Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - dinguz

Pages: [1] 2 3 4

Zenarmor (Sensei) / a way to submit URLs for (re)classificitation by Zenarmor?

« on: October 01, 2024, 10:57:49 am »

I recently came across the website https://www.unibet.nl/ which is apparently one the larger gambling websites in my country. Unfortunately this wasn't recognized by Zenarmor.
Every once in while I come across an URL which isn't categorized or is categorized wrongly.
This leads me to the more general question: what is the preferred way of submitting these cases for (re)classification?

Zenarmor (Sensei) / Please verify and reclassify www.hamrick.com

« on: September 18, 2024, 08:23:53 pm »

The site www.hamrick.com is the website of Vuescan software. However, this is currently being classified as Botnet C&C. Could you please verify this to be correct and adjust if necessary?
They may have been hacked, or been hacked in the past and remedied this since, or perhaps this is a misclassification of some sort.

General Discussion / crowdsec ipv6 blocklist not populating

« on: August 05, 2024, 09:08:26 pm »

I have installed the crowdsec plugin, which seems to working alright. There is however one thing that bothers me: the ipv6 blocklist as viewed in the Firewall/Aliases page is not being populated, while the ipv4 list is. I have subscribed to the following lists: Firehol greensnow.co, botscout, and cruzit.com.
Am I missing something?

24.7 Production Series / 'Inspect' button is missing in the firewall mobile view

« on: July 31, 2024, 06:57:57 pm »

Title pretty much says it all. I'm currently using my phone to look at the OPNsense gui, and I noticed the 'Inspect' button in the firewall rules section is not visible, so I am not able to observe the evaluation and state count. Could this functionality perhaps be brought back?

Zenarmor (Sensei) / kea-dhcp4 not starting due to link flapping possibly caused by Zenarmor starting

« on: July 24, 2024, 08:02:55 pm »

Some time ago, I posted the message below to the 24.1 stable forum. One of the hypothesis is that kea fails to startup properly due to link flapping, caused by Zenarmor binding to the interface at the same time. This issue still exists with 24.7 final. When I disable Zenarmor, all is well.

A few OPNsense releases ago, I migrated from isc-dhcp4 to kea. This mostly works, however there is one nagging issue: Every once in a while, after a reboot, kea appears not to be running. In the logs, the message 'no interface configured to listen to DHCP traffic' is shown. After a manual restart of kea all is well.
The error is not readily visible on the OPNsense dashboard, as kea appears to be running, it just isn't doing anything.
As this doesn't always happen, it seems to be a timing-sensitive issue. Are other people seeing this?

Code: [Select]

2024-07-11T15:35:01 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_NO_SOCKETS_OPEN no interface configured to listen to DHCP traffic	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: the interface igb0 is not running	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.

Zenarmor (Sensei) / please whitelist https://www.teamnl.org/

« on: July 14, 2024, 06:32:47 pm »

The URL https://www.teamnl.org/ is currently being classified as 'gambling'. It is however the official Dutch site covering the Olympic Games 2024 in France. Maybe the site has shown gambling ads at some point, but it isn't related to gambling in itself. Could you please recategorize it?

24.1 Legacy Series / Kea: no interface configured to listen to DHCP traffic

« on: July 11, 2024, 07:54:05 pm »

A few OPNsense releases ago, I migrated from isc-dhcp4 to kea. This mostly works, however there is one nagging issue: Every once in a while, after a reboot, kea appears not to be running. In the logs, the message 'no interface configured to listen to DHCP traffic' is shown. After a manual restart all is well.
The error is not readily visible on the OPNsense dashboard, as kea appears to be running, it just isn't doing anything.
As this doesn't always happen, it seems to be a timing-sensitive issue. Are other people seeing this?

Code: [Select]

2024-07-11T15:35:01 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_NO_SOCKETS_OPEN no interface configured to listen to DHCP traffic	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: the interface igb0 is not running	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.	
2024-07-11T15:35:01 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcp4.0x834bcb000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.	
2024-07-11T15:34:57 WARN [kea-dhcp4.dhcpsrv.0x834bcb000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.

Zenarmor (Sensei) / Zenarmor: why manually restart packet engine to complete update?

