Topics

This directory seems to be taking up a lot of disk space.  13G for the query.csv file.

1.  Can I delete it?
2.  How can I stop it from being rebuilt & growing?

root@xyz:/var/cache/unbound.duckdb # ls -lh
total 13917196
-rw-r--r--  1 unbound unbound  1.9K May  6 09:31 client.csv
-rw-r--r--  1 unbound unbound  214B May  6 09:32 load.sql
-rw-r--r--  1 unbound unbound   13G May  6 09:32 query.csv
-rw-r--r--  1 unbound unbound  1.5K May  6 09:32 schema.sql

Hi,

I just upgraded to 27.7.7 and now haproxy fails to start after a reboot.  I see in the release notes that the haproxy plug-in was updated in this release to v3.12.

A related message in the log looks like this:

Code Select Expand


[1ff53fdb-8812-4a5b-bd04-04cddac2fa89] Script action failed with Command 'configctl template reload OPNsense/HAProxy 2 > /dev/null; /usr/local/opnsense/scripts/OPNsense/HAProxy/syncCerts.py sync --output json ' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 482, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command 'configctl template reload OPNsense/HAProxy 2 > /dev/null; /usr/local/opnsense/scripts/OPNsense/HAProxy/syncCerts.py sync --output json ' returned non-zero exit status 1.


I am able to start haproxy manually from the Dashboard.

Additionally, rolling back to os-haproxy v3.11 by doing a ---

Code Select Expand

opnsense-revert -r 22.7.6 os-haproxy

-- did not correct the problem.  haproxy now no longer starts on reboot in either version.

Please advise --- thanks!

Hi all,

After upgrading to 22.1, none of my LAN devices could access the internet.  From ssh-ing into the router console, I could ping google.com but not from my laptop on the LAN.  I could also access the Opnsense web interface.  All services were running.

I was seconds from downloading a new 21.7 image and rebuilding everything, when I noticed an error message related to a floating rule I had for ssdp --

"01-28-22 19:45:34 [ There were error(s) loading the rules: no IP address found for ssdp ]"

It didn't seem like that could be blocking all traffic, but after disabling the rule everything worked.  All outbound traffic resumed, correctly.

See attached for the rule that was disabled.  The ssdp alias points to the ssdp multicast address 239.255.255.250

Just to be safe, I also disabled all UDP Broadcast Relay configs.  I'm not sure if this was related or not, but I'll test that also later, when I don't need to be online.  I was/am using the "os-udpbroadcastrelay" plug-in version 1.0_2

I'm wondering if there's either an issue with having a failing rule or the plug-in.

Hi all,

On 20.7, I'm using Unbound Blacklists for ads and malware from the publicly shared lists like AdAway and the blocklistproject, but I'm not clear on exactly how to use the "Whitelist Domains" entry to add back access to sites I need to use for work.

The help text just says "List of domains to whitelist. You can use regular expressions."

I first tried just entering a list of domains into that entry field, but that doesn't work.  Next I tried a list of FQDNs, but that didn't work either.

I am able to get the whitelist to work with a single RegEx, but not multiple RegEx's which I would need to be able to whiltelist multiple domains in a manageable way.

Has anyone figured out a simple way to just add a list of domains to whitelist?

Thank you!