Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - XabiX

Pages1
#1
25.1, 25.4 Series / 25.1.10 to 25.1.11 : chown: wwwonly: illegal user name
July 18, 2025, 08:55:05 AM
Hello,

Is there anything to be concerned with this error message?

QuoteMessage from opnsense-25.1.11:

--
What are you looking at?
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: .......... done
The following package files will be deleted:
        /var/cache/pkg/py311-sqlite3-3.11.13_10~e55e642030.pkg
        /var/cache/pkg/py311-cryptography-44.0.3_2,1.pkg
        /var/cache/pkg/py311-sqlite3-3.11.13_10.pkg
        /var/cache/pkg/py311-cryptography-44.0.3_2,1~969d40165f.pkg
        /var/cache/pkg/php83-filter-8.3.23~fba05b5d19.pkg
        /var/cache/pkg/opnsense-update-25.1.11.pkg
        /var/cache/pkg/php83-filter-8.3.23.pkg
        /var/cache/pkg/pciids-20250621~2b974b2fdf.pkg
        /var/cache/pkg/pciids-20250621.pkg
        /var/cache/pkg/opnsense-update-25.1.11~3ff2b4bed0.pkg
        /var/cache/pkg/php83-curl-8.3.23~2fe168c2a4.pkg
        /var/cache/pkg/nettle-3.10.2.pkg
        /var/cache/pkg/lua54-5.4.8~631a2a4a2e.pkg
        /var/cache/pkg/php83-curl-8.3.23.pkg
        /var/cache/pkg/openssl-3.0.17,1~7d343ba685.pkg
        /var/cache/pkg/openssl-3.0.17,1.pkg
        /var/cache/pkg/boost-libs-1.88.0_1~28d1f11855.pkg
        /var/cache/pkg/boost-libs-1.88.0_1.pkg
        /var/cache/pkg/nettle-3.10.2~168866b0ea.pkg
        /var/cache/pkg/lua54-5.4.8.pkg
        /var/cache/pkg/nss-3.113.1~5c9fcf40a1.pkg
        /var/cache/pkg/nss-3.113.1.pkg
        /var/cache/pkg/php83-ldap-8.3.23~ef79a6bfd4.pkg
        /var/cache/pkg/libxml2-2.14.4_1~8f5dbb43be.pkg
        /var/cache/pkg/php83-ldap-8.3.23.pkg
        /var/cache/pkg/dnsmasq-2.91_1,1~bd2e8615b1.pkg
        /var/cache/pkg/libxml2-2.14.4_1.pkg
        /var/cache/pkg/php83-simplexml-8.3.23.pkg
        /var/cache/pkg/dnsmasq-2.91_1,1.pkg
        /var/cache/pkg/php83-simplexml-8.3.23~118de9a413.pkg
        /var/cache/pkg/php83-pdo-8.3.23~1ef0a047bd.pkg
        /var/cache/pkg/php83-sockets-8.3.23.pkg
        /var/cache/pkg/php83-pdo-8.3.23.pkg
        /var/cache/pkg/rrdtool-1.9.0_1~3813cd6934.pkg
        /var/cache/pkg/rrdtool-1.9.0_1.pkg
        /var/cache/pkg/syslog-ng-4.8.2_3~7c6db2c1cb.pkg
        /var/cache/pkg/syslog-ng-4.8.2_3.pkg
        /var/cache/pkg/php83-sockets-8.3.23~ac8ff1ddcb.pkg
        /var/cache/pkg/php83-pcntl-8.3.23~1a3ef7ca12.pkg
        /var/cache/pkg/php83-sqlite3-8.3.23.pkg
        /var/cache/pkg/php83-pcntl-8.3.23.pkg
        /var/cache/pkg/php83-sqlite3-8.3.23~88758a2c99.pkg
        /var/cache/pkg/libinotify-20240724_2~f90a1639a3.pkg
