Topics

Hello
i have activated telegraf the network traffic part

i found out
there is only one port and no label which port it is! Belive it is the WAN Port, hope so!??
then bytes send and recv are cumulativ!
Packets send and recv are cumulativ, too!

but in the opnSense Gui Reporting Traffic the data looks the way i wish

have a nice day
vinc

Hello
in the GUI i have seen

Disk Usage
100% /var/log [tmpfs] (2.0G/2.0G)

is there not a auto merge to not get full of disk space?
is it possible to delete them from the Gui? and where?
is it possible to delete it from cli and how?

have a nice day
vinc

hello
wished to config telegraf to send some information to my server.

i use influx1.8 and done this
# influx
# show databases
# create database fw03
# create user ufw03 with password 'mypassword'
# show databases
# show users

at the end the database is there.

i did add the parameter above into opnSense - but telegraf is not starting at all.

is there some more do configure on the influxDB?
how to check if connection happen?

the system log give no information.

have a nice day
vinc

Hello

for opnSense monitoring i wish to create a VM and Install
TIG =
Telegraf
InfluxDB
Grafana

and of course more if needed.

but opnSense works best white which version?

should i use
InfluxDB 2.3 Open Source
Grafana v9.0.7
Telegraf open source data collector v1.23.3
?
have a nice day
vinc

hello
i still have the Problem, PC or iot can't reconnect to the WLAN or LAN itself.
the FW hangs - i also can't login, not by guy nor by serial Port.
only reboot the fw by force - disconect the power, and reboot helps
This happen all 10day or 2 week

OPNsense 22.1.8_1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1o 3 May 2022


i posted the problem on May
https://forum.opnsense.org/index.php?topic=28235
all update done but still have the Problem

Hello
Nothing to do with OpnSense! But maybe some nerds could help

i have a vm with jellyfin watching movies i have e directory filling up with some *.ts files.
until the older are deleted by the system or the disk run full.

is there a command to
find in a directory the oldest not used file and only keep the newest 10 or 20 files?

have a nice day
vinc

hello
i have a strange problem.
some times i can't login into my network. reboot of the laptop nothing help - but iot device are still working and doing communication - into the lan but also sending telegram without problem.
rebooting the FW help. After this all is fine!

today again
tryed to connect with consol cable but could not login and got a

FreeBSD/amd64 (FW-03) (ttyu0)

login: root
Password:
pid 259 (php), jid 0, uid 0, was killed: out of swap space
pid 199 (opnsense-pam), jid 0, uid 0, was killed: out of swap space

OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022

why this happen since a couple of week - but a couple of year befor never hat this kind of problem?

have a nice time
vinc

hello
i have done the update to
OPNsense 20.7.8_4 (amd64/OpenSSL) ***
but after a long reboot, i can't login
not on the GUI not on the Terminal

how to hack it?

have a nice day
vinc

hello
doing a update to the newest version i got in the Cosole some error

Stopping clamav_freshclam.
Waiting for PIDS: 75595.
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
[HBSD SEGVGUARD] [syslog-ng (81489)] Suspending execution for 600 seconds after 5 crashes.
-> pid: 81489 ppid: 88751 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>
[HBSD SEGVGUARD] [syslog-ng (88751)] Preventing execution due to repeated segfaults.
-> pid: 88751 ppid: 1 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>

what should i do now?
have a nice day
vinc

Hello

i use the MuninNode plugin which did work nice but since a couple of weeks i stopps working, but not allways and not all parts. see picture added.

there would also be a wish to remove some graphs! As example some removed vlan traffic/error graph.
Or add new added VLAN traffic/error.

OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4

Hello

i wished to add HAProxy to point to a VM on my Setup.
i followed this wonderfull tutorial in German https://schulnetzkonzept.de/opnsense
I think i have done it right but the HAProxy don^t start

/usr/local/etc/rc.d/haproxy: WARNING: failed to start haproxy

i have also a error like

kernel   arp: 32:ea:39:26:d2:c1 attempts to modify permanent entry for 10.147.42.195 on igb1

this ip would be the VM i wish to add to HAProxy

and another error but not sure if it belongs to my HAProxy error

configctl[67179]   error in configd communication Traceback (most recent call last): File "/usr/local/opnsense/service/configd_ctl.py", line 68, in exec_config_cmd line = sock.recv(65536).decode() socket.timeout: timed out

any idea how to find out why HAProxy not start?

have a nice day
vinc

OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4

Hello
doing a update
the process hangs at this place

Code Select Expand

[63/67] Extracting os-haproxy-2.25: .......... done
Stopping configd...done
Starting configd.
Keep version OPNsense\HAProxy\HAProxy (2.10.0)
Reloading plugin configuration
Configuring system logging...done.
Reloading template OPNsense/HAProxy: OK
Reloading template OPNsense/Syslog: OK
[HBSD SEGVGUARD] [syslog-ng (69496)] Suspending execution for 600 seconds after 5 crashes.
-> pid: 69496 ppid: 49740 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>
[HBSD SEGVGUARD] [syslog-ng (49740)] Preventing execution due to repeated segfaults.
-> pid: 49740 ppid: 1 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>

any idea whats the Problem?

have a nice day
vinc

Hello
i have a WLAN with SSID "iot" on a VLAN 42!
on the opnSense i got the VLAN as network and conected to the LAN Port.
DHCP is giving out IP Adress to the iot SSID from the VLAN 42

Now i have LAN where the computer/laptop are.

now the rule about this vlan should be
1) no access from vlan42 to LAN
2) access from vlan42 to WAN
3) access from LAN to vlan42 (else i can't configure theme)

Thanks for your help and feedback

vinc

Hello
since the Update
the Munin Agent do not send information on new added VLAN "Ports" traffic!
And there is also a function missing to remove old VLAN ID Traffic grafics!

have a nice day
vinc

Hello

I have UCS (Univention Corporate Server) running with User Management.
I also run a opnSense FW.

first,
i manage Radius and DHCP on my opnSense, would it be wise to move this function to the UCS itself?
It is possible to hold them on both place like a master and Backup system? if yes how?

Then
i have also the VPN on my opnSense, how to manage the userrights for VPN over UCS and giving the Information to the opnSense, how to add the Certificate back to the user. Goal would be a login into the VPN and get the cert.

How did you solved this challange?

have a nice day
vinc

after downloading and the information about rebooting in the console i got this....

Aug 25 16:21:49 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry
Aug 25 16:21:54 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry
Aug 25 16:21:59 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry

hello
when i startet with opnsense i had a LAN Port with ip Range and some VM inside the IP Range too.
Now i have added a VLAN for the local user on a Switch.

the LAN and VLAN have different IP Range!

how the rule should be to have full access from VLAN <--> LAN?
the VLAN so far works to connect over WAN outside!
the VLAN is fixed on top of the LAN Port!

have a nice day
vinc

Hello
after update - after every update i got a error like this.
with a link to
System: Firmware: Reporter

Unfortunately we have detected at least one programming bug.
Would you like to submit this crash report to the developers?

and i send it
but never get a feedback.

hello

i have a unifi AP on port 3 on my Switch
the Switch is connectetd over port 10 to the opnSense FW

the Switch also have some normal LAN Ports.

so i have done a Trunk on both Port 10 or 3

now i have triyed this but all other port on the Switch did not work any more

so will i have to config also the default VLAN on the opnSenseFW?
if so do i have to config something as default VLAN?
or it is possible to config the VLAN on the basic LAN Port?

or what i do i miss?

have a nice day
vinc

Hello

yesterday i did the upgrade to "Keen Kingfisher" and....
it just worked - took around 5 Minutes.
But at the end it bootet and everything back and OK

Thanks a lot for your Work

have a nice day
vinc