Messages

16

General Discussion / Re: nginx listen ip

« on: May 10, 2019, 04:31:15 pm »

I would also like a feature to select which interface to listen on.  Another service using the port on another interface is causing me issues.  I don't want it to listen on all interfaces - would be nice to allow the selection and just default to ALL.

17

19.1 Legacy Series / Re: [solved] Stuck with let's encrypt validation

« on: May 09, 2019, 12:06:16 am »

I also have the "validation failed" message in the Last Acme Status for let's encrypt even though it appears to be a success.  I turned on debug logging using the staging.  Here is my output.. redacted.  It issues for the root domain and a couple alias hosts, which all properly resolve.  Also tried it with just the two hosts.

[Wed May 8 21:51:32 UTC 2019]   '' does not contain 'dns'
[Wed May 8 21:51:32 UTC 2019]   _on_issue_success
[Wed May 8 21:51:32 UTC 2019]   Installing full chain to:/var/etc/acme-client/certs/...redacted.../fullchain.pem
[Wed May 8 21:51:32 UTC 2019]   Installing key to:/var/etc/acme-client/keys/...redacted.../private.key
[Wed May 8 21:51:32 UTC 2019]   Installing CA to:/var/etc/acme-client/certs/...redacted.../chain.pem
[Wed May 8 21:51:32 UTC 2019]   Installing cert to:/var/etc/acme-client/certs/...redacted.../cert.pem
[Wed May 8 21:51:32 UTC 2019]   And the full chain certs is there: /var/etc/acme-client/home/...redacted...
[Wed May 8 21:51:32 UTC 2019]   The intermediate CA cert is in /var/etc/acme-client/home/...redacted...
[Wed May 8 21:51:32 UTC 2019]   ret='0'
[Wed May 8 21:51:32 UTC 2019]   _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header -g '
[Wed May 8 21:51:32 UTC 2019]   timeout=
[Wed May 8 21:51:32 UTC 2019]   url='https://acme-staging.api.letsencrypt.org/acme/issuer-cert'
[Wed May 8 21:51:32 UTC 2019]   GET
[Wed May 8 21:51:32 UTC 2019]   _link_issuer_retry='0'
[Wed May 8 21:51:32 UTC 2019]   Le_LinkIssuer='https://acme-staging.api.letsencrypt.org/acme/issuer-cert'
[Wed May 8 21:51:32 UTC 2019]   Your cert key is in /var/etc/acme-client/home/...redacted...
[Wed May 8 21:51:32 UTC 2019]   Your cert is in /var/etc/acme-client/home/...redacted...
[Wed May 8 21:51:32 UTC 2019]   Cert success.
[Wed May 8 21:51:32 UTC 2019]   Le_LinkCert='https://acme-staging.api.letsencrypt.org/acme/cert/...redacted...'
[Wed May 8 21:51:32 UTC 2019]   code='201'
[Wed May 8 21:51:32 UTC 2019]   response='...redacted...'
Date: Wed, 08 May 2019 21:51:32   GMT

18

19.1 Legacy Series / Re: GRE Tunnel

« on: May 08, 2019, 06:01:45 pm »

Disregard, I see it under Interfaces - Other Types.  Figured it might be an option under IPSEC.

19

19.1 Legacy Series / GRE Tunnel

« on: May 08, 2019, 03:06:28 pm »

Are there instructions on how to do a GRE tunnel with IPSEC?  I don't see the option.

20

General Discussion / Re: Locked Out

« on: March 18, 2019, 05:09:02 pm »

Thanks

21

General Discussion / Locked Out

« on: March 18, 2019, 04:54:49 pm »

Having some network issues and having to login via console, however, I can't.  When I log in as Root, it says Login incorrect.  I rebooted in Single User Mode, reset the root password, and same problem - Login Incorrect.

I do think I disabled the Root account via the web interface, but didn't think that would disable it at console.  And since none of the other admin user accounts have shell login, they just say "This account is currently not available".  I tried to edit the passwd file in single user mode to add the shell, but it seems to reset after it boots up. 

Please help - how can I get back in via the console?

22

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: March 08, 2019, 03:35:07 pm »

I have this Kernel panic issue as well and watching the thread.  I'd be happy to try the debug version or whatever special release you want to provide that might help us with this issue.  My documentation on the panic thus far is at https://forum.opnsense.org/index.php?topic=11767.0 if it helps.