        /var/cache/pkg/libinotify-20240724_2.pkg
        /var/cache/pkg/py311-trio-0.30.0~623ab61933.pkg
        /var/cache/pkg/py311-trio-0.30.0.pkg
        /var/cache/pkg/php83-session-8.3.23~e92e0ed18a.pkg
        /var/cache/pkg/php83-session-8.3.23.pkg
        /var/cache/pkg/php83-mbstring-8.3.23~57b6149796.pkg
        /var/cache/pkg/php83-mbstring-8.3.23.pkg
        /var/cache/pkg/php83-gettext-8.3.23~194dfa91f7.pkg
        /var/cache/pkg/php83-zlib-8.3.23.pkg
        /var/cache/pkg/php83-gettext-8.3.23.pkg
        /var/cache/pkg/php83-zlib-8.3.23~61309bbc93.pkg
        /var/cache/pkg/php83-ctype-8.3.23~dbf759c1bd.pkg
        /var/cache/pkg/php83-ctype-8.3.23.pkg
        /var/cache/pkg/libpci-3.14.0~a550842735.pkg
        /var/cache/pkg/libpci-3.14.0.pkg
        /var/cache/pkg/libuuid-2.41.1_1~3ec093e7b1.pkg
        /var/cache/pkg/php83-8.3.23~a0bd64d8d2.pkg
        /var/cache/pkg/libuuid-2.41.1_1.pkg
        /var/cache/pkg/php83-8.3.23.pkg
        /var/cache/pkg/php83-xml-8.3.23~9622255030.pkg
        /var/cache/pkg/php83-xml-8.3.23.pkg
        /var/cache/pkg/suricata-7.0.11~af75313314.pkg
        /var/cache/pkg/php83-dom-8.3.23~667ef35b31.pkg
        /var/cache/pkg/suricata-7.0.11.pkg
        /var/cache/pkg/php83-dom-8.3.23.pkg
        /var/cache/pkg/sqlite3-3.50.2,1~b9a9061860.pkg
        /var/cache/pkg/sqlite3-3.50.2,1.pkg
        /var/cache/pkg/glib-2.84.1_3,2~f565985c8e.pkg
        /var/cache/pkg/glib-2.84.1_3,2.pkg
        /var/cache/pkg/libucl-0.9.2_1~471f0706ad.pkg
        /var/cache/pkg/libucl-0.9.2_1.pkg
        /var/cache/pkg/opnsense-25.1.11~8f7e8f74f8.pkg
        /var/cache/pkg/opnsense-25.1.11.pkg
        /var/cache/pkg/sudo-1.9.17p1~ff6e51f730.pkg
        /var/cache/pkg/sudo-1.9.17p1.pkg
        /var/cache/pkg/opnsense-lang-25.1.11~6bebbf0519.pkg
        /var/cache/pkg/opnsense-lang-25.1.11.pkg
The cleanup will free 49 MiB
Deleting files: .......... done
All done
Nothing to do.
Starting web GUI...chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
chown: wwwonly: illegal user name
done.
Fetching base-25.1.11-amd64.txz: ................ done
Fetching kernel-25.1.11-amd64.txz: ...... done
!!!!!!!!!!!! ATTENTION !!!!!!!!!!!!!!!
! A critical upgrade is in progress. !
! Please do not turn off the system. !
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Installing kernel-25.1.11-amd64.txz... done
Installing base-25.1.11-amd64.txz... done
Cleaning obsolete files... done
Please reboot.
>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
Shutdown NOW!
shutdown: [pid 41814]
                                                                               