« on: June 08, 2024, 08:38:47 pm »

Sometimes I log into the OPNsense web interface, go to the Zenarmor dashboard page, and then I'm greeted with the message that the packet engine has been updated, and needs to be restarted manually in order to activate the new version.
I try to configure my systems so they need as little manual intervention as possible. Would it be possible to restart the packet engine (not daily, but as part of an upgrade) using cron or something? I wouldn't mind a few seconds of downtime during the night for this.

General Discussion / How do I enable the original 'time' protocol

« on: March 10, 2024, 08:22:31 pm »

I have an ancient system where I can only use the original daytime/time protocols (at tcp ports 13 and 37). This system can't use NTP because of limited storage capacity on the device.

How do I enable OPNsense as a server providing this, preferably in a way which survives upgrades?

I have used the search, but couldn't find much because of the very generic search terms.

Zenarmor (Sensei) / Sensei db related error in backend log

« on: February 02, 2024, 06:59:49 pm »

After the upgrade to 24.1, I get this error each hour in the backend log:

Code: [Select]

[399652ba-ab4f-4b4f-aafe-76271a90cdf7] Script action stderr returned "b'Traceback (most recent call last):
File "/usr/local/opnsense/scripts/OPNsense/Zenarmor/sensei-db-version.py", line 11, in <module>
from packaging import version ImportError: cannot import name \'version\' from \'packaging\' (unknown location)'"

This started after this error, which happened jan 27 01:00:

Code: [Select]

[e2cf332c-cec2-4d45-a457-e312330f599c] Script action failed with Command '/usr/local/zenarmor/scripts/datastore/rename_alias_elasticsearch.py 
'zenarmor_0000000000_4b3100b6-c05c-4c03-bdb5-64fbea833847_'' returned non-zero exit status 1. 
at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, 
in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", 
line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError:
Command '/usr/local/zenarmor/scripts/datastore/rename_alias_elasticsearch.py 'zenarmor_0000000000_4b3100b6-c05c-4c03-bdb5-64fbea833847_'' returned 
non-zero exit status 1.

I'm running a home deployment of Zenarmor, up-to-date, with sqlite logging backend.

23.7 Legacy Series / miniupnpd started too early in boot process?

« on: November 10, 2023, 08:41:38 am »

After a reboot, I see this message in the logs. Apparently, miniupnpd is started before all network interfaces are up and running, and it doesn't like that. If I manually restart it after boot, all seems well.
Would it be possible to set a slightly delayed start, or make starting conditional on all configured network interfaces being up?

Code: [Select]

2023-11-10T08:29:23	Error	miniupnpd	PCPSendUnsolicitedAnnounce(sockets[0]) sendto(): No route to host	
2023-11-10T08:29:23	Error	miniupnpd	SendNATPMPPublicAddressChangeNotification: sendto(s_udp=12, port=5351): No route to host	
2023-11-10T08:29:21	Error	miniupnpd	PCPSendUnsolicitedAnnounce(sockets[0]) sendto(): No route to host	
2023-11-10T08:29:21	Notice	miniupnpd	Listening for NAT-PMP/PCP traffic on port 5351	
2023-11-10T08:29:21	Warning	miniupnpd	no HTTP IPv6 address, disabling IPv6	
2023-11-10T08:29:21	Notice	miniupnpd	HTTP listening on port 2189	
2023-11-10T08:29:21	Warning	miniupnpd	Cannot get IP address for ext interface pppoe0. Network is down	
2023-11-10T08:29:21	Error	miniupnpd	ioctl(s, SIOCGIFADDR, ...): Can't assign requested address

Zenarmor (Sensei) / OPNsense health check returns Zenarmor errors

« on: August 08, 2023, 02:02:19 pm »

I had a case of disk corruption lately, so I regularly run a health check. Today I got these errors:

Code: [Select]

Checking all packages: .....
os-sensei-1.14.1: checksum mismatch for /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/StaticConfig.php
os-sensei-1.14.1: checksum mismatch for /usr/local/opnsense/mvc/app/models/OPNsense/Zenarmor/Menu/Menu.xml
Checking all packages........ done

23.1 Legacy Series / 23.1.11 unbound restarting multiple times during boot

« on: June 28, 2023, 08:32:29 pm »

I just upgraded to 23.1.11 and rebooted, and after checking the logs I noticed that unbound restarted 6 times during boot. Is this expected behavior?
In case it matters: my internet connection is pppoe (ipv4) and dhcpv6 (ipv6). I have DHCP hostname registration disabled at the moment.

