Messages

I'm curious why you need the DNS servers in the first place. The GUI is reachable via the IP after setup, where the DNS servers can be configured. Are you trying to mimic a unattended installation or a headless deployment?

This is what we would think is part of our API work so that we can have a remote client or command line utility to serve this purpose. Not sure if it's worth writing a local console utility to rewrite DNS servers, but I'm not against merging the code if it's there. :)

cpdup(1) may be allocating too much RAM or it is part of the new async write we have pushed into the BSD installer. None of those issues are unsolvable, even though they shouldn't materialise in this out of memory kill sort of way. We'll find out why, no worries. :)

Demetris,

The FreeBSD ports tree still isn't ready by default (Python 2.7 is missing LibreSSL build support). I have some patches to push upstream as well, and Bernard and others are doing a lot more work behind the scenes. See:

http://www.bsdnow.tv/episodes/2015_03_25-ssl_in_the_wild (the interview bits with Bernard Spil)

There is the question of hardware acceleration which isn't in LibreSSL as far as I heard, but I need to check back with LibreSSL devs to be sure or hear their plans.

What we are most likely going to do is release both versions officially in the future as soon as we have automated build infrastructure up and running (building 2 versions in parallel was tricky, building 4 is impossible from this laptop). Donations and help are welcome in that regard. This will most likely materialise for 15.7.

In any case, LibreSSL builds are becoming more frequent with images and timely updates and we want to keep this up. :)

Bump your VM memory to 1 GB and it will install fine. In the meantime I'll try to find out more about why that is. It shouldn't hog so much memory.

No need, this is expected. We've had stability issues with the GUI in the past versions and are about to hook in the base updates as well as we grow confident the GUI won't glitch out, trashing boxes in the process. Thanks for the clarification.

Maybe it was the GUI update which does not update from FreeBSD 10.1-p8 to FreeBSD 10.1-p9on purpose as describe in the patch notes (the recommended method is the console firmware upgrade). p8 has the crash, p9 doesn't.

cdrom? amd64? i386?

I cannot help without knowing more details. The virtual box settings are ok. I test all images for a working install. I am not sure why this happens for you.

The next version will have support for filtering via OpenDNS.

https://twitter.com/opnsense/status/586820576343363584
https://github.com/opnsense/core/commit/884fac34e50f799b357e3469868285de92e2d878

Please share your version info as seen in the dashboard with us, thanks.

Which file? Did you verify the checksum?

15.1.9_LibreSSL updates and images are up: https://pkg.opnsense.org/snapshots/

Disclaimer: still experimental; yadda, yadda; please also read the 15.1.9 announcement... https://forum.opnsense.org/index.php?topic=306.0


Have fun. Report back. :)

Hello friends,

although we have already released 15.1.8.4 early this week, we're pushing out 15.1.9 for two important reasons: security updates, kernel panic fixes and clean images as we've had a couple of things that needed addressing following the configuration system rewrite in 15.1.8. That's three important reasons really. ;)

The recommended upgrade method is the root console option 12 to properly update both the packages and the base system to the latest available releases. Please verify that the system information widget on the dashboard presents you with the following and new version information (will show "i386" as opposed to "amd64" if you use the 32 bit version):

Code Select Expand

OPNsense 15.1.9-amd64
FreeBSD 10.1-RELEASE-p9
OpenSSL 1.0.1m 19 Mar 2015

Alternatively, you can choose to boot a fresh install media and do a clean config import followed by an immediate installation to retain your full setup.

As always, back up your configuration to an external location prior to upgrading.

LibreSSL images and updates are expected later today. Please watch out for the announcement on Twitter, IRC, the forum or elsewhere. LibreSSL is still an experimental release despite the fact we keep it up to date and mix LibreSSL updates into the shared patch notes.

