Topics

1

17.1 Legacy Series / BOOT stops Fatal trap 12:

« on: July 08, 2017, 09:51:41 pm »

Fatal trap 12:page fault while in kernel mode.

I got this after upgrade from 17.1.8 to 17.1.9.

Is it possible to boot with 17.1.8 again?

Any suggestions?

Regards,
Roro.

2

17.1 Legacy Series / APU2C4 with OPNsense-17.1-OpenSSL-serial-amd64.img

« on: February 11, 2017, 03:49:03 am »

A long story in a few lines.

Installing by USB. Tried multiple different USB sticks. No succes. CAM-status errors for the usbstick.

Updated pcengines bios via tinycore (you need FAT instead of FAT32 on usb) otherwise mounting won't work (MORE LOST HOURS).

After more then a day I came with the idea. Lets put serial-img on SDcard instead of USB stick.
For me that was the trick.

I have a msata in the apu2c4.
Now I could boot from SDcard and I finally installed OPNsense via Installer user on the Msata disk.

Hope others benefit from this.

Gutnite.

Is there something wrong with the USB stick (/etc/fstab settings in OPNsense-17)?
Trying to mount root from ufs:/dev/ufs/OPNsense_Install [ro,noatime]...
Mounting filesystems...
tunefs: soft updates set
(da0:umass-sim0:0:0:0): WRITE(10). CDB: 2a 00 00 00 00 10 00 00 10 00
(da0:umass-sim0:0:0:0): CAM status: CCB request completed with an error
(da0:umass-sim0:0:0:0): Retrying command
(da0:umass-sim0:0:0:0): WRITE(10). CDB: 2a 00 00 00 00 10 00 00 10 00
(da0:umass-sim0:0:0:0): CAM status: CCB request completed with an error
(da0:umass-sim0:0:0:0): Retrying command

3

17.1 Legacy Series / Lobby: Dashboard

« on: February 04, 2017, 02:36:59 pm »

Hi,
firewall has 4 columns in Lobby: Dashboard.
System Information get updated every 20 or 30 seconds.

Why don't get Interface List and System Log automated updated?
Or is there a setting to be changed?

Greetings.

4

17.1 Legacy Series / Upgrade 16.7 to 17.1 succes.

« on: January 31, 2017, 08:15:06 pm »

Thanks OPNsense.
Upgrade succesfull.
Versions    OPNsense 17.1-i386
FreeBSD 11.0-RELEASE-p7
LibreSSL 2.4.4
Updates    Click to check for updates.
CPU Type    Geode(TM) Integrated Processor by AMD PCS (1 cores)

5

16.7 Legacy Series / [SOLVED] LAN blocked after UTP disconnect and connect.

« on: January 23, 2017, 12:32:44 pm »

Hello,

I have the following test situation:
Disconnect the LAN utp from opnsense firewall. WAN and OPT1 are still connected.
The connected OPT1 network can reach the internet.

After a day.
Connect LAN utp to opnsense firewall.
PC's on the LAN network are now blocked by firewall.

The OPT1 network can still connect to the internet.

Anyone has/had that experience also?
Is there solution, besides rebooting the firewall?

Log from firewall blocked
Jan 23 12:05:41    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:38    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:37    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:27    LAN     192.168.20.100:123     144.76.64.40:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     85.236.36.4:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     87.233.197.123:123    UDP

Greetings Roro.

6

17.1 Legacy Series / Block private networks from OPT1

« on: November 24, 2016, 11:37:11 am »

Hello,
I use OPNsense 17.1.a_753-i386 on soekris but I get the following:
@68 block drop in log quick on vr2 inet from 10.10.0.0/8 to any label "Block private networks from OPT1"

When I put utp in OPT2 no problems.

Something wrong in filterrules?
Greetings.

7

16.7 Legacy Series / During Upgrade Firewall LOST Internet connection

« on: October 27, 2016, 10:17:53 pm »

Hello,
during upgrading my opnsense box via serial com1 (soekris, cfcard, nano), I lost internet connection.
System was at point Fetching base-16.7.7-i386.txz and stopped upgrading.
I rebooted the system via console and did upgrade again.
Fetching base-16.7.7-i386.txz.
Fetching base-16.7.7-i386.obsolete.
Fetching kernel-16.7.7-i386.txz.
Installing kernel-16.7.7-i386.txz.
Installing base-16.7.7-i386.txz.
Installing base-16.7.7-i386.obsolete.
System did an automated reboot, but now I get the following error:

Trying to mount root from ufs:/dev/ufs/OPNsense1 [rw,async,noatime]...
mountroot: waiting for device /dev/ufs/OPNsense1 ...
Mounting from ufs:/dev/ufs/OPNsense1 failed with error 19.

