Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Space

Pages 1 2 3 4 ... 7
#16
19.1 Legacy Series / Re: IPv6 renewal crashes openvpn and dpinger
February 05, 2019, 11:04:47 PM
Regarding OpenVPN. The funny thing is that the Dashboard shows it as Failed even though it's still running:

Code Select
[root@OPNvirt:~ # ps -x | grep openvpn
76436  -  Ss      0:01.26 /usr/local/sbin/openvpn --config /var/etc/openvpn/server1.conf


Best regards,

    Space
#17
Intrusion Detection and Prevention / Re: Suricata 4.1.2 does not block traffic
February 03, 2019, 06:27:18 PM
Hi Abraxxa,

on which interfaces is your IDS listening? WAN or LAN or both?

For me the facebook blocking is not working either but I do not even see alarms for that. On my system IDS is only listening on WAN since LAN/OPT1 are currently monitored by Sensei.

Best regards,

    Space
#18
Intrusion Detection and Prevention / Re: Suricata 4.1.2 does not block traffic
February 01, 2019, 05:27:10 PM
Hi,

I can confirm that the file is passed through even if the Alerts state that Action is "blocked".

Best regards,

    Space
#19
Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering
January 27, 2019, 10:18:35 PM
Hi,

I have Sensei running on my OPNsense and I wondered why big part of the traffic did not show up and I see in the FAQ that IPv6 support is still work in progress.

Do you have an ETA for that feature already?

Thanks and looks great so far!

Space
#20
19.1 Legacy Series / [SOLVED] Re: Update to 19.1.r1 --> back to 19.1_r33
January 22, 2019, 11:07:02 AM
Never mind ... I found it ... I used "Upgrade now" (the lower button) instead of the "Update now" (the top button). I did not see it as blue because I was on different OS Theme :)

#21
19.1 Legacy Series / Re: Update to 19.1.r1 --> back to 19.1_r33
January 22, 2019, 10:54:10 AM
Ah, according to package I am on 19.1.r1 already - but somehow also not

Code Select

base 19.1.r1 447.8MiB BSD2CLAUSE HardenedBSD userland set
...
opnsense-devel 19.1.r_33 25.2MiB BSD2CLAUSE OPNsense development package  
opnsense-lang 18.7.8 5.80MiB BSD2CLAUSE OPNsense translations  
opnsense-update 19.1.r1 154KiB BSD2CLAUSE OPNsense update utilities


But when I ask to check for updates it again wants to install it ...
#22
19.1 Legacy Series / Re: Update to 19.1.r1 --> back to 19.1_r33
January 22, 2019, 10:47:28 AM
Hm, for "Release Type" I only see "Production" and "Development"
#23
19.1 Legacy Series / [Solved] Update to 19.1.r1 --> back to 19.1_r33
January 22, 2019, 09:41:59 AM
Hi,

I tried to update to 19.1.r1 but somehow it fails. I did the following:

- switch to dev branch -> update
- now I am on OPNsense 19.1.r_33-amd64
- check for updates -> unlock 19.1.r1 -> upgrade

Code Select

Updating OPNsense repository catalogue...
pkg-static: Repository OPNsense has a wrong packagesite, need to re-create database
Fetching meta.txz: 100%    1 KiB   1.5kB/s    00:01
Fetching packagesite.txz: 100%  150 KiB 153.4kB/s    00:01
Processing entries: 100%
OPNsense repository update completed. 587 packages processed.
All repositories are up to date.
Checking for upgrades (136 candidates): 100%
Processing candidates (136 candidates): 100%
uhub2: 6 ports with 6 removable, self powered
Checking integrity... done (0 conflicting)
The following 136 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
        pkg-1.10.5_5
        zip-3.0_1
        wpa_supplicant-2.7
        wireguard-go-0.0.20181222
        wireguard-0.0.20181218
...
Number of packages to be reinstalled: 136
[1/136] Reinstalling indexinfo-0.3.1...
[1/136] Extracting indexinfo-0.3.1: 100%
[2/136] Reinstalling readline-7.0.5...
[2/136] Extracting readline-7.0.5: 100%
...
Using existing user 'git_daemon'.
[136/136] Extracting git-2.20.1: 100%
Message from openssl-1.0.2q,1:

