Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - dirtyfreebooter

Pages: [1]

Zenarmor (Sensei) / updating to 1.18 just loops installing pkg-1.19.2_2

« on: October 24, 2024, 04:53:53 pm »

https://imgur.com/a/5AxiqUY

currently in an infinite loop.

Code: [Select]

New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1

4 MiB to be downloaded.
[1/1] Fetching pkg-1.19.2_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-1.19.2_2...
[1/1] Extracting pkg-1.19.2_2: .......... done
New pkg package has been installed. Running sensei updater again from new package...
New pkg package available, installing...
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 856 packages processed.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
	pkg-1.19.2_2 [OPNsense]

Zenarmor (Sensei) / 24.10 business edition

« on: October 19, 2024, 04:53:16 am »

assuming zenarmor has to switch something over? seems like moving from 24.7.6 community to 24.10 business edition, none of the widgets are available and it looks like an older version is available only.

also now getting the pkg misconfigured issue.

24.7 Production Series / switching from community to business edition

« on: October 18, 2024, 08:55:37 pm »

hi.

i wanted to switch from community to business edition for 2 reasons. 1, to pay for this amazing software. 2, want to be on a more stable, less updated release train.

i am currently on 24.7.6. seems like 24.10 was just released and based off 24.7.6. seems like it would be a good time to switch. if i just save my config, reinstall with 24.10 and restore my config, would that be the best way to move over? running unbound, caddy, zenarmor, and chrony. pretty simple setup.

24.7 Production Series / multi-wan / default gateway switching

« on: October 15, 2024, 04:13:10 pm »

a question or check of my setup. i recently added a backup internet connection.

WAN1: 1 gbps quantum fiber
WAN2: 150 mbps / 20 mbps xfinity/comcast cable

i started out by looking at the opnsense docs and the multi-wan section with gateway groups. but it seems like for my simple setup, "Default gateway switching" and setting the gateway priorities seems to just work without any gateway groups, etc.

is that correct? if so, that is much simpler and awesome!

the only other adjustments i had to make were:

any port forwards, i had to add both WAN interfaces to the forward definitions.
forwarding 80/443 to public for caddy reverse proxy, so had to duplicate that rule on each WAN interface

i disabled sticky connections in settings > firewall > advanced, as this is a pure failover situation and not load balancing.

really only a few minutes to make these config changes and everything seems great. OPNsense is such a gem

Zenarmor (Sensei) / policies, vlans, wireguard

« on: September 17, 2024, 07:08:04 pm »

i have a vlan, 170, that is my kid network at home. i also have a wireguard interface that used by kid devices when remote (phone, ipad).

vlan170 - 192.168.170.0/24
wg1 - 192.168.212.0/24

vlan170 is on igb3, with 2 other vlans, vlan180, vlan190

vlan180, vlan190 are under a different zenarmor policy

--

under settings, i have wg1 and igb3 (the parent device) selected. now i am trying to figure out the best way to have this Kid policy apply to both vlan170 and wg1.

doesn't seem like this would work? because it would try and apply the vlan id 170 to wg1?

24.7 Production Series / caddy resolver

« on: August 14, 2024, 03:41:20 pm »

i use unbound DNS over TLS for my upstream. this seems to cause issues with using DNS challenge and cloudflare. not sure if its an unbound issue with the TXT records or not. i am running the unbound default values for everything except the DNS over TLS entries.

