Messages

1

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 31, 2019, 11:15:04 pm »

The ISO has been uploaded here: https://hardenedbsd.org/~shawn/opnsense/2019-03-26_hbsd_11-stable_disc1.iso

Can anyone interesting in running OPNsense 19.1 in a Hyper-V Gen2 instance please test?

I created a gen 2 VM on a windows server 2012R2 hyper-v using the iso and there were no problems. I went all the way through the installation until the final step to reboot, but I didn't boot the installed image.

Awesome! And the original 19.1 ISO caused crashes for you, correct?

2

General Discussion / Re: IPv6 privacy extensions for WAN interface

« on: March 29, 2019, 05:23:21 pm »

HardenedBSD enabled IPv6 privacy extensions by default[1]. Unless explicitly disabled by OPNsense 19.1, they should still be enabled.

[1]: https://github.com/HardenedBSD/hardenedBSD/wiki#generic-system-hardening

3

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 26, 2019, 06:44:25 pm »

I've added the Hardware above.

i tested also on a Server 2012 R2, Gen2, Configuration Version 5.0, there installer works, Live-CD too
E3-1270 v3, Intel Board S1200RP, 32GB ECC RAM

On a Server 2016, Gen2, Configuration Version 8.0, it works like the Server 2012 R2
E3-1240 v5, Supermicro Board X11SSL-CF, 32GB ECC Ram

On the Server 2019 (above) i create a Gen2 Configuration Version 5.0, the same "error"

On a Windows 10 1809, Gen2 Configuration Version 9.0, the same error
i3-4150, Supermicro X10SLV-Q, 8GB RAM (a small PBX-Host)

Something that i can test? (for testing i removed the NIC from the configuration, set use other CPU-Version, error is the same)

Is this your processor, then? https://ark.intel.com/content/www/us/en/ark/products/52276/intel-xeon-processor-e3-1270-8m-cache-3-40-ghz.html

No need for changes on your end. A basic Gen2 config (with secure boot disabled) should be enough for testing.

4

Hardware and Performance / Re: [Working] OPNsense on Raspberry Pi 2

« on: March 26, 2019, 05:20:19 pm »

I'd be more than happy to help test! I've got several RPI3 boards gathering dust.

If I get some spare time this week and/or next, I'll test on the RPI3.

5

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 26, 2019, 05:17:18 pm »

Hi lattera,

the Attached Image ist the boot Screen and the Settings (German)
Secure Boot is of.

Thanks for helping! What are the specs for your hardware? I'm primarily curious about CPU make and model.

6

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 26, 2019, 03:18:42 pm »

The ISO has been uploaded here: https://hardenedbsd.org/~shawn/opnsense/2019-03-26_hbsd_11-stable_disc1.iso

Can anyone interesting in running OPNsense 19.1 in a Hyper-V Gen2 instance please test?

7

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 26, 2019, 03:07:55 am »

I'll just leave this here.

Test ISO coming soon.

8

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 22, 2019, 06:09:17 pm »

Can you post a screenshot of the panic?

9

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 16, 2019, 04:53:49 pm »

When you're at the boot prompt (after selecting option 3), type this in:

set vm.pmap.pti="0"
boot

10

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 16, 2019, 04:15:47 pm »

Oh, I posted this in the wrong thread, see below.

@bimmeldriver yes please, installer may hang but CTRL+C should work around it ok.

So this is the preliminary amd64 ISO for 19.1.4. It can be used in production and upgrades normally...

https://pkg.opnsense.org/FreeBSD:11:amd64/snapshots/OPNsense-19.1.4-OpenSSL-dvd-amd64.iso.bz2

All images, checksums and the announcement follow next week when we will have wrapped up testing image integrity for all other images (it takes about 2 days in total to do that).


Cheers,
Franco

First I want to say thanks for all the hard work put into this outstanding software!

I downloaded the ISO and burned it to a DVD.  When I boot from the DVD, it reboots over and over.  It does load the Kernel modules and then shows Booting.  The screen refreshes and looks like it is starting up and then that is when the computer restarts.  I even tried the Safe Mode and that didn't help.

The DVD Reader isn't that old while my Motherboard, Processor and RAM are.
Motherboard:  ASUS M4A785-M
Processor:  AMD Athlon II X2 245 Speed 2900Mhz
RAM: 8GB

The bios on the Motherboard is up to date.

Thanks,
Charles

I believe setting `vm.pmap.pti=0` at the boot prompt will solve your boot loop issue. Once your system is booted, you can set that permanently via the GUI or via manual edit of /boot/loader.conf.local

11

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 15, 2019, 04:14:58 pm »

Oh, I posted this in the wrong thread, see below.

@bimmeldriver yes please, installer may hang but CTRL+C should work around it ok.

So this is the preliminary amd64 ISO for 19.1.4. It can be used in production and upgrades normally...

https://pkg.opnsense.org/FreeBSD:11:amd64/snapshots/OPNsense-19.1.4-OpenSSL-dvd-amd64.iso.bz2

All images, checksums and the announcement follow next week when we will have wrapped up testing image integrity for all other images (it takes about 2 days in total to do that).


Cheers,
Franco

Franco/Lattera,

I will dedicate a few VM's on my side to test upgrades and installs for 18.7 to 19.1 and 19.1 to 19.7 on the QEMU/KVM platform. Willing to help out as much as I can.

Let me know if the upgrade images are ready for 18.7 to 19.1.4 and I will test that also.

Not sure I have any "baremetal" equipment to use in testing except some old Dell's.

Thanks again.

-Waz

Thank you very much! Your offer of assistance really means a lot to me. I've got a busy weekend as my wife has planned a few special events. I'll likely get back to tracking down the kernel NX bug seen mostly on Hyper-V systems and some Dell systems on Tuesday of next week. Each time I build a new HardenedBSD 11-stable ISO, I will let you know for your own testing. All I need to know is if it boots to the installer, no need to actually perform the install. I can also upload a memstick image so you don't have to dust off dvd discs.

12

19.1 Production Series / Re: kern.random.harvest.mask, can't set to 351, stays as 65887

« on: March 15, 2019, 12:02:52 am »

The HardenedBSD team is looking at this. Thanks for the report!

13

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 14, 2019, 06:06:41 pm »

Gotcha. Once I'm finished with the Hyper-V issues, I'll take a look at how opnsense's updater works and take the discussion private with some potential solutions for the team to discuss.

14

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 14, 2019, 06:00:40 pm »

Franco,

Thanks for the clarification! Would you like me to file a feature request in github for teaching opnsense's updater how to display multiple changelogs?

15

19.1 Production Series / Re: Kernel panic after upgrade

« on: March 14, 2019, 05:12:26 pm »

I kinda wonder if it'd be best to show all changelogs from 19.1 to 19.1.4.