Loader variables:
  vfs.root.mountfrom=ufs:/dev/ufs/OPNsense1
  vfs.root.mountfrom.options=rw,async,noatime

Manual root filesystem specification:
  <fstype>:<device> [options]
      Mount <device> using filesystem <fstype>
      and with the specified (optional) option list.

    eg. ufs:/dev/da0s1a
        zfs:tank
        cd9660:/dev/acd0 ro
          (which is equivalent to: mount -t cd9660 -o ro /dev/acd0 /)

  ?               List valid disk boot devices
  .               Yield 1 second (for background tasks)
  <empty line>    Abort manual input

mountroot>

Any hints to solve this issue.

Thank you.
Roro

8

Hardware and Performance / [SOLVED] CAM status: ATA Status Error

« on: August 26, 2016, 01:02:47 pm »

Hi Everyone,
I have 2 Soekris devices installed with CF-card running Opnsense 16.7.2-i386.

On both I get the following messages in the System Log File:
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): Error 5, Retries exhausted
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): RES: 51 04 6f 63 6b 45 45 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): ATA status: 51 (DRDY SERV ERR), error: 04 (ABRT )
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): CAM status: ATA Status Error
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): DSM TRIM. ACB: 06 01 00 00 00 40 00 00 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): Retrying command
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): RES: 51 04 6f 63 6b 45 45 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): ATA status: 51 (DRDY SERV ERR), error: 04 (ABRT )
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): CAM status: ATA Status Error
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): DSM TRIM. ACB: 06 01 00 00 00 40 00 00 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): Retrying command
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): RES: 51 04 6f 63 6b 45 45 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): ATA status: 51 (DRDY SERV ERR), error: 04 (ABRT )
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): CAM status: ATA Status Error
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): DSM TRIM. ACB: 06 01 00 00 00 40 00 00 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): Retrying command
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): RES: 51 04 6f 63 6b 45 45 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): ATA status: 51 (DRDY SERV ERR), error: 04 (ABRT )
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): CAM status: ATA Status Error
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): DSM TRIM. ACB: 06 01 00 00 00 40 00 00 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): Retrying command
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): RES: 51 04 6f 63 6b 45 45 00 00 01 00
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): ATA status: 51 (DRDY SERV ERR), error: 04 (ABRT )
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): CAM status: ATA Status Error
Aug 26 12:16:51    kernel: (ada0:ata0:0:0:0): DSM TRIM. ACB: 06 01 00 00 00 40 00 00 00 00 01 00

It has to do with the disk, anyone seen this before and is there a solution for this?

Greets,
Rosie

9

16.1 Legacy Series / [SOLVED] Firewall Normal View

« on: July 07, 2016, 08:16:47 pm »

Hi when I look in firewall normal view I get this.

Jul 7 20:04:56    2_VR2_OPT1 xxx.xxx.xxx.17:<span title="Service 445/tcp: microsoft-ds">445</span>    xxx.xxx.xxx.100:12775    TCP:PA
Jul 7 20:04:27    2_VR2_OPT1 0.0.0.0:<span title="Service 68/udp: bootpc">68</span>    
255.255.255.255:<span title="Service 67/udp: bootps">67</span>    UDP

Never saw the </span> words.

10

16.1 Legacy Series / [SOLVED] Opnsense 16.1.15-i386 Bogon

« on: May 26, 2016, 01:16:00 pm »

Hi,
I have Block bogon networks enabled on my 10.x.x.x network.
After upgrade to 16.1.15-i386 this network will be handled as a BOGON network and then will be blocked.

Any clues?
Greetz
Roro.

11

15.7 Legacy Series / [SOLVED] NANO on 4GB or 8GB cf-card?

« on: November 18, 2015, 09:04:03 pm »

Hello,
I burned OPNsense-15.7.18-OpenSSL-nano-i386.img on a 8GB cf-card.
When I boot the machine no startup.

Is this img only for 4gb cf-cards?