Unbound DNS over TLS

Then in my general settings, i have no nameservers, as i want to use 127.0.0.1 for everything so that it all goes through TLS

Results in my resolv.conf looking like

Code: [Select]

 # cat /etc/resolv.conf
domain lan
nameserver 127.0.0.1
search lan

everything else works as normal, except caddy on certificate renewal. ACME renewal for the SSL cert used by the os-acme plugin for the OPNsense GUI itself renews fine.

if i put the cloudflare server IPs in the general settings page, restart caddy, all certs renew immediately. this can also work if i put the resolvers option in the TLS block of the caddyfile. https://caddyserver.com/docs/caddyfile/directives/tls#resolvers

has anyone ever encountered this before? maybe its some config issue? it is possible to specify the resolvers in the os-caddy plugin? i didn't see that in any of the "additional fields" help when you are configuring a DNS provider.

thx

Zenarmor (Sensei) / elasticsearch unable to start after post pkg update from 24.7

« on: July 25, 2024, 09:09:45 pm »

i updated to 24.7, after the update, there were new packages from sensi, installed them, elasticsearch still does not start, log show

Code: [Select]

java.lang.IllegalArgumentException: unknown setting [xpack.monitoring.templates.enabled] did you mean [xpack.profiling.templates.enabled]?
        at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:563) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:509) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:479) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:449) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.common.settings.SettingsModule.<init>(SettingsModule.java:132) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.common.settings.SettingsModule.<init>(SettingsModule.java:50) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.node.Node.<init>(Node.java:494) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.node.Node.<init>(Node.java:344) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.bootstrap.Elasticsearch$2.<init>(Elasticsearch.java:236) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.bootstrap.Elasticsearch.initPhase3(Elasticsearch.java:236) ~[elasticsearch-8.11.3.jar:?]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:73) ~[elasticsearch-8.11.3.jar:?]

24.1 Legacy Series / no wan, caddy hangs startup

« on: June 22, 2024, 04:30:56 pm »

i had an issue where i was debugging a WAN issue and had to reboot OPNsense. 24.1.9_4. the WAN was dropping packets, etc, but "starting caddy..." just hangs. i had to SSH and kill the caddy processes to get the rest of the boot to finish.

anybody experience this. why does caddy need internet access to start?

23.7 Legacy Series / upnp not clearing old mappings

« on: January 23, 2024, 10:42:26 pm »

23.7.12, this is just for 1 host, an Xbox Series X. Xbox has been turned off for over 12 hours at this point. Every time the Xbox is turned on, a new mapping occurs. Old mappings never get cleaned up.

/var/etc/miniupnpd.conf

Code: [Select]

ext_ifname=pppoe0
port=2189
listening_ip=igb1
secure_mode=yes
presentation_url=https://192.168.160.1:4269/
uuid=528c8e6c-4a3c-6598-999a-0e9df15ad32
serial=528C8E6C
model_number=23.7.12
allow 1024-65535 192.168.160.61/32 1024-65535
deny 0-65535 0.0.0.0/0 0-65535
enable_upnp=yes
enable_natpmp=no
clean_ruleset_interval=600
min_lifetime=120
max_lifetime=86400

Zenarmor (Sensei) / i226 + ZenArmor no VLANs

« on: May 24, 2023, 08:04:49 pm »

hi. its unclear to me with all the netmap bug and emulated driver stuff around ZenArmor.. Are these bugs specific to using interfaces with VLANs enabled on the router?

i have a 4-port router device with i226 using igc. i don't use VLANs on router since i have 1 WAN + 3 subnets that i just give them their own physical ports. VLANs only used on the switches. if that is the case, is ZenArmor supported with igc driver? and if so, what mode should i be using? Native NETMAP? Emulated NETMAP?

thanks

22.1 Legacy Series / os-ddclient

« on: January 20, 2022, 10:39:42 pm »

i know os-ddclient is intended to replace os-dyndns but currently os-ddclient support for servers is terrible. does not even support cloudflare, especially with tokens.

is this a known issue? and something that is planned to be resolved before removing os-dyndns? since using os-dyndns currently warns you in the UI about its pending removal

22.1 Legacy Series / zfs root on 22.1 rc1 install

« on: January 20, 2022, 09:25:48 pm »

i noticed 2 things with ZFS install on SSDs

one, autotrim is off by default, that is easy enough to turn on, but the other, ashift=0 is bad for SSDs, and should be ashift=12 which is not harmful to HDDs. maybe the ashift default should just be 12?

Pages: [1]