"Quote from: marjohn56 on July 31, 2020, 07:21:25 PM
Working fine on my system...
Did you ever get this resolved and are you running Suricata? If I disable IDS/Suricata, the graphs work...
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#31
20.7 Legacy Series / Re: Lobby Dashboard Traffic Graph and Reporting Traffic Broken after upgrade to 20.7
August 01, 2020, 01:36:25 AMDid you ever get this resolved and are you running Suricata? If I disable IDS/Suricata, the graphs work...
#32
20.7 Legacy Series / Re: Call for testing: netmap on 20.7
August 01, 2020, 01:27:40 AMQuote from: hfvk on July 31, 2020, 02:22:18 PM
Hi again,
Well, my chip seems to be chip=0x156f8086.
So, I think I'll just select one test system with this chip and see what happens. I will report you back :)
Are the following supported?
em0@pci0:1:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
em1@pci0:2:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
em2@pci0:3:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
em3@pci0:4:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
em4@pci0:5:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
em5@pci0:6:0:0: class=0x020000 card=0x00008086 chip=0x150c8086 rev=0x00 hdr=0x00
#33
20.7 Legacy Series / Re: 20.7-r1
July 25, 2020, 03:26:00 PM
Same here, have Sensei runnin on LAN however, after I upgraded to the RC Sensei packet manager would not start had to do the following:
pkg remove os-sunnyvalley-devel
pkg install os-sunnyvalley-devel
pkg install -f os-sensei
pkg remove os-sunnyvalley-devel
pkg install os-sunnyvalley-devel
pkg install -f os-sensei
#34
20.7 Legacy Series / Re: 20.7-r1
July 24, 2020, 05:26:07 PM
I assume this is the latest devel version:
OPNsense 20.7.r_13-amd64
FreeBSD 12.1-RELEASE-p7-HBSD
OpenSSL 1.1.1g 21 Apr 2020
Which is newer than 20.7-r1?
When I switch back and forth to production/development and check for upgrade I am prompted with the following:
This software release has reached its designated end of life. The next major release is: 20.7.r1
I know I should have waited until the release, but my curiosity got the best of me :)
Once released I assume I will need to do is switch back to Production releases and perform the upgrade over the RCx and move on?
Thanks
OPNsense 20.7.r_13-amd64
FreeBSD 12.1-RELEASE-p7-HBSD
OpenSSL 1.1.1g 21 Apr 2020
Which is newer than 20.7-r1?
When I switch back and forth to production/development and check for upgrade I am prompted with the following:
This software release has reached its designated end of life. The next major release is: 20.7.r1
I know I should have waited until the release, but my curiosity got the best of me :)
Once released I assume I will need to do is switch back to Production releases and perform the upgrade over the RCx and move on?
Thanks
#35
20.1 Legacy Series / Re: Why do I keep losing connectivity to my gateway? How do I troubleshoot this?
May 25, 2020, 04:06:27 AM
Sorry I don't have a resolution as I am experiencing the same issue and I can't figure out the cause. I thought maybe it was Sensei, which I disabled and the issue still occurs. The WAN interface stays up and eventually assign an IP.
scratching my head, recently switched from Untangle to OPNsense and never had this issue w/ untangle. Tomorrow I am going to change physical interface on hardware (Intel NIC) and swap ethernet cables just to make sure it isn't a physical issue.
scratching my head, recently switched from Untangle to OPNsense and never had this issue w/ untangle. Tomorrow I am going to change physical interface on hardware (Intel NIC) and swap ethernet cables just to make sure it isn't a physical issue.
#36
20.1 Legacy Series / Re: Losing Public WAN IP
May 17, 2020, 11:46:10 PM
Thanks for the reply, trying to determine the IP of the cable modem based on the logs below:
2020-05-17T12:44:38 dhclient: New IP Address (em0): 192.168.100.11
2020-05-17T12:44:38 dhclient: Removing states from old IP 'x.x.x.x' (new IP '192.168.100.11')
2020-05-17T12:44:38 dhclient: Comparing IPs: Old: x.x.x.x New: 192.168.100.11
2020-05-17T12:44:38 dhclient: Starting delete_old_states()
2020-05-17T12:44:37 dhclient[855]: DHCPACK from 192.168.100.1
2020-05-17T12:44:37 dhclient[855]: DHCPREQUEST on em0 to 255.255.255.255 port 67
2020-05-17T12:44:35 dhclient[855]: DHCPOFFER from 192.168.100.1
I assume the cable modem is 192.168.100.1?
Thanks
2020-05-17T12:44:38 dhclient: New IP Address (em0): 192.168.100.11
2020-05-17T12:44:38 dhclient: Removing states from old IP 'x.x.x.x' (new IP '192.168.100.11')
2020-05-17T12:44:38 dhclient: Comparing IPs: Old: x.x.x.x New: 192.168.100.11
2020-05-17T12:44:38 dhclient: Starting delete_old_states()
2020-05-17T12:44:37 dhclient[855]: DHCPACK from 192.168.100.1
2020-05-17T12:44:37 dhclient[855]: DHCPREQUEST on em0 to 255.255.255.255 port 67
2020-05-17T12:44:35 dhclient[855]: DHCPOFFER from 192.168.100.1
I assume the cable modem is 192.168.100.1?
Thanks
#37
20.1 Legacy Series / Losing Public WAN IP
May 17, 2020, 10:02:29 PM
For some odd reason my WAN interface, which is set for DHCP (IPv4) and IPv6 set to none will lose it's public IP and I have to restart the interface in order to obtain an public IP and of course when that occurs I lose internet connectivity.
Also, I have noticed that the WAN interface will assign itself an IP of 192.168.100.1, which is getting from my cable modem (Xfinity/comcast).
