Messages

1

24.1 Legacy Series / Re: Update Firmware Status, keeps hanging

« on: February 27, 2024, 06:14:02 pm »

Switching the mirror from "default" to LeaseWeb San Francisco (I'm in Southern California) seems to have fixed it. Never had an issue with using default before.

2

24.1 Legacy Series / Re: Update Firmware Status, keeps hanging

« on: February 26, 2024, 10:22:26 pm »

Check health has been running for about 20 minutes.  Currently:

Code: [Select]

***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 24.1.2_1 at Mon Feb 26 13:02:31 PST 2024
>>> Root file system: /dev/gpt/rootfs
>>> Check installed kernel version
Version 24.1.2 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 24.1.2 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense
>>> Check installed plugins
os-acme-client 4.1
os-ddclient 1.21
os-qemu-guest-agent 1.2
os-wol 2.4_2
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 68 dependencies to check.
Checking packages: .......

3

24.1 Legacy Series / Update Firmware Status, keeps hanging

« on: February 26, 2024, 10:02:58 pm »

When I check the update status, keeps hanging with spinning wheel. Here is attached status.
It does eventually comes back with ***DONE*** after many minutes.

Code: [Select]

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.1.2_1 at Mon Feb 26 12:48:35 PST 2024
Fetching changelog information, please wait... fetch: transfer timed out
fetch: /usr/local/opnsense/changelog/changelog.txz appears to be truncated: 0/128592 bytes
Updating OPNsense repository catalogue...
Waiting for another process to update repository OPNsense
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.

4

23.7 Legacy Series / Unbound Whitelist not working

« on: January 05, 2024, 06:46:09 pm »

I have decided to try the block list functionality of unbound after previously using pihole.

Using the OISD - Domain Blocklist Big.  I know from using pihole that for this list i need to whitelist the trace.svc.ui.com.

I add trace.svc.ui.com to whitelist, but when i go to Interfaces: Diagnostics: DNS Lookup i get:
trace.svc.ui.com. 3600 IN A 0.0.0.0

I also see via dig on other machine that it is indeed being blocked.

So whitelist under unbound does not work?

5

23.7 Legacy Series / Re: 23.7.8 - No Label in Live View

« on: November 09, 2023, 05:55:36 pm »

I'm seeing the same thing here

6

23.7 Legacy Series / Re: Firewall Widget doesn´t work anymore

« on: November 09, 2023, 05:51:14 pm »

I'm seeing the same thing.

7

22.7 Legacy Series / Re: GeoIP restrictions not updating/working

« on: October 21, 2023, 04:11:05 pm »

How did you get this to work? Im having the same issue.

8

23.7 Legacy Series / Re: Automatically generated rules - is the reason I stopped migrating to OPNSense

« on: September 28, 2023, 03:49:23 pm »

This is not an opnsense issue.

It is an issue with the external network misconfigured on either the external switch or on his virtualization.

Would probably be better if the OP went to a support group on how to setup vlans on his smart switch as he said he saw it on his bare metal install.

9

23.7 Legacy Series / Re: Automatically generated rules - is the reason I stopped migrating to OPNSense

« on: September 27, 2023, 12:16:51 am »

Are you are running opnsense virtualized?

I think you have your Virtual Host configured incorrectly to support vlans. Either that or your external smart switch is incorrectly set up.  The symptoms you are describing is exactly what happens when vlans are not configured correctly on the external switch and they are getting combined. This is external to opnsense.

Yes its virtulised. When i first read your input in the first instance it did seem to make sense. But as i thought it through i thought otherwise. Let me explain why i think its not the case.

Suppose i misconfigured ESXi and/or the switch. opnsense should still block the ping when it passes through it. we know it passes through it because if i shut it down both vms stop being able to ping each other. Therefore althought its always a possiility due to misconfiguration i think its unlikely?

No, you definitely have the virtualization misconfigured. Basically you have cross connected multiple layer 3 ip subnets onto the same layer 2 Ethernet segment. Virtually or via your external switch.

10

23.7 Legacy Series / Re: Automatically generated rules - is the reason I stopped migrating to OPNSense

« on: September 26, 2023, 10:30:25 pm »

Are you are running opnsense virtualized?

I think you have your Virtual Host configured incorrectly to support vlans. Either that or your external smart switch is incorrectly set up.  The symptoms you are describing is exactly what happens when vlans are not configured correctly on the external switch and they are getting combined. This is external to opnsense.

11

23.7 Legacy Series / Re: Auto Generated Rules pull down will not open on LAN interfaces

« on: August 23, 2023, 05:07:59 pm »

I opened issue #6772 in Github.