*** FINAL System shutdown message from root@Moldavia.localdomain ***         

System going down IMMEDIATELY                                 

Merci and good holidays to everyone
#2
24.7, 24.10 Legacy Series / Network hang from time to time: not sure why
January 07, 2025, 03:43:35 PM
Hello All,

I have been using OPNsense 24.7.11_2 over Proxmox 8.3 6.11.0-2-pve and before pfsense from a while. I am facing an unstable issue which I can't find any log to help really to troubleshoot the issue. On calls, from time to time it hangs for like 2 to 3s and then keeps going.

Some logs, but what else can I be checking?

If I restart the services, I get:
Code Select
Enter an option: 11

Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: No changes to trust store were made.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring CRON...done.
Setting timezone: Europe/Paris
Setting hostname: OPNsense.localdomain
Generating /etc/resolv.conf...done.
Generating /etc/hosts...done.
Configuring loopback interface...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring CAM interface...done.
Configuring Download interface...done.
Configuring LAN interface...done.
Configuring POP interface...done.
Configuring WAN interface...done.
Configuring WIFI interface...done.
Setting up routes...done.
Setting up gateway monitor...done.
Configuring firewall.......done.
Starting DHCPv4 service...done.
Starting DHCPv6 service...done.
Starting router advertisement service...done.
Starting NTP service...done.
Configuring OpenSSH...done.
Starting web GUI...done.
Syncing OpenVPN settings...done.
Stopping ntopng.
Waiting for PIDS: 54790.
Stopping redis.
Waiting for PIDS: 45839.
Stopping node_exporter.
Stopping acme_http_challenge.
Waiting for PIDS: 31589.
Stopping flowd.
Stopping mdns_repeater.
Waiting for PIDS: 19673.
Stopping qemu_guest_agent.
Waiting for PIDS: 15465.
Stopping monit.
Waiting for PIDS: 89582.
Stopping flowd_aggregate...done
setup vtnet1
setup vtnet0 [egress only]
setup vtnet2
Starting flowd_aggregate.
Starting monit.
Starting Monit 5.34.3 daemon with http interface at /var/run/monit.sock
kldload: can't load virtio_console: module already loaded or in kernel
Starting qemu_guest_agent.
Starting mdns_repeater.
Starting flowd.
rmdir: /var/etc/acme-client/home/deploy: Not a directory
rmdir: /var/etc/acme-client/home/dnsapi: Not a directory
rmdir: /var/etc/acme-client/home/notify: Not a directory
Starting acme_http_challenge.
Starting node_exporter.
Starting redis.
Certificates generated /usr/local/share/ntopng/httpdocs/ssl/ntopng-cert.pem
Starting ntopng.
md5sum: invalid option -- q
usage: md5sum [-bctwz] [files ...]
usage: grep [-abcDEFGHhIiLlmnOopqRSsUVvwxz] [-A num] [-B num] [-C num]
        [-e pattern] [-f file] [--binary-files=value] [--color=when]
        [--context=num] [--directories=action] [--label] [--line-buffered]
        [--null] [pattern] [file ...]
06/Jan/2025 15:02:22 [Ntop.cpp:4052] WARNING: Unable to find timezone: using UTC
06/Jan/2025 15:02:22 [Redis.cpp:171] Successfully connected to redis 127.0.0.1@0
06/Jan/2025 15:02:22 [Redis.cpp:171] Successfully connected to redis 127.0.0.1@0
06/Jan/2025 15:02:22 [Ntop.cpp:2642] Parent process is exiting (this is normal)

The client has disconnected from the server.  Reason:
Invalid packet header.  This probably indicates a problem with key exchange or encryption.
What I noticed, is that my client gets disconnected from the host when the issue appears is:
Code Select
root@Proxmox ~# ping 1.1.1.1
64 bytes from 1.1.1.1: icmp_seq=858 ttl=57 time=9.94 ms
64 bytes from 1.1.1.1: icmp_seq=859 ttl=57 time=10.1 ms

The client has disconnected from the server.  Reason:
Invalid packet header.  This probably indicates a problem with key exchange or encryption.

Could this be an issue on Proxmox versus on OPNsense? is there any other log that could make sense to check on OPNSense before checking on Proxmox side?

Is it a key change happening on OPNsense all the time? something to do with the certificate?

Merci
XabiX
#3
24.7, 24.10 Legacy Series / Live view filled with plenty of Deny ff02::16 icmp AND udp 3702
September 13, 2024, 08:58:02 AM
Hello Experts,

I don't understand why I am seeing this traffic and if I should either allow it or put a non verbose rule entry to stop it to fill the logs.

Besides I was trying WS and I see udp 3702 too blocked. My setup is IPv4 so not sure if I need those too.

