Topics

1

24.1 Legacy Series / DynDNS - native client

« on: February 12, 2024, 12:13:39 pm »

When I change from ddclient to native client, do I need to recreate all host records? Because the logs still show "ddclient" as process being used.
Thanks!

2

24.1 Legacy Series / Not a smooth upgrade this time...

« on: February 09, 2024, 12:52:01 pm »

I think I have been spoiled by all the smooth upgrades I had in the past. This time it was all but smooth.
The server went unresponsive multiple times (had to hard-reboot), web gui not responding, LAN interface got unresponsive after a few minutes being up. I finally have it running now, but still occasionally can't connect to the web UI.
I have submitted a crash report. What else can I do to help?

I also now have this error message popping up in backend log every hour:

Code: [Select]

[07bbd436-4c8f-446a-9205-24455d9ba5f5] Script action stderr returned "b'Traceback (most recent call last):\n File "/usr/local/opnsense/scripts/OPNsense/Zenarmor/sensei-db-version.py", line 11, in <module>\n from packaging import version\nImportError: cannot import name \'version\' from \'packaging\' (unknown location)'"Is Zenarmor fully supported with this release?
Thank you for your great work!

3

23.7 Legacy Series / API access to certificate store

« on: February 01, 2024, 10:36:23 am »

I think this has been asked before (can't find the thread anymore) but maybe something has changed:
Is there any plan to support API access to the certificate store? I would love to utilise the acme plugin to manage all my certificates, not only those used on the firewall. But then I need some automated way to retrieve them after renewal.
Is there any workaround? Maybe someone has a shell script that exports the certificate locally and then I can scp it from the machine?
Thanks! Till

4

General Discussion / phpIPAM API integration

« on: November 17, 2023, 12:49:02 pm »

Has anyone already done some phpIPAM integration into OPNSense? Both tools have open API's.
I wonder if I could build something like:
- creating a new device with a static IP in phpIPAM will aotmatically create an DHCP entry in OPNSense for the static v4 IP.
Anyone?
Thanks!

5

General Discussion / DNS0.EU - anyone?

« on: March 02, 2023, 10:48:50 am »

Did anyone already look into the newly lounged DNS0.EU initiative? Sounds like a good European alternative to NextDNS or the like. -Till

6

23.1 Legacy Series / Migrating to ddclient - spdns combined hosts

« on: February 06, 2023, 11:29:24 am »

Does anyone have experience in updating spdns combined hosts (IPv4 & IPv6 with a single update token) with ddclient?
The update URL looks like this:

Code: [Select]

https://update.spdyn.de/nic/update?hostname=Domain&myip=IPv4Address,IPv6Address&user=hostname&pass=update-tokenDo I need to go for custom with this?

Thanks!

7

23.1 Legacy Series / Web UI doesn't start anymore after last update

« on: February 05, 2023, 01:57:32 pm »

I was on 23.1 for a few days and today I was offered an updated ddclient package, so I installed.
Since then web UI doesn't start anymore.
When restarting all services via SSH, I get the following output which indicated problems with ddclient.
Can someone help me to recover from that? I am not really deep into freebsd CLI. thank you!

Code: [Select]

FAILED:   updating <domian_replaced>: unexpected status (14)
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4105.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 2163.
WARNING:  updating : nochg: No update required; unnecessary attempts to change to the current address are considered abusive
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4114.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4115.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4116.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4105.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 2163.
FAILED:   updating : unexpected status (0)
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.

FAILED:    was not updated because protocol <undefined> is not supported.

8

22.1 Legacy Series / IPv6 track interface often fails after temporary DSL line failure

« on: May 03, 2022, 12:03:27 pm »

Team,
this is a problem I have for more than a year, so it is not specific to the current version. Nevertheless I wonder how to either fix it or work around it.
My setup is an external VDSL modem with OPNSense initiating a PPPoE session on it.
Unfortunately, the line is suffering from temporary instabilities. So it may break down and OPNsense re-establishes the connection a minute later. The problem I have is that in those cases, IPv6 adress assignment via track interface often fails. I assume this i some kind of timing problem. I can manually fiy this by reloading the PPPoE  via Interfaces->Overview->WAN-> PPPoE reload.
However this is a cumbersome manual procedure.
Any ideas?