Edit /usr/local/openssl/openssl.cnf to fit your needs.
Message from python27-2.7.15:
... (all the other messages)
Checking integrity... done (0 conflicting)
Nothing to do.
pkg-static: Repository OPNsense has a wrong packagesite, need to re-create database
pkg-static: Repository OPNsense cannot be opened. 'pkg update' required
Nothing to do.
Please reboot.
... (reboot messages)
>>> Invoking early script 'update'
>>> Invoking early script 'configd'
Starting configd.
uhub3: 6 ports with 6 removable, self powered
>>> Invoking early script 'php'
Configuring PHP: OK
>>> Invoking early script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
OK
Launching the init system...done.
... (init messages)


- then after the final reboot I am back at 19.1.r_33

Do you have any idea what could have gone wrong? I have tried to switch to production again as well. Same messages, same result.

Thanks and best regards,

    Space
#24
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 10:51:02 PM
Hi marjohn56,

I sent you some details in PN ...

Thanks and best regards,

   Space
#25
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 10:31:35 PM
And now it's the red "Stop"-button again ... I will reboot the FW to clear the state and check again from scratch.
#26
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 10:26:26 PM
It's running right now ... WAN get's IPv6 from FritzBox via DHCPv6, LAN is tracking WAN for IPv6 and radvd is pushing out IPv6 to the clients ... yes. Sometimes it works and sometimes it does not work.

But the DHCPv6 server is still listed right now as running in Dashboard:

Code Select
Service Description Status
apinger Gateway Monitoring Daemon  
configd System Configuration Daemon  
dhcpd DHCPv4 Server  
dhcpd6 DHCPv6 Server  
dnsmasq Dnsmasq DNS

All with the green "play"-button.
#27
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 09:54:54 PM
Hi,

I have never switched the DHCP server setting to manual ... I do not even have that setting, at least not under System -> Settings -> General!

Right now I have changed the DNS servers under System -> Settings -> General to include only the two IPv4 DNS server of my ISP and used the IPv4 gateway for those ... now it works again.

If it shows up  again I will try to do further debugging ...

Thanks,

    Space
#28
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 09:27:46 PM
Hi,

I have not manually configured it ... the DNS settings were only the settings from General and it states they get overwritten by DHCP ... Should I remove the DNS servers altogether? I can try ...

But I do not even find the option to

Code Select
enable Manual IPv6 DHCPD and RA
#29
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 28, 2018, 06:43:41 PM
Having the same issue again ...

When I check "Services" in "Dashboard" I see that

Code Select
dhcpd6 DHCPv6 Server

is not started.
#30
18.1 Legacy Series / Re: 18.1.12 Prefix Delegation Bug?
July 26, 2018, 01:09:57 PM
Well, I have "fixed" mine as well, at least for the moment it's working ... when checking https://github.com/opnsense/core/pull/2460 I saw the comment
Quotego to the System->Settings->General Page and enable Manual IPv6 DHCPD and RA.
When I checked the page I did not see that option but noticed that in the DNS servers section some errors were present ... some IPv6 servers had set IPv4 gateway and vice versa. After changing those to "None" as gateway the prefix was almost immediately announced by radvd ...

Funny thing was: for some IPv6 nameservers only "None" and IPv4-gw were selectable and for some IPv4 nameservers only "None" and IPv6-gw ... after saving the page both IPv4-gw and IPv6-gw wer available again as well.

I hope this helps ... I will monitor my system for some time.

Thanks and best regards,

    Space
Pages 1 2 3 4 ... 7