Code Select
[ndp -a
Neighbor                             Linklayer Address  Netif Expire    1s 5s
2a01:e0a:3ba:cb90::2                 92:f5:ca:c9:f3:92 vtnet0 permanent R
fe80::90f5:caff:fec9:f392%vtnet0     92:f5:ca:c9:f3:92 vtnet0 permanent R
fe80::9c90:88ff:fe48:d45b%vtnet1     9e:90:88:48:d4:5b vtnet1 permanent R
fe80::449f:54ff:fe80:6bf1%vtnet2     46:9f:54:80:6b:f1 vtnet2 permanent R
fe80::bc00:eeff:fe5d:31e3%vtnet3     be:00:ee:5d:31:e3 vtnet3 permanent R
2a01:e0a:3ba:cb91::1                 da:dc:fd:fa:f7:7c vtnet4 permanent R
fe80::b9a8:d032:e210:1c2a%vtnet4     dc:00:b0:44:74:64 vtnet4 23h56m0s  S
fe80::d8dc:fdff:fefa:f77c%vtnet4     da:dc:fd:fa:f7:7c vtnet4 permanent R
2a01:e0a:3ba:cb91:61da:fc7d:3083:ed4f dc:00:b0:44:74:64 vtnet4 23h56m0s  S
fe80::8db:32ff:feb9:b45c%vtnet6      0a:db:32:b9:b4:5c vtnet6 permanent R code]

[code]pfctl -s rules | grep "from fe80::/10"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echoreq keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echoreq keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state label "d147534c4012c8dd65eda59292c0ab90"
pass in quick on vtnet4 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "202cde82e72bc8757ce87db904864c07"
pass in quick on vtnet4 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "202cde82e72bc8757ce87db904864c07"
pass in quick on vtnet4 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "fcfc7f20b012cb13daa2953a063f4f4e"
pass in quick on vtnet4 inet6 proto udp from fe80::/10 to (self) port = dhcpv6-client keep state label "a329a5ad6317f1c72757431e7a8232aa"
pass in quick on vtnet0 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "4408d4bb3e3b231599822fa8f4546f8d"
pass in quick on vtnet0 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "4408d4bb3e3b231599822fa8f4546f8d"
pass in quick on vtnet0 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "3e5fbb29b91da43363e550aead699e16"
pass in quick on vtnet0 inet6 proto udp from fe80::/10 to (self) port = dhcpv6-client keep state label "43f521ff1b149fea894c4f31417849bb"
pass in quick on vtnet4 inet6 from fe80::/10 to ! (vtnet1:network) flags S/SA keep state allow-opts label "178c7c3c8c26cb8456b49510389dd6e3"/code]

Any help is more than welcome.

Merci
#4
23.7 Legacy Series / opnsense/diag_logs_settings.php: The command '/bin/kill -'TERM' '17962''
August 09, 2023, 04:22:06 PM
Hello

After upgrade to OPNsense 23.7.1_3-amd64 I have internet issues and not able to get answers to my DNS queries. Not sure yet why as I have the floating rules there as I had in the past.

I did see this error, is there anything that I should do to solved it? I didn't had the opty to check with my TV and setupbox if it works.

Code Select
2023-08-09T16:08:20 Error opnsense /diag_logs_settings.php: The command '/usr/sbin/daemon -f -p '/var/run/dhcpleases6.pid' '/usr/local/opnsense/scripts/dhcp/prefixes.sh'' returned exit code '3', the output was 'daemon: process already running, pid: 37599'
2023-08-09T16:08:20 Error opnsense /diag_logs_settings.php: The command '/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid vtnet4' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Config file: /etc/dhcpdv6.conf Database file: /var/db/dhcpd6.leases PID file: /var/run/dhcpdv6.pid There's already a DHCP server running. If you think you have received this message due to a bug rather than a configuration issue please read the section on submitting bugs on either our web page at www.isc.org or in the README file before submitting a bug. These pages explain the proper process and the information we find helpful for debugging. exiting.'
2023-08-09T16:08:17 Error opnsense /diag_logs_settings.php: The command '/bin/kill -'TERM' '17962''(pid:/var/dhcpd/var/run/dhcpdv6.pid) returned exit code '1', the output was 'kill: 17962: No such process'

Merci
#5
23.7 Legacy Series / Reinstall to 23.7 -> No GUI - Server Error
July 31, 2023, 04:58:41 PM
Hello

I upgrade from 23.1.11_1 (or whatever was the last release before 23.7) and I decided to export my config, reinstall and import my saved config.

