Topics

1

20.1 Legacy Series / Nonsensical rule matching behavior after a reboot

« on: March 06, 2020, 03:41:15 pm »

I've been running OPNsense for about a week and everything was working well until last night.  I noticed the problem some time after the VM host that the router is on rebooted, but I cant say for certain that that was the cause of the problem. The router was running 20.1.1 when the problem occurred. I've since upgraded to 20.1.2 and that hasn't helped.

The initial problem: rules in the DMZ that worked for a week simply stopped working. Checking the logs, the traffic was matching the built-in "Default deny rule". My rules were not disabled.

In attempting to troubleshoot the problem, I've discovered two more oddities, which may be more basic:

* If I create two identical rules to deny all traffic, it's always the second one that is matched, even though they are set to match first.
* Traffic from my LAN to the DMZ shows up in the logs as matching the built-in "let out anything from firewall host itself" even though the traffic is not originating from the router.

I'm stumped. Any help would be appreciated.

2

20.1 Legacy Series / Reproducible kernel panic when config is changed

« on: February 26, 2020, 07:31:43 pm »

I thought I was mere hours away from putting my first OPNsense instance into production, but things don't always work out that way. lol

* OPNsense 20.1.1-amd64
* All updates have been applied
* Hyper-V generation 2 VM
* VM host has mirrored disks and ECC RAM
* No problems with any other VMs on the same host

The file good.xml is a /conf/config.xml that works fine. bad.xml is the next iteration, with hardly any changes, that consistently causes a kernel panic. Kernel dump as attached.

I have no experience interpreting kernel dumps, but it seems very unlikely that this is a hardware problem. Any thoughts or advice appreciated.