thanks, Till

9

22.1 Legacy Series / [Solved][22.1.6][unbound] host overide alias doesn't work

« on: April 29, 2022, 03:18:31 pm »

Hi,
just realized - no matter what I put into the alias dialog, nothing shows up under host override -> alias afterwards. The list stays empty.
Is this a bug?

thanks! Till

10

22.1 Legacy Series / compatible plugins

« on: January 31, 2022, 05:12:56 pm »

As always, I struggle to find out if alll the plugins I run will be compatible with 22.1.
Is there any way to figure out without trial/error?

thanks!

11

Zenarmor (Sensei) / Zenarmor and local proxy

« on: January 20, 2022, 11:45:51 am »

For a specific use case, I run a forward proxy server on OPNsense.
However, those clients using the proxy, seem to bypass Zenarmor.
Any recommendation how to configure it to work with a locally installed proxy?

thanks!

12

21.7 Legacy Series / allow internet access to VLAN6 but block access to other local IPv6 networks?

« on: December 25, 2021, 09:36:02 pm »

I need a quick inspiration:
On IPv4, i can easily create a rule that allows internet access to a certain VLAN and excluding access to other local networks by inverting the destination.
With IPv6 (track interface), I don't have static networks. How would I craft a rule to achieve the same which would work with any IPv6 network assigned to the other interfaces?

thanks, Till

13

German - Deutsch / Plötzlich Probleme beim Zugriff auf ARD und ZDF Mediathek

« on: November 28, 2021, 11:24:48 am »

Hallo,
hat irgendjemand ähnliche Erfahrung gemacht das der Zugriff auf die Mediatheken vom SmartTV plötzlich hakt? Hat sich durch eines der letzten OPNSense updates da irgendwas verändert?
Ich steh da grad ein bisschen auf dem Schlauch.
VG!

14

21.1 Legacy Series / update oddities

« on: February 10, 2021, 01:05:13 pm »

Hi,
for a while already I have the problem that one of my firewalls won't update via UI anymore.
It always resonds with

Code: [Select]

"Timeout while connecting to the selected mirror."Updating from shell works. Though it throws a warning:

Code: [Select]

Fetching change log information, please wait... fetch: transfer timed out
fetch: /tmp/changelog/changelog.txz.sig appears to be truncated: 0/1332 bytes
Checking that folder, it is indeed empty:

Code: [Select]

root@OPNsensemil:~ # ls -la /tmp/changelog/
total 8
drwxr-xr-x  2 root  wheel   512 Feb 10 13:01 .
drwxrwxrwt  6 root  wheel  1024 Feb 10 12:59 ..
root@OPNsensemil:~ #
Any advise how to fix this?
I am on 21.1, but this problem existed before.

Update:
this seems to be similar to this:
https://forum.opnsense.org/index.php?topic=21087.msg98506#msg98506

thanks, Till

15

20.7 Legacy Series / Can pppoE break a DSL sync?

« on: December 02, 2020, 06:54:07 pm »

Not sure if the topic attracts a reader but let me give it a try:

I have, since a few months, the problem that my VDSL connection breaks once or twice a day.
My setup so far was OPNsense with pppoE on WAN -> Draytek Vigor 165 as modem.
It's not only the pppoe that breaks, it is the DSL wich re-syncs and then 2 min later the connection is back.

I replaced the modem - > same issue.
I called the ISP, they came and changed the port in the DSLAM and also the a different pair of cables.
-> same issue.
So I bought an original Telekom Smart 3 router, put it into modem only mode and tried that -> same issue.
So finally, I put the Telekom Smart 3 back into router mode, reconfigured OPNsense to not use pppoe but just send packets to the Telekom router. -> Now the connection is stable.
How can that be? Did OPNsense 20.7 introduce some major changes to the pppoe client that brakes my connection? I can't imagine. I am a bit out of ideas and want my old setup back but I need to get it stabilized (was running well before). I can't really say if this started with the 20.7 upgrade, but it falls into the same timeframe.
Any feedback, suggestions are highly appreciated!
cheers, Till