"
Hi,
the label is no longer displayed in the Firewall live view.
cheers
tillsense
the label is no longer displayed in the Firewall live view.
cheers
tillsense
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
23.7 Legacy Series / Unbound Dash/Logs does not show correct Time
October 16, 2023, 07:50:56 PM
Hi all,
the dashboard, firewall live rules and logs all have the correct time as stored in the system as time zone. Only the Unbound reporting shows UTC in live logs and its own dashboard? And why only 24h or 1000 entries? Only one OPNsense update needs about 30 requests (entries) Why that? ( 23.7.6)
cheers
till
the dashboard, firewall live rules and logs all have the correct time as stored in the system as time zone. Only the Unbound reporting shows UTC in live logs and its own dashboard? And why only 24h or 1000 entries? Only one OPNsense update needs about 30 requests (entries) Why that? ( 23.7.6)
cheers
till
#3
23.7 Legacy Series / [SOLVED] Suricata stops Unbound(TLS)
July 29, 2023, 07:26:11 PM
hi all,
suricata stops unbound after some seconds. no more dns resolution is possible. in the overview there is a "drop" as action. in the log of unbound error:
1 error: SSL_handshake syscall: Broken pipe
2 error: outgoing tcp: bind: Can't assign requested address
workaround is to stop suricata
configured DNS over TLS (test with 23.7.r_44-amd64)
do I have to reconfigure anything?
cheers
till
suricata stops unbound after some seconds. no more dns resolution is possible. in the overview there is a "drop" as action. in the log of unbound error:
1 error: SSL_handshake syscall: Broken pipe
2 error: outgoing tcp: bind: Can't assign requested address
workaround is to stop suricata
configured DNS over TLS (test with 23.7.r_44-amd64)
do I have to reconfigure anything?
cheers
till
#4
Hardware and Performance / EEPD EM PRO R1102G ...just embedded AMD low Voltage Router
June 06, 2023, 08:39:59 PM
[Manufacturer]
https://shop.eepd.de/en/
[Top FAQ]
Fanless - Yes (R1102G)
TDP - <=6W (R1102G)
Ports - 2x Intel I210 with IEEE1588 (R1102G)
cheers till
[Changelog]
31.07.2023 - Typo TDP / Fanless
06.06.2023 - First Post
https://shop.eepd.de/en/
[Top FAQ]
Fanless - Yes (R1102G)
TDP - <=6W (R1102G)
Ports - 2x Intel I210 with IEEE1588 (R1102G)
cheers till
[Changelog]
31.07.2023 - Typo TDP / Fanless
06.06.2023 - First Post
#5
23.1 Legacy Series / [SOLVED] 23.1.r2 - Unbound Error
January 24, 2023, 07:53:14 PM
Hi all,
Unbound Log:
dnsbl_module.py I assume are the Unbound DNS blacklists but they are not active...also I have thousands of dns requests to "rulesets.opnsense.org". What is this?
The only thing I changed is to enable the dns statistics locally under reporting. (Still the DOT config with 3 times start of Unbound...)
cheers
till
Unbound Log:
Code Select
SystemError: <built-in function close> returned a result with an error set
os.close(ctx.pipe_fd)
File "dnsbl_module.py", line 265, in deinit
Traceback (most recent call last):
The above exception was the direct cause of the following exception:
AttributeError: 'NoneType' object has no attribute 'security'
ctx.log_entry(*info, ACTION_PASS, SOURCE_LOCALDATA, None, rcode, 0, rep.security, rep.ttl)
File "dnsbl_module.py", line 234, in local_cb
2023-01-24T18:18:43 Error unbound [24474:0] error: pythonmod: python error: Traceback (most recent call last):
2023-01-24T18:18:43 Error unbound [24474:0] error: pythonmod: Exception occurred in function deinit
2023-01-24T18:16:53 Error unbound Unable to open pipe. This is likely because Unbound isn't running.
dnsbl_module.py I assume are the Unbound DNS blacklists but they are not active...also I have thousands of dns requests to "rulesets.opnsense.org". What is this?
