Messages

136

General Discussion / Re: NUT alerts through Monit?

« on: July 22, 2022, 06:34:16 pm »

Ok, finally got this to work.  Took a bit of tinkering but wasn't too bad once I got going.  I created three tests as variation of the below with on battery, low battery, and on line.  That way I get an alert on each status change.

Test -

Name: UPS on battery

Condition: content = “UPS CyberPowerUPS on battery”  **Adjust this content based on your log entry, this is just what mine is called

Action: Alert

Service -

Name: UPS_Status_Change

Type: File

Path: /var/log/system/latest.log

Tests: UPS on battery **choose any others that you created

137

General Discussion / Re: NUT alerts through Monit?

« on: July 22, 2022, 02:27:17 pm »

You can trigger an alert, Copy the log and write a rule to monitor within monit like the Suricata example of the docs

Yea the Suricata example is actually my contribution to the doc I was just lazy and hoping someone had already figured it out to save me digging around in the logs. I'll figure it out this weekend and post up my results.

138

General Discussion / NUT alerts through Monit?

« on: July 22, 2022, 04:57:27 am »

Anyone know how to get monit to monitor and alert on NUT alerts such as on battery, low battery, and shutdown?

139

22.1 Legacy Series / Re: With "Less Secure" depreciated for gmail, how are you getting notifications?

« on: July 22, 2022, 01:27:30 am »

Can't you just setup an 'app specific password'?

https://support.google.com/mail/answer/185833?hl=en-GB

I assume mine is still working, port 465, SSL enabled, etc, as of 5 days ago:

Thank you that worked, I thought the option no longer existed because I didn't see it.  You have to enable 2FA before the option is available.  Enabled 2FA for my alert account, setup app password, alerts are working again.  Thanks for the help. 

140

22.1 Legacy Series / Re: With "Less Secure" depreciated for gmail, how are you getting notifications?

« on: July 21, 2022, 03:36:04 pm »

An email provider that supports SMTP plain text auth over TLS?

Correct, wasn't sure what providers others were using. 

141

22.1 Legacy Series / With "Less Secure" depreciated for gmail, how are you getting notifications?

« on: July 21, 2022, 03:24:20 pm »

I use a gmail account for all of my notifications monit, zenarmor, etc.  However when google depreciated the "Less Secure" access in favor of OAUTH I'm not longer getting notifications and haven't seen much talk on adding OAUTH support.  Assuming this might be up to the maintainers of each plugin/application.  Curious what others use for notifications?   

142

Zenarmor (Sensei) / Requests to buy premium, but have premium.

« on: July 08, 2022, 12:25:07 am »

Not sure what triggers it I think it's every update.  I get a banner to upgrade to premium and connect to cloud which I have both.  Was curious if I could request a check to prevent this banner?  It's a small ask, but would help me not worry my subscription has lapsed or something each time.  Thanks for your help.

143

Zenarmor (Sensei) / Re: Request for Feedback: Help us decide Zenarmor's next UI on OPNsense

« on: June 17, 2022, 08:04:56 pm »

Provided my feedback hope it is useful.   

144

Zenarmor (Sensei) / Gmail notifications and OAUTH support

« on: June 08, 2022, 02:28:07 pm »

On May 30th Google disabled the use of "less secure apps", in favor of the more secure OAUTH 2.0.  Looks like this change has broken my ability to send Gmail notfications.  Are there any plans to add in OAUTH support in to Zenarmor? 

145

22.1 Legacy Series / Re: Multi Wan, dpinger, failback stability

« on: May 23, 2022, 07:56:32 pm »

You can request enhancements and report bugs here https://github.com/opnsense/core/issues/new?assignees=&labels=&template=feature_request.md&title=

146

22.1 Legacy Series / Re: [22.1.6] DHCP leases not registered in Unbound

« on: May 08, 2022, 06:17:06 pm »

I've messed with this some, I initially thought maybe this was just due to one of the lists being bad, but enabling one list at a time I can't reproduce the issue.  So I'm now starting to think unbound is reaching some max file size issue or something with the block list or some type of timeout parsing a large file.  After adding a few larger lists the service won't continue to run, but just one larger list say Adguard List, the service runs without issue.

The quick fix is to reduce the number of blocklists that are enabled.  Not sure what the longer term is, not sure if this is a bug or by design, maybe for performance reasons there is a cap on the number of blocks in the blocklist?

Also adding monitoring in monit so I'll know if the python script process dies.

147

22.1 Legacy Series / Re: [22.1.6] DHCP leases not registered in Unbound

« on: May 08, 2022, 05:38:32 pm »

I can confirm the watcher script doesn't appear to be running

Code: [Select]

ps aux | grep unbound
unbound       15633   0.0  3.8  389068  309596  -  Ss   02:00       0:42.63 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
root          20113   0.0  0.0   12740    1964  0  S+   11:31       0:00.00 grep unbound

I can confirm that disabling blacklists in unbound indeed allows the watcher service to start and run

Code: [Select]

ps aux | grep unbound
root           6264   0.0  0.2   25880   14568  -  Ss   11:34       0:00.31 /usr/local/bin/python3 /usr/local/opnsense/scripts/dns/unbound_dhcpd.py --domain techservtn.com (python3.8)
unbound        8438   0.0  0.5  110412   42400  -  Ss   11:34       0:00.11 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
root          41524   0.0  0.0   12740    1964  0  S+   11:34       0:00.00 grep unbound

I'm running on a i3-9300 and 8gigs of ram and an SSD.  I shouldn't be hardware constrained at all.  So maybe one of the blocklists is the problem?  I only have 5 block lists enabled. 

148

22.1 Legacy Series / Re: [22.1.6] DHCP leases not registered in Unbound

« on: May 07, 2022, 01:30:39 pm »

@franco is there anything else I can do to help identify and resolve this?  Devices that I don't keep online all the time are frustrating as they seem to need a firewall reboot to be resolvable via DNS. 

149

22.1 Legacy Series / Re: [22.1.6] DHCP leases not registered in Unbound

« on: April 21, 2022, 12:11:55 am »

Another follow up, rebooted the firewall this afternoon and the missing entry is now in DNS.  So something is different between a reboot and a service restart. 

150

22.1 Legacy Series / Re: [22.1.6] DHCP leases not registered in Unbound

« on: April 20, 2022, 08:09:05 pm »

I don't know if this is related, but thought it was to note since you mentioned a python script.  If I run a health check I show the following missing dependencies.

Code: [Select]

Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0