Roro

12

15.7 Legacy Series / Clean install 15.7_LibreSSL as VM, firmware upgrade not working.

« on: August 27, 2015, 05:04:05 pm »

Hello,
i'm struggling to get OPNsense-15.7_LibreSSL-cdrom-i386.iso to the latest firmware.
OPNsense 15.7-i386
FreeBSD 10.1-RELEASE-p14
LibreSSL 2.2.0
=====================================================
Current Firmware Status :
A total of 66 update(s) are available.
=====================================================
Message on Firmware page:
***GOT REQUEST TO UPGRADE: all***
***STARTING UPGRADE***
Updating OPNsense repository catalogue...
OPNsense repository is up-to-date.
All repositories are up-to-date.
Updating OPNsense repository catalogue...
OPNsense repository is up-to-date.
All repositories are up-to-date.
Checking for upgrades (99 candidates): .......... done
Processing candidates (99 candidates): ....... done
The following 66 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
   opnsense-update: 15.7.10
   unbound: 1.5.4_1
   ldns: 1.6.17_5
   libedit: 3.1.20150325_1

Installed packages to be UPGRADED:
   sudo: 1.8.13 -> 1.8.14p3
   squid: 3.5.3_1 -> 3.5.7
   sqlite3: 3.8.10.2 -> 3.8.11.1
   smartmontools: 6.4 -> 6.4_1
   py27-pytz: 2014.10,1 -> 2015.4,1
   py27-Jinja2: 2.7.3 -> 2.8
   py27-Babel: 1.3_2 -> 2.0
   png: 1.6.17 -> 1.6.17_1
   php56-zlib: 5.6.10 -> 5.6.12
   php56-xml: 5.6.10 -> 5.6.12
   php56-tokenizer: 5.6.10 -> 5.6.12
   php56-sqlite3: 5.6.10 -> 5.6.12
   php56-sockets: 5.6.10 -> 5.6.12
   php56-simplexml: 5.6.10 -> 5.6.12
   php56-session: 5.6.10 -> 5.6.12
   php56-pdo_sqlite: 5.6.10 -> 5.6.12
   php56-pdo: 5.6.10 -> 5.6.12
   php56-openssl: 5.6.10 -> 5.6.12
   php56-mysql: 5.6.10 -> 5.6.12
   php56-mcrypt: 5.6.10 -> 5.6.12
   php56-mbstring: 5.6.10 -> 5.6.12
   php56-ldap: 5.6.10 -> 5.6.12
   php56-json: 5.6.10 -> 5.6.12
   php56-hash: 5.6.10 -> 5.6.12
   php56-gettext: 5.6.10 -> 5.6.12
   php56-filter: 5.6.10 -> 5.6.12
   php56-dom: 5.6.10 -> 5.6.12
   php56-curl: 5.6.10 -> 5.6.12
   php56-ctype: 5.6.10 -> 5.6.12
   php56-bz2: 5.6.10 -> 5.6.12
   php56-bcmath: 5.6.10 -> 5.6.12
   php56: 5.6.10 -> 5.6.12
   phalcon: 2.0.3 -> 2.0.7
   perl5: 5.20.2_5 -> 5.20.2_6
   pcre: 8.37_1 -> 8.37_4
   opnsense: 15.7 -> 15.7.11
   openvpn: 2.3.7 -> 2.3.8
   openssh-portable: 6.8.p1_8,1 -> 7.1.p1_1,1
   mpd5: 5.7_2 -> 5.7_3
   lighttpd: 1.4.35_5 -> 1.4.36
   libressl: 2.2.0 -> 2.2.2
   libmcrypt: 2.5.8_2 -> 2.5.8_3
   jansson: 2.7 -> 2.7_1
   isc-dhcp42-server: 4.2.8 -> 4.2.8_1
   gettext-runtime: 0.19.4 -> 0.19.5.1
   freetype2: 2.5.5 -> 2.6_1
   filterdns: 0.1 -> 0.2
   expat: 2.1.0_2 -> 2.1.0_3
   dnsmasq: 2.73,1 -> 2.75,1
   curl: 7.43.0_2 -> 7.44.0
   ca_root_nss: 3.19.1_1 -> 3.20
   bind910: 9.10.2_5 -> 9.10.2P3_1

Installed packages to be REINSTALLED:
   voucher-0.1_4 (needed shared library changed)
   syslogd-10.1_1 (direct dependency changed: clog)
   strongswan-5.3.2 (needed shared library changed)
   relayd-5.5.20140810_1 (needed shared library changed)
   python27-2.7.10 (needed shared library changed)
   openldap-client-2.4.41 (needed shared library changed)
   ntp-4.2.8p3 (needed shared library changed)
   miniupnpd-1.9_1,1 (needed shared library changed)
   libxml2-2.9.2_3 (options changed)
   libevent2-2.0.22_1 (needed shared library changed)

The operation will free 6 MiB.
41 MiB to be downloaded.
Restarting webConfigurator...done.
***DONE***
===========================================================

I test this on vmware. I have a 8gb disk, after configuring the first upgrade works, but then the following upgrade does not work (via webconsole or cli). I also had this with the OPNsense-15.7_OpenSSL-cdrom-i386.iso version.

Any idea?

Cheers,
RoRo