The only thing I changed is to enable the dns statistics locally under reporting. (Still the DOT config with 3 times start of Unbound...)
cheers
till
#6
22.7 Legacy Series / Unbound DNS DoT config contact to root server
December 15, 2022, 06:20:59 PM
Hi all,
Unbound contacts the root server(s) at startup. With a DoT config and firewall rules that prevent port 53 makes no sense. An option in the gui to prevent this would be suitable at the point or even in this case the default?
cheers
till
Unbound contacts the root server(s) at startup. With a DoT config and firewall rules that prevent port 53 makes no sense. An option in the gui to prevent this would be suitable at the point or even in this case the default?
cheers
till
#7
22.1 Legacy Series / [SOLVED] Unbound DNS Log is empty
January 27, 2022, 08:10:42 PM
Hi all,
unbound dns log is empty in all levels?
OPNsense 22.1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021
cheers
till
unbound dns log is empty in all levels?
OPNsense 22.1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021
cheers
till
#8
Development and Code Review / e2guardian Plugin
December 19, 2019, 09:57:21 PM
Is started by Michael: :-*
Quotehttps://twitter.com/mimu_muc/status/1186278727262658561
http://e2guardian.org/cms/index.php Same features as squidquard which is often requested but active developed. I'd build a plugin around it.
#9
Hardware and Performance / PCENGINES APU New models
September 13, 2019, 08:37:41 PM
APU2E2 / APU2E4 - https://www.pcengines.ch/apu2e4.htm
#10
Development and Code Review / DNSBL and additional features Plugin for Unbound
September 05, 2019, 07:55:00 PM
Is started by Michael:
Ideas:
Please schedule a field for regex entries :)
Quotehttps://twitter.com/mimu_muc/status/1169482538009747461
Today I'll start building a plugin for Unbound additional features, bringing DNSBL to @opnsense without the need for BIND or dnscrypt-proxy. Future versions will offer DoT and more (depending on your ideas)
Ideas:
Please schedule a field for regex entries :)
#11
19.7 Legacy Series / 19.7.r1 now 19.7 - Netflow freeze System again
July 15, 2019, 09:47:07 PM
Hi all,
NetFlow e.g. flowd uses up to 90% of a cpu core all the time and when changing the listening interfaces the system freezes again completely (opnsense-patch 24dc2a82b is installed)...?
cheers
till
NetFlow e.g. flowd uses up to 90% of a cpu core all the time and when changing the listening interfaces the system freezes again completely (opnsense-patch 24dc2a82b is installed)...?
cheers
till
#12
19.7 Legacy Series / Plugin OS-Smart / Widget on Dashboard shows only status unknown
July 13, 2019, 07:04:12 PM
Hi all,
does anyone have the smart widget active in the dashboard (Smart Plugin required) and can please give a feedback if he gets a smart status from his devices on 19.7.r1?
cheers
till
does anyone have the smart widget active in the dashboard (Smart Plugin required) and can please give a feedback if he gets a smart status from his devices on 19.7.r1?
cheers
till
#13
Hardware and Performance / Open Coreboot Firmware Device List
June 14, 2019, 08:19:25 PM
PcEngines - https://www.pcengines.ch/ - Firmware Support: https://pcengines.github.io/
- Forum Topic: https://forum.opnsense.org/index.php?topic=4200.0
Protectli - https://protectli.com/ - Firmware Support: https://protectli.com/kb/coreboot-on-the-vault/
- Forum Topic: https://forum.opnsense.org/index.php?topic=11781.0
- Forum Topic: https://forum.opnsense.org/index.php?topic=4200.0
Protectli - https://protectli.com/ - Firmware Support: https://protectli.com/kb/coreboot-on-the-vault/
- Forum Topic: https://forum.opnsense.org/index.php?topic=11781.0
#14
19.1 Legacy Series / NTP problems only IPv4
February 27, 2019, 08:15:47 PM
Hi,
i noticed that the time after the new connection is no longer synchronous. Since I wanted to do a test with only IPv4 anyway i changed the ntpd.inc a bit and after a restart of the service the protocol log also showed these start parameters and the service ran without ipv6 sockets.
