Topics

Researching at Intel 13th Gen CPUs, many of these newer CPUs have the Performance-cores (P cores) and Efficient-cores (E Cores).  The performance cores support hyperthreading.    How do I set the net.inet.rss.bits = X? 

If I have a i5-13500 Processor, which has 6 P cores and 8 E Cores.  That is 20 threads with HT or 14 w/o HT.  How should I set the RSS bits?  Thanks!

Hello,

I setup Suricata to monitor my wan interface.  I got these alerts,

Code Select Expand

2023-06-29T07:17:41.257635-0700 2011716 allowed 162.240.78.231 5060 my.wan.ip.addr 5060 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
2023-06-29T07:14:59.087306-0700 2011716 allowed 45.134.144.57 5119 my.wan.ip.addr 5060 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
2023-06-29T07:14:59.087306-0700 2008578 allowed 45.134.144.57 5119 my.wan.ip.addr 5060 ET SCAN Sipvicious Scan
2023-06-29T07:13:39.864465-0700 2011716 allowed 45.93.16.217 5128 my.wan.ip.addr 5060 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
2023-06-29T07:13:39.864465-0700 2008578 allowed 45.93.16.217 5128 my.wan.ip.addr 5060 ET SCAN Sipvicious Scan

I don't have any inbound rule which allow TCP or UDP port 5060 at all.  What is the order of operation in OPNSense?  Is the packet get inspected by IPS before firewall rule?

If the traffic is going to get deny by the firewall rule.  There is no reason to get inspected by IPS at all.

Thanks in advanced.

Hi,

My OPNsense with Suricata baremetal box stopped passing traffic for about 10 minutes, my work vpn got dropped.  I can't ping my firewall as my gateway.  I started to check on my home switch and login to the opnsense.   It started to work again.   Please let me know what logs should I start to check for the cause. 

The firewall or my local switch did not reboot itself.  I already the system -> log files -> General.  The firewall was not able to contact my network UPS server via NUT.   No DHCP message, no interface up/down messages. 

Any helps/pointers will be much appreciated.

Hi,

I am trying to setup NPTv6 for my home with my ISP which provides IPv6-PD as /56.    I am running 23.1.5_4.

WAN interface is set to DHCPv6,  it is getting the IPv6 delegated prefix. 

I am able to ping6 out to the internet already from OPNSense console.

LAN interface is set to static IPv6, with fddd:xxxx:yyyy:z::1/64.

Setup DHCPv6 for LAN,  enabled, range fddd:xxxx:yyyy:z::100 to fddd:xxxx:yyyy:z::120.


Firewall > NAT > NPTv6

Interface WAN
Internal IPv6 prefix fddd:xxxx:yyyy:z:: / 64
External IPv6 prefix left it blank.

Save.

ping6 behind the firewall, no lucky.

Firewall > Log Files > Live view

Code Select Expand

__timestamp__ 2023-04-13T16:56:32-07:00
action [binat]
anchorname
class 0x00
dir [out]
dst 2607:f8b0:4005:813::2004
flow 0x00000
hoplimit 128
interface vlan07
interface_name wan
ipversion 6
label binat rule
length 40
protoname ipv6-icmp
protonum 58
reason match
rid
rulenr 0
src fd0f:xxxx:yyyy:3::100
subrulenr


Code Select Expand

__timestamp__ 2023-04-13T17:00:40-07:00
action [pass]
anchorname
class 0x00
dir [in]
dst 2607:f8b0:4005:813::2004
flow 0x00000
hoplimit 128
interface vlan01
interface_name lan
ipversion 6
label Allow Outbound
length 40
protoname ipv6-icmp
protonum 58
reason match
rid 8a899f5fb6680084e61474ff6a9575f9
rulenr 182
src fd0f:xxxx:yyyy:3::100
subrulenr

Please help,  what am I missing?

Thanks!

Hello,

On Dashboard traffic graph widget.  I have two interfaces selected.  Both interfaces are colored in red with different shade.  Is there a way to change the selected color?  If I click on traffic graph, that brings to Reporting: Traffic, each interface has an unique color instead..

Thanks for your time...

Hi,

Since updated to 23.1 Under system: Log files: General, it shows a new log entire every 5 minutes.

2023-01-28T18:21:11-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T18:16:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T18:11:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T18:06:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T18:01:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T17:56:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T17:51:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T17:46:10-08:00   Notice   dhclient   Creating resolv.conf   
2023-01-28T17:41:10-08:00   Notice   dhclient   Creating resolv.conf

I checked the /var/db/dhcleint.leases file already. The lease is not expire every 5 minutes.  Please help..

I just double check again on /var/db/dhclient.leases file,  the option dhcp-lease-time is 600.   I am sorry to waste everyone time...

P.S.  I don't have unbound config yet.. 

I have a HP T740, I used a USB serial port to enable serial console to opnsense.  Since I upgraded to 23.1.  The serial console does not work anymore.  Please show me how to troubleshoot it.

[2/4/2023 update]   I reinstall 23.1 and restore my config.  The USB serial port on the T740 is working again...

Hi,

Upgraded from 22.7.8 to 22.7.9 and the firewall is stuck during bootup right after EFI framebuffer. 

Please help..

E

[RESOLVED]

Reinstall 22.7
setup with WAN connectivity only and upgrad to 22.7.9.
reboot and restore backup config, reload the additional packages.