23.1 Legacy Series / check for update yields SQL error on first attempt only

« on: June 13, 2023, 09:24:55 pm »

When I perform a check for updates, I get this SQL-like error. This seems to happen only the first time I check for updates for that day, subsequent attempts seem to work normally. Until the next day, then again I get the error on first try. I have the default/community OPNsense repo enabled, and the Sunnyvalley repo.
Any ideas where to start looking?

Code: [Select]

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.1.9 at Tue Jun 13 21:19:54 CEST 2023
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
pkg: sqlite error while executing CREATE TABLE packages 
(id INTEGER PRIMARY KEY,origin TEXT,name TEXT NOT NULL,version TEXT NOT NULL,comment TEXT NOT NULL,desc TEXT NOT NULL,osversion TEXT,arch TEXT NOT NULL,maintainer TEXT NOT NULL,www TEXT,prefix TEXT NOT NULL,pkgsize INTEGER NOT NULL,flatsize INTEGER NOT NULL,licenselogic INTEGER NOT NULL,cksum TEXT NOT NULL,path TEXT NOT NULL,pkg_format_version INTEGER,manifestdigest TEXT NULL,olddigest TEXT NULL,dep_formula TEXT NULL,vital INTEGER NOT NULL DEFAULT 0);CREATE TABLE deps (origin TEXT,name TEXT,version TEXT,package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,UNIQUE(package_id, name));CREATE TABLE categories (id INTEGER PRIMARY KEY, name TEXT NOT NULL UNIQUE );CREATE TABLE pkg_categories (package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,category_id INTEGER REFERENCES categories(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, category_id));CREATE TABLE licenses (id INTEGER PRIMARY KEY,name TEXT NOT NULL UNIQUE);CREATE TABLE pkg_licenses (package_id INTEGER REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,license_id INTEGER REFERENCES licenses(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, license_id));CREATE TABLE option (option_id INTEGER PRIMARY KEY,option TEXT NOT NULL UNIQUE);CREATE TABLE option_desc (option_desc_id INTEGER PRIMARY KEY,option_desc TEXT NOT NULL UNIQUE);CREATE TABLE pkg_option (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,value TEXT NOT NULL,PRIMARY KEY(package_id, option_id));CREATE TABLE pkg_option_desc (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,option_desc_id INTEGER NOT NULL REFERENCES option_desc(option_desc_id) ON DELETE RESTRICT ON UPDATE CASCADE,PRIMARY KEY(package_id, option_id));CREATE TABLE pkg_option_default (package_id INTEGER NOT NULL REFERENCES packages(id) ON DELETE CASCADE ON UPDATE CASCADE,option_id INTEGER NOT NULL REFERENCES option(option_id) ON DELETE RESTRICT ON UPDATE CASCADE,default_value TEXT NOT NULL,PRIMARY KEY(package_id, option_id));CREATE TABLE shlibs (id INTEGER PRIMARY KEY,name TEXT NOT NULL UNIQUE );CREATE TABLE pkg_shlibs_required (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,shlib_id INTEGER NOT NULL REFERENCES shlibs(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, shlib_id));CREATE TABLE pkg_shlibs_provided (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,shlib_id INTEGER NOT NULL REFERENCES shlibs(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, shlib_id));CREATE TABLE annotation (annotation_id INTEGER PRIMARY KEY,annotation TEXT NOT NULL UNIQUE);CREATE TABLE pkg_annotation (package_id INTEGER REFERENCES packages(id) ON DELETE CASCADE ON UPDATE RESTRICT,tag_id INTEGER NOT NULL REFERENCES annotation(annotation_id) ON DELETE CASCADE ON UPDATE RESTRICT,value_id INTEGER NOT NULL REFERENCES annotation(annotation_id) ON DELETE CASCADE ON UPDATE RESTRICT,UNIQUE (package_id, tag_id));CREATE TABLE pkg_conflicts (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,conflict_id INTEGER NOT NULL,UNIQUE(package_id, conflict_id));CREATE TABLE provides(    id INTEGER PRIMARY KEY,    provide TEXT NOT NULL);CREATE TABLE pkg_provides (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,provide_id INTEGER NOT NULL REFERENCES provides(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, provide_id));CREATE TABLE requires(    id INTEGER PRIMARY KEY,    require TEXT NOT NULL);CREATE TABLE pkg_requires (package_id INTEGER NOT NULL REFERENCES packages(id)  ON DELETE CASCADE ON UPDATE CASCADE,require_id INTEGER NOT NULL REFERENCES requires(id)  ON DELETE RESTRICT ON UPDATE RESTRICT,UNIQUE(package_id, require_id));PRAGMA user_version=2014;
in file pkgdb.c:2333: database is locked
Unable to create repository OPNsense
Unable to update repository OPNsense
Updating SunnyValley repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .. done
Processing entries: .... done
SunnyValley repository update completed. 31 packages processed.
Error updating repositories!
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

