Topics

I get this in the startup log on 25.1.12:

Code Select Expand

chown /var/run/booting .. no such file or directory
I'm on an SG-2440 and this is new since updating to 25.1.12

Anything to be concerned about?

Hi

I've just upgraded to 25.1.12 today.

I was presented with a major upgrade release of 25.7 on the console updater.

However doing this results in:

Code Select Expand

Fetching packages-25.7-amd64.tar: ..[fetch https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/sets/packages-25.7-amd64.tar.sig: Not found] Failed, no signature found
This seems like a reasonable message given the URL isn't valid - notice the 25.1 in the URL.

Is this expected behaviour at the moment?

If so I'll just remain on 25.1.12 for now.

Thanks.

Having been reading up on Chrony I find it a bit confusing that the default port for the plugin I.e the "port" directive for the chrony.conf is UDP/323. This is supposed to be UDP/123 by default as it's the port for NTP requests. I understand it has been set like this to prevent a conflict with NTPd if run together.

According to the Chrony documentation, UDP/323 is used for the monitoring/command port which is a completely separate thing. (See section: "Command and monitoring access" -> cmdport)

I think it's going to cause confusion in the long run and looking at some posts on this forum and elsewhere it already has...

For me personally I'm trying to allow NTP requests only across the network and am trying to see if the command port is locked down by default.

Hi

I'm planning migrating my current config running on a Netgate SG-2440 to a Deciso appliance (not sure which one yet).

I suspect the hardware is different enough that it would make sense to try and work out what I have configured and set the new device up manually. To that end, is there a recommended way of extracting the "non-default" settings i.e. what I've actually set in a config to make it easier to prompt me what needs setting in the new device?

Or is it possible to just import the current config on the new device after changing the hardware NIC references?

I did have a look through Dustin's excellent write up here: https://homenetworkguy.com/how-to/migrate-opnsense-to-new-hardware/

Just looking for any thoughts on this.

Hi

Forgive me if this is a silly question but should /nonexistent (as used as a home directory for various service accounts) actually exist or not?

I removed a stale user account and it prompted me to remove /nonexistent which I just said yes to but now I can't recall if that directory had actually existed as a dummy home or not.

Thanks.

Is there any reason Deciso seem to have moved away from coreboot/SeaBIOS and instead have shifted to Insyde H2O UEFI for their appliances?

Are there any inherent advantages from a security standpoint?

Hi

Is there any way to get APCUPSd to inform the UPS to power off and stay off, even when utility power returns?

I don't want my router to automatically power back up again after the UPS has switched off which seems to happen now.

E.

[TCP]

Hi,

I've got OPNsense set up to send logs over TCP to a syslog server (ELK running on Linux).

Normally the logs show up on the syslog server as coming from "_gateway" (my OPNsense router) which should resolve to the RFC1918 address assigned on the LAN interface. However just recently it changed and the host field was now showing the public IP assigned on my WAN interface which I found very odd! The syslog server shouldn't be able to see that public IP at all right?

Right when the change happened from "host:_gateway" to "host:<my public WAN IP>" there was a pause of around 1 minute and there was a "Syslog connection closed" error message. There was an "EOF occurred while idle" message immediately afterwards as well. So possibly either the syslog server crashed and/or the syslog-ng daemon on OPNsense crashed.

I've since restarted ELK and it's gone back to "host:_gateway". I also confirmed using Wireshark that the messages themselves don't actually contain any IP so I presume the syslog server is pulling this from the packet headers.

Nothing else has changed in my setup that could explain this.

Has anyone else seen this before or have any ideas how this can happen?

I just noticed when I updated OPNsense to 2.7.11_1 I got a message :

Code Select Expand


pkg-static: Repository SunnyValley has a wrong package site, need to re-create database

pkg-static: Repository SunnyValley cannot be opened. 'pkg update' required



What could be causing this?

I've checked Zenarmor and it appears to have updated successfully :

Engine: 1.12.4
Database: 1.12.22122618

However the last auto update check by Zenarmor was on December 30th 2022 which seems a long time ago.

Is there anything I need to do?

