Messages

<stop> being an empty table/alias I have defined

I'm a bit late to this but this seems to work and should be a bit more atomic that scripted things stopping the race between state creation and the block rule.

I have a rule very early on like this

block return in quick on private from <stop> to any

I then cron things like this

pfctl -F states  -t stop -T add 192.168.210.85
3776 states cleared
1/1 addresses added.

Thanks for the information. I am confused though, why was the standard BSD bootstrap deviated from.  Was this an opnsense design decision or was it inherited from the pfsense fork? If the latter does anyone know the reason?

It was state here very recently: https://forum.opnsense.org/index.php?topic=8521.0

Translated:

Requires time for development. Every now and then somebody brings up a new networking feature they want to merge and that is subsequently prioritised... :)

We need to do two things:

1. ZFS Boot Awareness: With a FreeBSD on ZFS you can install OPNsense using opnsense-bootstrap, but the system won't boot because /usr/local/etc/rc is not aware of ZFS and the kernel module is missing.

2. When 1. is done the installer needs to gain a ZFS installation mode.


Cheers,
Franco

Can you elaborate why one that is, other than not supported yet. I ask as im new to opnsense but very experienced with freebsd, and zfs builds.  Initially looking around at what is available in the base userland, I suspect I could get it going in and incorporate boot environments, unless there is something hidden in there. All the libraries, kernel modules and loaders appear to be there, which is a good start. After all it does look like opnsense is a fairly bog standard freebsd build with tweaks, config management and a gui.