Topics

[sysctl dev.cpu | grep temperature]

Hello,

Im testing new Intel N200 box, and came across interesting issue with CPU temperature reporting. My fanless box is practically cool to touch, but CPU temp in OPNSense is reporting 45 degrees, that it seemd to me too much. So I did some digging.

If I log in console and issue, I got more realistic CPU temp with command;

sysctl dev.cpu | grep temperature
dev.cpu.3.temperature: 35.0C
dev.cpu.2.temperature: 35.0C
dev.cpu.1.temperature: 36.0C
dev.cpu.0.temperature: 35.0C

I checked what command is OPNSense using for temp sensors and its;

sysctl -a | grep temperature
hw.acpi.thermal.tz0.temperature: 27.9C
dev.cpu.3.temperature: 45.0C
dev.cpu.2.temperature: 45.0C
dev.cpu.1.temperature: 44.0C
dev.cpu.0.temperature: 43.0C

If I stress test the machine this 2 temps come together at 55 degrees after 30 min witch is ok.

I installed HTOP and check the temp there, the lower values are reported, with occasional spike above 40 but average at 36 - 37 degrees.

I live booted linux on the same machine and checked linux temp sensors .. they are also reporting average of 36 - 38 degrees.

Out of curiosity I also spin up pfsense, and temp was also ok .. no spikes above 40 degrees. - but pfsense is using different command to read cpu temp then opnsense.

Overall this is not life threatening situation 😊 😊, but only my observation I decided to post it here. According to my testing both temps are correct higher temp is actually achieved by CPU when short load hits it, but it lasts less then a second and it falls to 36 degrees. It looks to me that the command sysctl -a | grep temperature is displaying max values in certain period, averaging in higher temp in dashboard that it really is.


I also tested this on my other firewall running Intel core I5 and there the difference is max 2-3 degrees Celsius, that its not really noticeable.

I also searched the forum, and few similar post have already been posted;

https://forum.opnsense.org/index.php?topic=34395.msg166556#msg166556

I think that it would be good to revise the temp monitoring and maybe use sysctl dev.cpu | grep temperature as it reports more "real" CPU temp.

Regards,

Hello,

Just checking if maybe someone has tested fitlet3 from compulab...I ordered a test unit long time ago, since they had issues with availability the delivery delayed, and I should recive it in couple of weeks now.

Meanwhile they changed Intel onboard LAN controller to Marvel 88E1512 phys. I'm not sure if the controller is supported under freebsd 13.1 or opnsense, at least thats what they stated recently on their wiki page:

http://fit-pc.com/wiki/index.php?title=Fitlet3_Errata_Notes#FITLET3ERR005:_fitlet3_default_LAN_interfaces_are_not_recognized_by_some_-nix_based_OS

Previous version fitlet2 had intel controllers all around, and it was an excellent little box, I hope that the driver issue can be included also in opnsense. What I managed to find is "some kind" of driver in freebsd 14 branch

https://cgit.freebsd.org/src/commit/?id=adff82ea35b77a2961376f0806794698d97ed018 , but since I'm no SW developer I dont have a clue if its the right one :), and if its possible to manually install it without recompiling.

Any feedback appreciated,

Regards,

Hello..I hope its not against the rules..but I thought I post it here first if someone finds it useful...I have available for sale 1y old fitlet2 (J3455) with 8G RAM and 256G mSATA in EU.

It handles (tested via ppoe) 1Gpbs without IPS/IDS and around 500mb VPN traffic. I didnt do testing with IPS/IDS so dont have the valid figures there.

Everything in perfect working order. Shipped to EU only. Price 300 EUR shipped to your address.

For more info PM me.

ello,

Maybe someone has an idea how to increase this. I noticed these errors in log files since upgrade to 22.1. Obviously GEOIP_block alias is too big to be processed. It worked on previous version.

Thanks.


null
Consider increasing net.pf.request_maxcount.Invalid argument. {current_size: 491798, new_size: 525738}
2022-02-09T15:07:02
/update_tables.py   Error loading alias [GEOIP_Block]: cannot set addresses in GEOIP_Block: too many elements.

Hello,

Moderators if this is against the rules, please delete. I run my FW virtualised now on new HW, so I have spare qotom Q335G4 with i3-5005U CPU and 4 intel i211 eth ports, if anyone is interested or in need, since boats from China are slow lately.

Everything is in perfect working order, box is barebone no RAM or HDD. Willing to ship to EU only.

PM me for the rest.