After restarting OPNsense these start parameters are not used according to the protocol log output and the sockets confirm that ipv6 is running. An immediate restart of the service causes again the correct start with the changes and also the missing of the ipv6 sockets confirm this again?
My guess is that something seems to be wrong with the sequences?
cheers
till
i noticed that the time after the new connection is no longer synchronous. Since I wanted to do a test with only IPv4 anyway i changed the ntpd.inc a bit and after a restart of the service the protocol log also showed these start parameters and the service ran without ipv6 sockets.
After restarting OPNsense these start parameters are not used according to the protocol log output and the sockets confirm that ipv6 is running. An immediate restart of the service causes again the correct start with the changes and also the missing of the ipv6 sockets confirm this again?
My guess is that something seems to be wrong with the sequences?
cheers
till
#15
Hardware and Performance / Embedded World 2019 - Messe Nürnberg
February 19, 2019, 09:11:52 PM
Hi all,
Is there anyone here? / Ist jemand hier anzutreffen?
cheers till
Is there anyone here? / Ist jemand hier anzutreffen?
cheers till
#16
19.1 Legacy Series / Update from console to 19.1.r1 failed, no signature found
January 19, 2019, 09:10:04 PM
Hi all,
...the same thing about web interface (Unlocking the base and kernel lock does not work via webinterface either)?
cheers till
Code Select
Enter an option: 12
...
A major firmware upgrade is available for this installation: 19.1.r1
Make sure you have read the release notes and migration guide before
attempting this upgrade. Around 400MB will need to be downloaded and
require 800MB of free space. Continue with this major upgrade by
typing the major upgrade version number displayed above.
Minor updates may be available, answer 'y' to run them instead.
Proceed with this action? [19.1.r1/y/N]: 19.1.r1
Fetching packages-19.1.r1-OpenSSL-amd64.tar: .. failed, no signature found
...the same thing about web interface (Unlocking the base and kernel lock does not work via webinterface either)?
cheers till
#17
Hardware and Performance / Modem Vigor 166
December 27, 2018, 10:02:25 PM
Hi,
from January on, Draytek will supply the supervectoring VDSLx Model Vigor 165. Later in the year, the Vigor 166 will be released with G.Fast.
cheers till
from January on, Draytek will supply the supervectoring VDSLx Model Vigor 165. Later in the year, the Vigor 166 will be released with G.Fast.
cheers till
#18
Hardware and Performance / Modem Vigor 165
December 27, 2018, 09:40:38 PM
Hi,
from January on, Draytek will supply the supervectoring VDSLx Model Vigor 165.
cheers till
from January on, Draytek will supply the supervectoring VDSLx Model Vigor 165.
cheers till
#19
18.7 Legacy Series / New Plugin Dnscrypt-Proxy
December 12, 2018, 06:38:21 PM
Hi,
nice. Is there already a manual for the plugin?
cheers till
nice. Is there already a manual for the plugin?
cheers till
#20
German - Deutsch / Hardware mit Power over Ethernet Ports
November 28, 2018, 08:25:20 PM
Hallo zusammen,
die Idee ist OPNsense als Systemsoftware auf Hardware die min POE+ auf ein paar Ports zur Verfügung stellen kann zu nutzen. Stellen sich mir 2 Fragen:
1. Gibt es Überlegungen dies in OPNsense/HardenedBSD (Plugin?) zu implementieren bzw. was würde dies für ein Aufwand bedeuten? (z.B. per GUI POE ein und ausschalten pro Interface)
2. Welche Hardware (POE+ Unterstützung)?
cheers till
die Idee ist OPNsense als Systemsoftware auf Hardware die min POE+ auf ein paar Ports zur Verfügung stellen kann zu nutzen. Stellen sich mir 2 Fragen:
1. Gibt es Überlegungen dies in OPNsense/HardenedBSD (Plugin?) zu implementieren bzw. was würde dies für ein Aufwand bedeuten? (z.B. per GUI POE ein und ausschalten pro Interface)
2. Welche Hardware (POE+ Unterstützung)?
cheers till