OPNsense does work so I have internet etc... btu I can't login in the GUI anymore on the LAN (it does work on the WIFI interface thought). What log file could help? Any insight? could it be that Acme did not re issued the cert automatically?

Code Select
<27>1 2023-07-31T16:48:19+02:00 OPNsense.localdomain lighttpd 18271 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/server.c.2308) server stopped by UID = 0 PID = 71338
<27>1 2023-07-31T16:48:19+02:00 OPNsense.localdomain lighttpd 71600 - [meta sequenceId="3"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/server.c.1909) server started (lighttpd/1.4.71)
<27>1 2023-07-31T16:49:23+02:00 OPNsense.localdomain lighttpd 71600 - [meta sequenceId="1"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/server.c.2308) server stopped by UID = 0 PID = 78885
<27>1 2023-07-31T16:49:54+02:00 OPNsense.localdomain lighttpd 38726 - [meta sequenceId="1"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/server.c.1909) server started (lighttpd/1.4.71)
<27>1 2023-07-31T16:49:56+02:00 OPNsense.localdomain lighttpd 55593 - [meta sequenceId="2"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.71/src/server.c.1909) server started (lighttpd/1.4.71)

Code Select
2023-07-31 16:48:24 [root:groupadd] acme(169)
2023-07-31 16:48:24 [root:useradd] acme(169):acme(169):ACME protocol client:/var/db/acme:/bin/sh
2023-07-31 16:48:31 [root:groupadd] git_daemon(964)
2023-07-31 16:48:31 [root:useradd] git_daemon(964):git_daemon(964):git daemon:/nonexistent:/usr/sbin/nologin
2023-07-31 16:48:44 [root:groupadd] _lldpd(949)
2023-07-31 16:48:44 [root:useradd] _lldpd(949):_lldpd(949):lldpd user:/nonexistent:/usr/sbin/nologin
2023-07-31 16:49:52 [unknown:groupmod] admins(1999)

Thanks
XabiX
#6
Web Proxy Filtering and Caching / Firewall rule blocking some outgoing traffic to 443
November 23, 2021, 09:25:19 AM
Hello,

I have some outgoing traffic be block from my LAN called POP to my Internet called WAN. I can't understand why sometimes it's OK and why sometimes it's blocked.

Any idea? Is it based on the tcpflags or out of band packet? Is it anything to be worried about or it s normal if the client is not well developped?

Thanks
XabiX
#7
20.1 Legacy Series / Since upgrade to 20.1.5 high CPU usage because of netflow/flowd_aggregate.py
April 23, 2020, 11:13:20 PM
Hello Team and Experts,

I am happy to have joined OPNsense since a long time on PFsense !

I was running 20.1.2 without any issue and since the upgrade to 20.1.5 my AMD Ryzen 7 3700X 8-Core Processor (2 cores) are at 100% because of Netflow. I tried removing the interfaces (clear all) to deactivate Netflow but still the same (so I put it back as it was).

Any idea of what can be the issue?
100.00%   /usr/local/bin/python3 /usr/local/opnsense/scripts/netflow/flowd_aggregate.py (python3.7)


