Messages

It's a pity noone helped. :(
I removed Squid in opnsense and setup a linux server with Squid where everything works like a charm.

Bye,
Michele.

It looks like Squid or Opnsense can't decode inline images.
What and where is the process that decodes those images?
Maybe a problem can be there??

Should I open a case in https://github.com/search?q=repo%3Aopnsense%2Fplugins+squid&type=issues

I modified the CSS for the code related to a new logo but I don't think it's the problem.
I resetted to standard error pages many times (using the GUI) and the problem was there.
Besides yesterday, when I first tried Squid and before modifying anything, the error page was exactly the same: error page without the image.

Thanks,
Michele

Attached what you requested.
Anyway it looks stange to me it could be a browser problem, the error page is loaded with the inline image when it's local and not forwarded by Squid.

Thanks,
Michele.

Sorry again, I found it out.
What should I check anyway?

Thanks.

Sorry,
what do you mean with "browser console"? What should I check?

Hi Franco,
to tell the truth this is the first implementation of Squid since a lot of time so I can't answer your question.
What I can say is that I tried to open default error pages and my custom error page (with css file in the same dir) outside the installation (on my pc) and the image is displayed correctly.
I attached 2 screenshots to explain:
Image_1 is the error page downloaded from opnsense and displayed on my pc
Image_2 is the error page displayed on a pc filtered by Opnsense/Squid (you can see on the upper left side that logo is missing)

Michele.

Hi,
I'm on Opnsense 25.1.4_1-amd64 and trying to implement squid web proxy for a network.
Everything looks ok and works fine but the inline base64 image/logo doesn't appear in error pages, when using the squid pages and opnsense pages.
I've tried to implement custom error pages with a personal logo encoded with base64: the custom page show perfectly but not the logo.
I read againg and again the opnsense guide pages but I can't make it to work.
Do I have to activate anything in configuration? Do I have to add some line of code?
The stange fact is that the logo doesn't appear even ewith the standard error pages configuration.

Thanks a lot,
Michele.

10.160.71.2/32

The command " Ifconfig-push" has indeed to be removed.

Setting the field to 10.160.71.2/32 only works like a charm.

Thanks a lot.

Cheers,
Michele.

Hi.
Just upgraded to latest version 23.7.2.
I read in this topic https://forum.opnsense.org/index.php?topic=35149.0 that to push static IP to clients in the tunnel we just have to use the "IPv4 Tunnel Network" field.
Well, I just copied the command "ifconfig-push 10.160.71.2 255.255.255.255" and receive the error "please specify a valid network segment or address (IPv4/IPv6)" (see screenshot).

What am I doing wrong?

Thanks a lot,
Michele.

Looking at another thread dealing with much the same issue -- try using a different mirror. The DE mirror seems to not have issues. I am going to confirm later today on a second system. I finally got my first test system updated over night using its default mirror (assuming the US since that is where I am), but it took over 8 hours to do.

That's what I did few hours ago and it worked!
I used Aalbrog University mirror and it was ok. Default mirror, don't know what it is, stucks.

Thanks for reply,
Michele.

Same issue here.
I have 3 opnsense installations in 3 different places and all of them have the same problem.
I setup Google DNS in Settings -> General and then flagged "Do not use the local DNS service as a nameserver for this system" in DNS server options as suggested in other threads.
Unfortunately the problem persists in all of 3 installations.

I tried a system update from the Gui (from version 23.1.1 to 23.1.5) and the download speed is really slow. At a certain point procedure stucks at number 16 (fetching DNSmask) and nothing happens.
Anyone knows what's going on?

Hopre to hear good news about it very soon.

Best regards,
Michele.

The error messages seem to say that there are errors because stuff isn't enabled.  You could delete these messages from the log file.

I really can't find a way to "delete" those messages, at least via GUI. Anyway my usual goal is to find the reason why I have certain error logs first and then, eventually, find a way to delete them.

Or maybe enable stuff ... :)

Ok, I could do that: would you be so kind to indicate me how to?

Thanks.

Looks like it's just enabling protocols to monitor for which is not a bad thing unless you explicitly don't want those protocols looked at.

It may be just like that but log messages are indentified as "ERROR".
I'd like to know why these errors come up and how to remove them.

Cheers.

Hi.
I noticed several warnings on Intrusion Detection logs after update to version 22.1.8_1.
Warnings are like these (some examples):

• [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - App-Layer protocol http2 enable status not set, so enabling by default.
• [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - App-Layer protocol rdp enable status not set, so enabling by default.
• [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - App-Layer protocol mqtt enable status not set, so enabling by default.
• [...]

I know those are "just" warnings but do I have to worry about?

Thanks a lot,
Michele