" fix because when multiple "DNS resolve: General menu --> Network Interfaces" are chosen, this fix does not work. (example LAN and LAN IPv6 Link-local and Localhost, you'll get conflicts in the host_entries.conf)
With a single Network Interface selected in the DNS resolve: General menu --> Network Interfaces. You can fix this by editing the "/usr/local/etc/inc/unbound.inc" file.
Edit lines 515 & 516 from this:
Code Select
if (isset($config['unbound']['interface'])) {
$interfaces = explode(",", $config['unbound']['interface']);
into this
Code Select
if (isset($config['unbound']['active_interface'])) {
$interfaces = explode(",", $config['unbound']['active_interface']);
After saving the DNS Resolver page a new "/var/unbound/host_entries.conf" will be generated and you can resolve the router itself by hostname.
However this is not "the" fix because when multiple "DNS resolve: General menu --> Network Interfaces" are chosen, this fix does not work. (example LAN and LAN IPv6 Link-local and Localhost, you'll get conflicts in the host_entries.conf)
#14
General Discussion / Disable NetBIOS from the DHCP service
June 17, 2016, 05:59:48 PM
I Follow the TechSNAP show on jupiterbroadcasting/youtube.
http://www.jupiterbroadcasting.com/100526/apple-pretend-filesystem-techsnap-271/
news story:
http://news.softpedia.com/news/badtunnel-bug-hijacks-network-traffic-affects-all-windows-versions-505294.shtml
Most windows machines are setup as "default", so if DHCP query sets nothing the NetBIOS is interpreted as "enabled".
So this started me tinkering around (services.inc), what do you need to setup in "DHCPD.conf" to disable NetBIOS from the DHCP service.
So I did some google searches and found this code example for Linux (ICS DHCP).
http://www.bakarasse.de/pages/en/linux/disable-netbios-via-dhcp.php?lang=EN
I only got the single host example to work with my static DHCP leases, adding the code in the "pool" didn't work.
Maybe the wrong location? Or it does not work in a "pool".
Partial "dhcpd.conf" after tinkering.
It would be nice if the NetBIOS option would become a slider (on/off) in a future update ;)
http://www.jupiterbroadcasting.com/100526/apple-pretend-filesystem-techsnap-271/
news story:
http://news.softpedia.com/news/badtunnel-bug-hijacks-network-traffic-affects-all-windows-versions-505294.shtml
Quote"Exploitation points remain open for non-supported Windows operating systems such as XP, Windows Server 2003, and others, for which patches have not been released. For these operating systems, and for those that can't be updated just yet, system administrators should disable NetBIOS."
Most windows machines are setup as "default", so if DHCP query sets nothing the NetBIOS is interpreted as "enabled".
So this started me tinkering around (services.inc), what do you need to setup in "DHCPD.conf" to disable NetBIOS from the DHCP service.
So I did some google searches and found this code example for Linux (ICS DHCP).
http://www.bakarasse.de/pages/en/linux/disable-netbios-via-dhcp.php?lang=EN
I only got the single host example to work with my static DHCP leases, adding the code in the "pool" didn't work.
Maybe the wrong location? Or it does not work in a "pool".
Partial "dhcpd.conf" after tinkering.
Code Select
option domain-name "home";
option ldap-server code 95 = text;
option domain-search-list code 119 = text;
option arch code 93 = unsigned integer 16; # RFC4578
# to save the vendor id in the lease db:
set vendor-id = option vendor-class-identifier;
# specifying the option space name:
option space MSFT;
option MSFT.nbt code 1 = unsigned integer 32;
default-lease-time 7200;
etc...
Code Select
host s_lan_0 {
hardware ethernet 00:11:22:aa:bb:cc;
fixed-address 192.168.0.20;
option host-name "EXAMPLE";
if substring ( option vendor-class-identifier, 0, 8 ) = "MSFT 5.0"
{
vendor-option-space MSFT;
# 1 = enable, 2 = disable NetBIOS over TCP/IP:
option MSFT.nbt 2;
}
}
It would be nice if the NetBIOS option would become a slider (on/off) in a future update ;)
#15
16.1 Legacy Series / Re: Unbound host entries generating bug
March 17, 2016, 05:22:54 PM
Using Localhost (which you can select in the unbound menu options) kind off, needs to be excluded.
You get double 127.0.0.1 entries, and unbound refuses to start. That's why, dns lookups are unresponsive.
I feel you can get away with just the LAN and or the LAN IPv6 Link-Local as options.
But don't know how virtual interfaces would translate, using the current "unbound.inc"
You get double 127.0.0.1 entries, and unbound refuses to start. That's why, dns lookups are unresponsive.
I feel you can get away with just the LAN and or the LAN IPv6 Link-Local as options.
But don't know how virtual interfaces would translate, using the current "unbound.inc"