Code Select
ls -lah /var/netflow/*
-rw-r-----  1 root  wheel   3.1M Apr 23 22:41 /var/netflow/dst_port_000300.sqlite
-rw-r-----  1 root  wheel    61K Apr 23 22:41 /var/netflow/dst_port_000300.sqlite-journal
-rw-r-----  1 root  wheel   848K Apr 23 22:41 /var/netflow/dst_port_003600.sqlite
-rw-r-----  1 root  wheel    33K Apr 23 22:41 /var/netflow/dst_port_003600.sqlite-journal
-rw-r-----  1 root  wheel   2.5M Apr 23 22:41 /var/netflow/dst_port_086400.sqlite
-rw-r-----  1 root  wheel    61K Apr 23 22:41 /var/netflow/dst_port_086400.sqlite-journal
-rw-r-----  1 root  wheel   7.1M Apr 23 22:41 /var/netflow/interface_000030.sqlite
-rw-r-----  1 root  wheel    93K Apr 23 22:41 /var/netflow/interface_000030.sqlite-journal
-rw-r-----  1 root  wheel   2.5M Apr 23 22:41 /var/netflow/interface_000300.sqlite
-rw-r-----  1 root  wheel    37K Apr 23 22:41 /var/netflow/interface_000300.sqlite-journal
-rw-r-----  1 root  wheel   680K Apr 23 22:41 /var/netflow/interface_003600.sqlite
-rw-r-----  1 root  wheel    33K Apr 23 22:41 /var/netflow/interface_003600.sqlite-journal
-rw-r-----  1 root  wheel    56K Apr 23 22:41 /var/netflow/interface_086400.sqlite
-rw-r-----  1 root  wheel   8.5K Apr 23 22:41 /var/netflow/interface_086400.sqlite-journal
-rw-r-----  1 root  wheel    12K Apr 23 22:41 /var/netflow/metadata.sqlite
-rw-r-----  1 root  wheel    12M Apr 23 22:41 /var/netflow/src_addr_000300.sqlite
-rw-r-----  1 root  wheel   145K Apr 23 22:41 /var/netflow/src_addr_000300.sqlite-journal
-rw-r-----  1 root  wheel   4.9M Apr 23 22:41 /var/netflow/src_addr_003600.sqlite
-rw-r-----  1 root  wheel    61K Apr 23 22:41 /var/netflow/src_addr_003600.sqlite-journal
-rw-r-----  1 root  wheel    18M Apr 23 22:41 /var/netflow/src_addr_086400.sqlite
-rw-r-----  1 root  wheel   321K Apr 23 22:41 /var/netflow/src_addr_086400.sqlite-journal
-rw-r-----  1 root  wheel    98M Apr 23 22:41 /var/netflow/src_addr_details_086400.sqlite
-rw-r-----  1 root  wheel   1.1M Apr 23 22:41 /var/netflow/src_addr_details_086400.sqlite-journal

Code Select
root@OPNsense:/home/xabix # ls -lah /var/log/flowd*
-rw-------  1 root  wheel    77K Apr 23 22:58 /var/log/flowd.log
-rw-------  1 root  wheel   258M Apr 23 22:56 /var/log/flowd.log.000001
-rw-------  1 root  wheel    10M Apr 20 15:35 /var/log/flowd.log.000002
-rw-------  1 root  wheel    10M Apr 20 13:05 /var/log/flowd.log.000003
-rw-------  1 root  wheel    10M Apr 20 09:55 /var/log/flowd.log.000004
-rw-------  1 root  wheel    10M Apr 20 06:24 /var/log/flowd.log.000005
-rw-------  1 root  wheel    10M Apr 20 02:35 /var/log/flowd.log.000006
-rw-------  1 root  wheel    10M Apr 19 23:00 /var/log/flowd.log.000007
-rw-------  1 root  wheel    10M Apr 19 20:11 /var/log/flowd.log.000008
-rw-------  1 root  wheel    10M Apr 19 16:58 /var/log/flowd.log.000009
-rw-------  1 root  wheel    10M Apr 19 13:46 /var/log/flowd.log.000010

Code Select
root@OPNsense:/home/xabix # df -h
Filesystem         Size    Used   Avail Capacity  Mounted on
/dev/gpt/rootfs     15G    3.1G     10G    23%    /
devfs              1.0K    1.0K      0B   100%    /dev
fdescfs            1.0K    1.0K      0B   100%    /dev/fd
procfs             4.0K    4.0K      0B   100%    /proc
devfs              1.0K    1.0K      0B   100%    /var/dhcpd/dev
devfs              1.0K    1.0K      0B   100%    /var/unbound/dev

I am launching a repair of the Netflow database to see if this fixes something. Anyway, it seems that in the past there were similar issues/patchs depending on the python releases.

Am I the only one facing the issue? Is there a way without reinstalling to reset this netflow part? I assume with a delete the netflow database but would that be enough.

Merci
XabiX
Pages1