I really appreciate franco's and AdSchellevis work on this project.  Even more so now as it sounds like it's voluntary.  As much time as franco puts into the project, I thought it was his day job working for Deciso and building Opnsense.  If not, it totally should be.  It takes a lot of love and passion to work on something like this for an extended period.  Thanks to all those involved and our friends, like lattera, working on HardenedBSD.   

23

19.1 Legacy Series / Re: Fatal trap 12: page fault

« on: February 27, 2019, 10:37:38 pm »

So I tried the opnsense-bootstrap and it fails with the same kernel issue.
I installed the FreeBSD 11.2-RELEASE without issue.  Ran the proper commands:

Code: [Select]

# pkg install ca_root_nss
# fetch https://raw.githubusercontent.com/opnsense/update/master/bootstrap/opnsense-bootstrap.sh
# sh ./opnsense-bootstrap.sh
After install / reboot - same fatal trap issue with Opnsense 19.1

24

19.1 Legacy Series / Re: Fatal trap 12: page fault

« on: February 22, 2019, 11:44:50 pm »

I stated in my last post that I tried fresh media.  It won't boot to the 19.1 live disk, which requires no hard drive.  Doesn't have any problems with versions prior to 19.1, so it's something in that build that's causing the issue.  It does likely have something to do with hardware, but most likely a compatibility problem, not faulty memory or disk.

I used Etcher to create the boot thumb drive for the fresh install.  Had no issues with any other linux distro booting from it, including freebsd 11.2. 

Looks to me to be an issue with the FPU check for xsave.  I'll be out for the weekend, but will return to this thread Monday.  Thanks for any help all!

25

19.1 Legacy Series / Re: Fatal trap 12: page fault

« on: February 22, 2019, 10:29:16 pm »

I downloaded OPNSense 19.1 image to liveboot the USB and it also crashed.  So I downloaded FreeBSD 11.2 to test it and it booted to the live OS fine.

26

19.1 Legacy Series / Re: Fatal trap 12: page fault

« on: February 22, 2019, 09:01:05 pm »

I was able to get it to boot by selection option 5 at boot time and selecting the kernel.old.  It booted with kernel 11.1, but the base was 11.2.  It then went through some config, but Opnsense appears to still be on 18.7.10_4, not 19.1.  So? Problem with FreeBSD 11.2 kernel?

27

19.1 Legacy Series / Fatal trap 12: page fault

« on: February 22, 2019, 08:58:01 pm »

It's a trap!  I'm able to focus on this error now.  When upgrading from 18.7.10_x to 19.1, it crashes the Dell Inspiron 3470.  I'm installing the base 18.7 with no configuration, no plugins - install and update.  I even updated to the latest Dell bios (1.5.11).  There is some sort of hardware incompatibility in the new kernel. Never had an issue prior to 19.1.

Fatal trap 12: Page fault while in kernel mode
...
Stopped at fpuinit+0x179: orb $0x10,ctx_switch_xsave+0x3

After the crash, I ran db> bt

Tracing pid 0 tid 0 td 0xffffffff8202d260
fpuinit() at fpuinit+0x189/frame 0xffffffff81c1fbd0
hammer_time() at hammer_time+0x11cb/frame 0xffffffff81c20070
btext() at btext+0x24

Here is a screenshot.

28

19.1 Legacy Series / Re: OPNsense 19.1 released update!

« on: February 21, 2019, 09:09:39 pm »

Ah, this is a problem that has plagued FreeBSD for a while. I take it your keyboard is not a US ASCII keyboard?

No, it is a US ASCII keyboard.  Default Dell Keyboard.  Sorry for the delayed response - was out of the office for a couple weeks.  I was able to set up a new system on 18.7.10 with the backup config before I left.  Now I'm back to try and rebuild it and test.

29

19.1 Legacy Series / Re: OPNsense 19.1 released update!

« on: January 31, 2019, 09:50:42 pm »

Can you post a backtrace with the `bt` command (without the backticks)?

@lattera at the 'db>' prompt, it seems the keyboard mapping gets all messed up.  When I hit 'b', it actually prints 'mm'. When I hit 't', it prints 'zz'.  It then seems to get all locked up and non-responsive as I try different keys.  I tried in safe mode, but same thing.  Tried a different keyboard with the same result.

30

19.1 Legacy Series / Re: OPNsense 19.1 released update!

« on: January 31, 2019, 08:04:24 pm »

Crash and Burn 
Fatal trap 12: Page fault while in kernel mode

18.7.10_3 appeared to update fine (but no reboot was required).  19.1 upgraded and would not reboot.

Running on a Dell Inspiron 3470
Screenshot attached