EDIT: On the way to new home :)

Hi,

Just tried to do upgrade from 1.18.7_1 to 18.1.8, and upgrade is not successful. Packages are downloaded, but reboot did not happen. Then I manually rebooted the router, and I'm still on old version. If I initiate upgrade again..this is the output;



**GOT REQUEST TO UPGRADE: all***
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (67 candidates): .......... done
Processing candidates (67 candidates): ... done
The following 16 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
   sudo: 1.8.22_5 -> 1.8.23_2
   sqlite3: 3.23.0 -> 3.23.1
   socat: 1.7.3.2_2 -> 1.7.3.2_3
   python27: 2.7.14_1 -> 2.7.15
   py27-sqlite3: 2.7.14_7 -> 2.7.15_7
   opnsense-update: 18.1.6 -> 18.1.8
   opnsense: 18.1.7_1 -> 18.1.8
   openssh-portable: 7.7.p1_1,1 -> 7.7.p1_2,1
   libnghttp2: 1.31.1 -> 1.32.0
   liblz4: 1.8.1.2,1 -> 1.8.2,1
   krb5: 1.16_1 -> 1.16.1
   freetype2: 2.9_1 -> 2.9.1
   ca_root_nss: 3.36.1 -> 3.37

Installed packages to be REINSTALLED:
   libucl-0.8.0
   libffi-3.2.1_2
   curl-7.59.0 (options changed)

Number of packages to be upgraded: 13
Number of packages to be reinstalled: 3

The operation will free 1 MiB.
1 MiB to be downloaded.
[1/2] Fetching curl-7.59.0.txz: .......... done
pkg-static: cached package curl-7.59.0: size mismatch, fetching from remote
[2/2] Fetching curl-7.59.0.txz: .......... done
pkg-static: cached package curl-7.59.0: size mismatch, cannot continue
Starting web GUI...done.
Generating RRD graphs...done.
***DONE***

Hello,

Sorry for maybe stupid question..there is a feature planned for 18.7 (most probably) to have backups via WebDav (nextcloud).

Would this feature also work with other cloud solutions accessible via webdav? Personally I'm using pCloud, that is fairly popular in EU, and pcloud is also accessible via https://webdav.pcloud.com, or the implementation is specific to nextcloud?

Thanks for sharing the light :)

Regards,

Hello,

I did reinstall of my test FW today, and I tried to load configuration with config importer during install. The process fails, with error cant mount drive. I used USB drive with .xml config file, tried formating in FAT, FAT32 and NTFS..but nothing works...USB drive is picked up ok.

Am I doing something wrong or importer doesn't work?

Thanks,

Hello,

I noticed under pppoe WAN interface status that uptime is always in hour format? This of course has no impact in functionality :)..but is there any special reason to have it in this format only ? and not day:hour

Thanks,

Hello..

I have a question how to properly issue wildcard certificate for my domain. Acme plugin in opnsense is configured and tested via staging environment and DNS validation option.

Can enyone help me properly populate this window ? Not sure if I need to put *example.com or only example.com or should I specify something under Alt.names.



Thanks for helping..

Hello,

Quick question since im not FreeBSD expert, is it possible to instal htop on opnsense?
I tried with: pkg install htop from console, but no luck, package not found.

Thanks,

Hi..

Is there an option to make system widget configurable like pfsense has?  To simply disable stuff you dont like to see inside the widget?

What it would be nice to see is to add to CPU Type current CPU frequency..maybe add temperature monitoring inside system widget..with one bar line, to save space on the dashboard screen. Now if I want to have temperature displayed, I need to add additional widget taking to much space..also an option to display cpu utilization ether in graph or bar or % number...personally current graph is not my favorite :).

Otherwise hands down to opnsense team everything is running smoothly for me.

Regards,

Hello,

Maybee a beginners bad luck with my setup, but anyway I would like to ask if someone is using VPN client and route trough VPN only specific IP's from the LAN network.

I try to setup this but no luck..in 18.1.2 release notes there was fix issued regarding VPN outbound rules.

There are reports of this issue also VPN HOW TO on this forum https://forum.opnsense.org/index.php?topic=4979.0

I followed that HOW-TO, also tried couple of other options, but traffic from the clients doesent want to go trough VPN interface.

Regards,

Hello,

This is my first post here, just recived qotom i3 mini PC, and try to install opnsense. If i select auto install everything is working, but i would like to use manual partitioning and not create any swap partition. With manual partitioning selected installer is crashing each time it should write changes to disk. Im using UEFI boot.

Is this a known issue ?or maybee HW related?

Thanks,