12

23.7 Legacy Series / Re: Auto Generated Rules pull down will not open on LAN interfaces

« on: August 23, 2023, 04:48:45 pm »

In summary, what is happening is that the Pull Down that used to show the Group Rules, has been combined into the Automatically Generated rules pull down and the browser isn't able to open the pull down.

13

23.7 Legacy Series / Re: Auto Generated Rules pull down will not open on interfaces with Groups

« on: August 23, 2023, 04:46:17 pm »

I just updated to 23.7.2 and this problem is still there.

14

23.7 Legacy Series / Re: Auto Generated Rules pull down will not open on LAN interfaces

« on: August 15, 2023, 01:12:17 am »

I should clarify, that though I say it is LAN interface rules, it is really Interface members of the groups that have the issue. I can remove an interface from the group and it is good. Add back to the group and it has the issue again.

15

23.7 Legacy Series / Re: Auto Generated Rules pull down will not open on LAN interfaces

« on: August 15, 2023, 12:55:16 am »

Can you expand on that group that seems to be causing the issues then ? If things work fine for a while then there's something changing that causes the issue.

It was not working fine for awhile and then wasn't it was working fine.  Then I upgraded to 23.7.1_3 and then it no longer worked.

It seems that on the LAN interface of the Firewall rules, there should be an expandable list of the "Automatically generated rules"

Then, there will be an expandable list of "Floating rules"

Then, and here is where the problem is, there should be but it is missing and expandable List for Group Rules. Then the actual LAN rules follow.

Somehow instead of the Group rules getting an expandable tab, it is getting shoved into the Automatically generated rules" list.

When I look at the page source, it looks that the group section was a copy paste of the auto section

Here is the source for the Auto Section

Code: [Select]

                    <tr id="expand-internal-rules" class="expand_type is_collapsed" data-type="internal" style="display: none;">
                        <td><i class="fa fa-folder-o text-muted"></i></td>
                        <td></td>
                        <td class="view-info" colspan="2"> </td>
                        <td class="view-info hidden-xs hidden-sm" colspan="5"> </td>
                        <td colspan="2" class="view-stats hidden-xs hidden-sm"></td>
                        <td colspan="2" class="view-stats"></td>
                        <td class="view-info"></td>
                        <td>Automatically generated rules</td>
                        <td>
                            <button class="btn btn-default btn-xs" id="expand-internal">
                              <i class="fa fa-chevron-circle-down" aria-hidden="true"></i>
                              <span class="badge">
                                <span id="internal-rule-count"><span>
                              </span>
                            </button>
                        </td>
                    </tr>
Following that are rows for each auto rule.

Next Section is the Floating rules:

Code: [Select]

                   <tr id="expand-floating-rules" class="expand_type is_collapsed" data-type="floating" style="display: none;">
                        <td><i class="fa fa-folder-o text-muted"></i></td>
                        <td></td>
                        <td class="view-info" colspan="2"> </td>
                        <td class="view-info hidden-xs hidden-sm" colspan="5"> </td>
                        <td colspan="2" class="view-stats hidden-xs hidden-sm"></td>
                        <td colspan="2" class="view-stats"></td>
                        <td class="view-info"></td>
                        <td>Floating rules</td>
                        <td>
                            <button class="btn btn-default btn-xs" id="expand-floating">
                              <i class="fa fa-chevron-circle-down" aria-hidden="true"></i>
                              <span class="badge">
                                <span id="floating-rule-count"><span>
                              </span>
                            </button>
                        </td>
                    </tr>

After the Floating section is should be the group rule section, but it is a copy/paste of the Auto section.

Code: [Select]

<tr id="expand-internal-rules" class="expand_type is_collapsed" data-type="internal" style="display: none;">
                        <td><i class="fa fa-folder-o text-muted"></i></td>
                        <td></td>
                        <td class="view-info" colspan="2"> </td>
                        <td class="view-info hidden-xs hidden-sm" colspan="5"> </td>
                        <td colspan="2" class="view-stats hidden-xs hidden-sm"></td>
                        <td colspan="2" class="view-stats"></td>
                        <td class="view-info"></td>
                        <td>Automatically generated rules</td>
                        <td>
                            <button class="btn btn-default btn-xs" id="expand-internal">
                              <i class="fa fa-chevron-circle-down" aria-hidden="true"></i>
                              <span class="badge">
                                <span id="internal-rule-count"><span>
                              </span>
                            </button>
                        </td>
                    </tr>
I think it should be using a different id from the auto.  I think the copy paste and not having a unique id is what is breaking it.

i.e. Instead of id="expand-internal-rules"  it should have id="expand-group-rules" etc.