I have looked in the logs and all I see are the DHCP logs for the WAN interface. I recently moved from untangle to opnsense and never had this issue before.
TIA
Also, I have noticed that the WAN interface will assign itself an IP of 192.168.100.1, which is getting from my cable modem (Xfinity/comcast).
I have looked in the logs and all I see are the DHCP logs for the WAN interface. I recently moved from untangle to opnsense and never had this issue before.
TIA
#38
General Discussion / WAN slowness and Sensei
May 17, 2020, 03:43:17 PM
My setup consists of the following:
OPNsense 20.1.6
Corei i5 @2.5 4 cores
Average Load: .39 .48 .54
32GB RAM
~10% Utilization
WAN 600Mb connection
LAN 1Gb to Unifi USW POE switch
Sensei 1.5 Premium Edition
Sensei Config:
Default Policy
Security tab all checked.
App Control 3 blocked (Ad Tracker, ADs, and Games)
Web Controls (Ad Tracker, Adults, Advertisements, Dating, Games, Hate, Illegal Drugs, Pornography, and Warez Sites)
The issue is my speeds will drop to sub 100Mb until I restart Sensei Packet Service, once I restart Sensei my speeds are up ~650 Mb for a day or so and will eventually decrease to 100Mb.
When I restart Sensei Packet Service I assume the interfaces are bounced as well and could this be another issue w/ OPNsense I am not aware of. I assume my hardware is capable?
Any suggestions?
TIA
OPNsense 20.1.6
Corei i5 @2.5 4 cores
Average Load: .39 .48 .54
32GB RAM
~10% Utilization
WAN 600Mb connection
LAN 1Gb to Unifi USW POE switch
Sensei 1.5 Premium Edition
Sensei Config:
Default Policy
Security tab all checked.
App Control 3 blocked (Ad Tracker, ADs, and Games)
Web Controls (Ad Tracker, Adults, Advertisements, Dating, Games, Hate, Illegal Drugs, Pornography, and Warez Sites)
The issue is my speeds will drop to sub 100Mb until I restart Sensei Packet Service, once I restart Sensei my speeds are up ~650 Mb for a day or so and will eventually decrease to 100Mb.
When I restart Sensei Packet Service I assume the interfaces are bounced as well and could this be another issue w/ OPNsense I am not aware of. I assume my hardware is capable?
Any suggestions?
TIA
#39
Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering
May 09, 2020, 09:21:10 PM
Disregard, I was able to address the issue.
Installed Sensei and subscibed but stuck at "waiting for database service to come up." Any suggestions as I have tried w/ out success.
I reinstalled elasticsearch5 w/ out success.
Thanks
Installed Sensei and subscibed but stuck at "waiting for database service to come up." Any suggestions as I have tried w/ out success.
I reinstalled elasticsearch5 w/ out success.
Thanks
#40
Intrusion Detection and Prevention / Re: IDS OPNsense VM
October 07, 2019, 02:21:20 PM
All I am using are the snort categories given I have a subscription and I assume are not compatible? Below are the logs from IDS
suricata: [100156] <Warning> -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'file.msi' is checked but not set. Checked in 47593 and 1 other sigs
suricata: [100156] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt "; itype:134; icode:0; content:"|03|"; depth:1; offset:12; byte_test:1,>,4,0,relative; metadata:policy max-detect-ips drop; reference:cve,2010-0239; reference:url,technet.microsoft.com/en-us/security/bulletin/MS10-009; classtype:attempted-admin; sid:16405; rev:6;)" from file /usr/local/etc/suricata/opnsense.rules/snort_vrt.protocol-icmp.rules at line 166
suricata: [100156] <Warning> -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'file.msi' is checked but not set. Checked in 47593 and 1 other sigs
suricata: [100156] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt "; itype:134; icode:0; content:"|03|"; depth:1; offset:12; byte_test:1,>,4,0,relative; metadata:policy max-detect-ips drop; reference:cve,2010-0239; reference:url,technet.microsoft.com/en-us/security/bulletin/MS10-009; classtype:attempted-admin; sid:16405; rev:6;)" from file /usr/local/etc/suricata/opnsense.rules/snort_vrt.protocol-icmp.rules at line 166
#41
Intrusion Detection and Prevention / IDS OPNsense VM
October 07, 2019, 03:23:04 AM
Before I troubleshoot my potential issues (no alerts), is my issue that I have OPNsense running in a VM?
I have enabled several rules( trojans, malware, and icmp) and generated traffic, but noting is showing under the alerts tab.
OPNsense: 19.7.4_1-amd64
VM Environment: XCP-ng 8.0.1
I have enabled several rules( trojans, malware, and icmp) and generated traffic, but noting is showing under the alerts tab.
OPNsense: 19.7.4_1-amd64
VM Environment: XCP-ng 8.0.1
#42
19.7 Legacy Series / Install Assistance
September 28, 2019, 04:11:40 AM
NM, I read the documentation and good to go.....
I downloaded and installed the iso and configured OPNsense successfully in a VM however, I have the following message from the console:
You are currently running in LiveCD mode. A reboot will reset the configuration. SSH remote login is enabled for the users "root" and "installer" using the same password.
So my question and I may be having a senior moment, how do you go about installing OPNsense in a virtual environment avoiding the above message and issue?
I downloaded and installed the iso and configured OPNsense successfully in a VM however, I have the following message from the console:
You are currently running in LiveCD mode. A reboot will reset the configuration. SSH remote login is enabled for the users "root" and "installer" using the same password.
So my question and I may be having a senior moment, how do you go about installing OPNsense in a virtual environment avoiding the above message and issue?