Hi

I've got the following set in tunables:

comconsole_port=0x2F8
hint.uart.0.flags=0x00
hint.uart.1.flags=0x10

However I've just noticed now that the last two "flags" are showing as "unsupported" in red text. Only the  comconsole_port is being set.

I've been looking through forums and release notes but can't see anything obvious about why this might have changed.

When did this happen? They used to be needed for the UART to work properly on my Netgate device.

I'm on 22.7_4

Hi,

Code Select Expand

hpet0: invalid period

Has anyone else seen this message on a Netgate SG-2440 (or other system)? It normally occurs twice in succession and I assume it's something to do with the High Precision Event Timer but I'm not entirely certain what the it means. I've had seen it since I installed OPNsense over a year ago and haven't noticed any issues though...

E.

Hi,

Running an NMAP scan on an OPNsense firewall which has no inbound connections allowed by default.

I'm seeing port 113 with state "closed" reason: "reset ttl 59". I would've expected to see it marked as "filtered".

Could this just be an intermediary or ISP trying to be clever and returning a reset instead?

Thanks.

Hi,

Did anyone else get the "Yes, I'm back in black" message in their update logs after updating to 22.7_4?

Does it have any significance?

Thanks.

Just updated to 22.7 and now I get this on boot up:

Code Select Expand

Could not find PID file '/var/db/nut/upsd.pid' to see if previous upsd instance is already running!

However, once fully booted up this file does seem to exist.

Any ideas?

Just updated to 22.1.4 and see this on boot up:

Generating configuration: configd socket missing (@/var/run/configd.socket)
>> Error in early script 'templates'

Otherwise everything seems to be working fine.

Anything to worry about?

Title says it all really.

I need to reinstall opnsense on the same machine and was thinking about putting 22.1 on and then importing the 21.7.7 config I have backed up. Is that going to work?

Would it be better to reinstall 21.7 instead, upgrade to 21.7.7 and then import the config?

Thanks.

Hi,

I've noticed that turning on iCloud private relay allows you to bypass pretty much any blocking that Zenarmor is doing.

Is there any way to block private relay using Zenarmor?

Thanks.

Hi all,

OPNSense 21.7.7, brand new install on a brand new mSATA disk. SMART tests passing every night and no other signs of disk issues in SMART data. Memory : 4GB on a Netgate SG-2440 (Intel Atom C2358 Dual Core)

I've noticed the following messages which seem to occur a couple of times a day:

Code Select Expand

config.py[74076]: [<redacted>] Script action stderr returned "b'pkg: sqlite error while executing DROP TABLE repo_update; in file pkgdb.c:2489: attempt to write a readonly database'"

Followed immediately by:

Code Select Expand

config.py[74076]: [<redacted>] Script action stderr returned "b'pkg: sqlite error while executing RELEASE SAVEPOINT REPO in file pkgdb.c:1307 disk I/O error'"

I was initially worried by the "disk I/O error" message, but as I say, this is a brand new Micron mSATA disk which is passing all SMART tests and doesn't show any other issues that it might be failing. I suspect the disk I/O error message is related to the attempt to write to a read-only database but can't be sure.

Any ideas on what's causing this?

Hi,

OPNsense 21.7.7

I've got Suricata running in IPS mode on the WAN. The WAN is a PPPoE interface if that's helpful.

Alerts were working perfectly until recently on both the Alerts GUI tab and to my Syslog server - now I don't get either but I've confirmed with a test on targeting one of the rules that Suricata itself is running and working.

Any ideas why the alerts have stopped showing?

Hi,

21.7.7 install has been running for about a week and I noticed no alerts were going to either my syslog  server and the alerts gui tab. I did notice some warnings in the syslog about "flowbits checked but not set" - anything to worry about?

However main problem is I just tried restarting the system and it's currently hanging at the:

Stopping suricata.
Waiting for PIDS: 75072

I've confirmed this is the suricata PID and I can see the CPU usage is constantly at 100%.

I tried removing the WAN interface cable but it still hangs.

I don't want to pull the plug as that will risk data corruption.

I still have web access but I initiated the reboot from the console so I don't think I have any cli access.

Anything else I can try?