23.1 Legacy Series / Unbound in 23.1.7: logger.py related crashes

« on: May 04, 2023, 10:20:39 pm »

Is anybody else seeing these logger.py related crashes in unbound, starting with 23.1.7? I also notice it gets restarted very often while coming up. If I need to provide more info, please let me know.

Code: [Select]

 Backgrounding unbound logging backend.
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="7"] Traceback (most recent call last):
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="8"]   File "/usr/local/opnsense/scripts/unbound/logg
er.py", line 122, in _sig
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="9"]     raise InterruptedError()
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="10"] InterruptedError
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="11"]
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="12"] The above exception was the direct cause of the
 following exception:
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="13"]
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="14"] Traceback (most recent call last):
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="15"]   File "/usr/local/opnsense/scripts/unbound/log
ger.py", line 239, in <module>
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="16"]     run(inputargs.pipe, inputargs.flush_interva
l)
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="17"]   File "/usr/local/opnsense/scripts/unbound/log
ger.py", line 223, in run
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="18"]     r.run_logger()
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="19"]   File "/usr/local/opnsense/scripts/unbound/log
ger.py", line 186, in run_logger
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="20"]     self._setup_db()
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="21"]   File "/usr/local/opnsense/scripts/unbound/log
ger.py", line 99, in _setup_db
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="22"]     db.connection.execute(
<163>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 84105 - [meta sequenceId="23"] RuntimeError: Query interrupted
<30>1 2023-05-04T19:08:44+02:00 haanjdj.ddns.net unbound 79968 - [meta sequenceId="24"] [79968:0] info: service stopped (unbound 1.17.1)
.

and

Code: [Select]

<30>1 2023-05-04T22:08:15+02:00 haanjdj.ddns.net unbound 43141 - [meta sequenceId="66"] [43141:0] info: start of service (unbound 1.17.1).
<30>1 2023-05-04T22:08:15+02:00 haanjdj.ddns.net unbound 43141 - [meta sequenceId="67"] [43141:1] info: dnsbl_module: attempting to open pipe
<30>1 2023-05-04T22:08:15+02:00 haanjdj.ddns.net unbound 43141 - [meta sequenceId="68"] [43141:1] info: dnsbl_module: no logging backend found.
<30>1 2023-05-04T22:08:15+02:00 haanjdj.ddns.net unbound 43141 - [meta sequenceId="69"] [43141:1] info: generate keytag query _ta-4f66. NULL IN
<165>1 2023-05-04T22:08:15+02:00 haanjdj.ddns.net unbound 90509 - [meta sequenceId="70"] daemonize unbound dhcpd watcher.
<165>1 2023-05-04T22:08:16+02:00 haanjdj.ddns.net unbound 92083 - [meta sequenceId="71"] Backgrounding unbound logging backend.
<165>1 2023-05-04T22:08:16+02:00 haanjdj.ddns.net unbound 92083 - [meta sequenceId="72"] Closing logger

Pages: [1] 2 3 4