Here is the change log for 15.1.9:

o tools: install media live images now use the more flexible tmpfs(5)
o tools: cxgbe(4) is now compiled into the kernel
o ports: strongswan 5.3.0, openssh-portable 6.8p1, ntp 4.2.8p2
o src: reverted inconsistent carp(4) and pfsync(4) patches to retain standard FreeBSD behaviour
o src: fix multiple vulnerabilities of ntp (SA-15:07)
o src: fix denial of service with IPv6 router advertisements (SA-15:09)
o core: console upgrade now also triggers the unused package removal
o core: fix regression that caused a faulty config.xml when applying limiter settings
o core: refactored the configd command structure for clarity
o core: fix for SMTP notifications that broke due to PHP 5.6's new default SSL behaviour
o core: thorough unused java script purge under the hood
o upnp: fix redeclaration error on main page shortcut click
o user manager: consolidated the labels of all privileges, especially OpenVPN
o development: opnsense-update can selectively upgrade base/kernel for testing
o development: new chunk of progress on the new proxy feature and MVC structure

The images can be found on a mirror of your choosing:

https://opnsense.org/download/

The checksums are:

Code Select Expand

SHA256 (OPNsense-15.1.9-cdrom-amd64.iso.bz2) = d159a791cbc373435f25c74f433cc6b419fd8d6df8940d854fec6cd07545acd4
SHA256 (OPNsense-15.1.9-serial-amd64.img.bz2) = 0584fa5092c40af9f8523be527408af57eac2ca71c9522e8167f7ae7f08e0586
SHA256 (OPNsense-15.1.9-vga-amd64.img.bz2) = ccd550b471aa6b13d9a8921aa9461d5eddedaeb9c375e97261ff4e54ebd881d2
SHA256 (OPNsense-15.1.9-cdrom-i386.iso.bz2) = dd3816e0b9c166009de0bde47adce28472bcc639918de91813db4b0ad3bd863e
SHA256 (OPNsense-15.1.9-serial-i386.img.bz2) = 6b39d3a3ede80f6996c589eeeb39b0777b3ae878f79101b85f9b7af3dad771d3
SHA256 (OPNsense-15.1.9-vga-i386.img.bz2) = 56b401719811d233cfd476f49501c436e0f3f02422a1bbc711aa70c0a1a4e340

MD5 (OPNsense-15.1.9-cdrom-amd64.iso.bz2) = 82b9575e8070248d52b01baae9d31544
MD5 (OPNsense-15.1.9-serial-amd64.img.bz2) = 3f516cfb088d13f747bc68a0725b955d
MD5 (OPNsense-15.1.9-vga-amd64.img.bz2) = 14f035f45c89f5fd404881baac93528f
MD5 (OPNsense-15.1.9-cdrom-i386.iso.bz2) = 09e724a1313f5ebbbfcbf61c62e0803d
MD5 (OPNsense-15.1.9-serial-i386.img.bz2) = 736069fb503de87599b0f866a47fdb02
MD5 (OPNsense-15.1.9-vga-i386.img.bz2) = c79f0c9fe2a0fcb4d8f4ff18146fe340


Stay safe and enjoy,
Your OPNsense team

A clean reinstall with the old version and an upgrade to 15.1.9 before you configure HA today is one way, or you wait for the 15.1.9 install media and use the "import configuration" feature from the installer on reinstall before doing the actual installation.

Trying to cope with a disappearing open source repository named pfsense-tools.git a little over 14 months ago is still showing how bad the move really was for the open source community. We wish you luck on your endeavour. We only do what we can given the circumstances and the willingness of users to help us get better. Thank you.

Also ich habe mich auch schon ausgesperrt aus dem LAN wenn ich im Captive Portal mit dem User/Passwords getestet habe. Nachdem ich meinen PC wieder ins LAN gestöpselt hatte ging das LAN nicht auf diesem Test-Rechner, aber natürlich überall anders. Das kann unter anderem mit ARP Spoofing Sicherung zusammenliegen. Ich versuche nur einzugrenzen wo das Problem liegt. Bisher konnte ich es noch nicht erfolgreich nachstellen, liegt aber im Moment auch am ICE-Netzwerk Setup. ;)