Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - tong2x

#16
2 DNS server needs 2 different ports
unbound 53
dnsmas 54(assuming unused)

then you create rule in your firewall in one of your lan segment 2
1) to accept port 54
2) a port forward lan segment 2 address dns to firewall port 54

you run 2 dns server on different port, 1 of your lan segment will then portforward dns query to your secondary dns server.
this works as I am doing it, 1 dns for local lan and 1 dns for wifi

you can run 2 dns on same firewal using the same port
#17
24.1, 24.4 Legacy Series / Re: Unbound wont start
May 03, 2024, 12:36:01 PM
QuoteThis utility will attempt to turn this installation into the latest
OPNsense 24.1 release.  All packages will be deleted, the base
system and kernel will be replaced, and if all went well the system
will automatically reboot.

Proceed with this action? [y/N]: y
fetch: https://github.com/opnsense/core/archive/stable/24.1.tar.gz: Address family for host not supported

file can be downloaded manually but in console throws an error
#18
24.1, 24.4 Legacy Series / Re: Unbound wont start
May 03, 2024, 10:10:47 AM
Quoteroot@OPNsense:~ # sh -x /usr/local/opnsense/scripts/unbound/check.sh
sh: cannot open /usr/local/opnsense/scripts/unbound/check.sh: No such file or directory
root@OPNsense:~ #

I would have to agree...
possible to remove or uninstall or to force install all required files?
reinstalling does not reinstall necessary files?
#19
24.1, 24.4 Legacy Series / Re: Unbound wont start
May 03, 2024, 09:33:24 AM
Quoteroot@OPNsense:~ # configctl unbound check
Execute error
root@OPNsense:~ #

this happen suddendly that we lost internet, partially to 1 of our LAN segment.
after we restored that unbound seem to not start anymore, and throws that error in sa logs
#20
24.1, 24.4 Legacy Series / Unbound wont start
May 03, 2024, 07:16:25 AM
I tried to reinstall unbound to no avail, tried reintalling multiple times

OPNsense 24.1.6-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13


log error

2024-05-03T12:56:44   Error   configd.py   [92dc6ee1-e33b-4f22-958a-c0fee242834f] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.
2024-05-03T12:56:39   Error   configd.py   [c9d4e09c-4f10-40af-8778-94dc3845dc4b] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.
#21
possible to be able to select which connection? to test?
#22
23.1 Legacy Series / Re: When to use Multi-WAN?
July 03, 2023, 04:46:59 PM
you could but ithink, what you describe is a bit to complex, for a dual wan. you need a lot of rules but for basic internet access for generic connection or HTTP... dual wan would generally work for your case.
(you need to setup the rules for you bussiness wan and residential wan to be allowed redirected first before going for the last dualwan gateway
#23
you could instead write what you are trying to add
#24
General Discussion / Re: A fork of opnsense?
April 06, 2023, 07:52:06 AM
looks similar...
#25
Quote from: OzziGoblin on February 19, 2023, 05:15:56 AM
Hi, Please forgive me, I'm new to OpnSense and this forum

I'm hoping someone can help me as I'm unable to find a solution to this.
I have a network configured with multiple subnets and vlans and the admin web gui is accessible from all the default gateways.

Is there anyway to prevent this?

thanks

you need to add a firewall rule to block access to your firewall
ex. guestnet
block, interface guestnet, source any, destination this firewall/guestnet address, port 80/http

for each interface ithink you need to, except your main lan
#26
23.1 Legacy Series / Re: OPNsense 23.1.1 Captive Portal
February 17, 2023, 01:14:42 PM
QuoteA hotfix release was issued as 23.1.1_2:

captive portal: remove mod_evasion use which was discontinued by lighttpd
unbound: wait for pipe in logger (contributed by kulikov-a)

updated, captive portal is back and working

thank you!
#27
23.1 Legacy Series / Re: Shaper pipes status page
February 17, 2023, 02:40:26 AM
i think it will be removed on its own...
sort of delayed
at least that is in may case when I make changes to mine
#28
General Discussion / Re: Unbound DNS Safe Search
February 17, 2023, 02:38:37 AM
nice thank you
now trying in 23.1.1
#29
23.1 Legacy Series / OPNsense 23.1.1 Captive Portal
February 16, 2023, 07:11:14 AM
OPNsense 23.1.1-amd64

anyone having issues with captive portal after upgrade?
there was no obvious change to firewall settings but hen connecting
the portal does not show up, the dns is up and if portal is disable there is internet
firewall rules for portal is set up and has not been changed

captive portal seems running

connecting to the captive portal does not show the portal itself

I have already tried removing and recreating the zone to no avail
#30
you want your gateway to be empty?
and just blank?

when you enter "none" opnsense still assigns a gateway to your client machine?