Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - almodovaris

#1
General Discussion / Google Drive
March 14, 2025, 03:24:00 PM
The announcement for 25.1.3 says Google Drive will be phased out. Could you provide a source for it?
#2
Zenarmor (Sensei) / 24.7.r1
July 16, 2024, 05:57:33 PM
I have installed OPNsense 24.7.r1. It seems there's no Zenarmor build for it.
#3
No data displayed on https://dash.zenarmor.com/firewalls/ i.e. no reports and no connections diplayed.

Yup, I have the December 21 version of Zenarmor, not its December 18 version.

I have already sent the logs and screenshot to support.
#4
Zenarmor (Sensei) / Cannot update Zenarmor
October 17, 2023, 09:39:18 AM
Updating SunnyValley repository catalogue...
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/23.7/latest/meta.txz: Forbidden
repository SunnyValley has no meta file, using default settings
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/23.7/latest/packagesite.pkg: Forbidden
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/23.7/latest/packagesite.txz: Forbidden
Unable to update repository SunnyValley
#5
Zenarmor (Sensei) / Vulnerabilities
October 12, 2023, 12:52:04 AM
libX11 is vulnerable. curl is also vulnerable.
#6
Zenarmor (Sensei) / Installing Zenarmor fails
October 02, 2023, 09:18:02 AM
Installing Zenarmor 1.15.1 failed on two different machines. Solution? Try until it succeeds (it may require up to 30 times). It got stuck at computing machine suitability for Zenarmor (computing CPU score and RAM size). The message was network error or network access broken. And it is true that sometimes the http daemon (i.e. the GUI) died on those machines. I don't know what caused it, it no longer seems to happen.

Hardware: Minisforum UN100C (Venus series) 16 GB RAM and 512 GB SSD.
#7
Zenarmor (Sensei) / High CPU usage by agent
September 22, 2023, 07:07:06 PM
See pics.

#8
Zenarmor (Sensei) / Activation key not found
June 05, 2023, 10:18:08 PM
Upon reinstall, Zenarmor tells me the activation key is not found. But dash.zenarmor.com shows that it is a valid key.
#9
Zenarmor (Sensei) / Cannot reinstall
June 05, 2023, 09:39:02 PM

root@OPNsense:/usr/local/etc/pkg/repos # pkg install -fy os-sensei os-sensei-updater os-sensei-agent
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating SunnyValley repository catalogue...
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/meta.txz: Not Found
repository SunnyValley has no meta file, using default settings
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/packagesite.pkg: Not Found
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/23.1/OpenSSL/latest/packagesite.txz: Not Found
Unable to update repository SunnyValley
Updating mimugmail repository catalogue...
mimugmail repository is up to date.
Error updating repositories!
pkg: Repository SunnyValley cannot be opened. 'pkg update' required
pkg: No packages available to install matching 'os-sensei' have been found in the repositories
pkg: No packages available to install matching 'os-sensei-agent' have been found in the repositories
#10
I have installed the blocking website node-ca.crt . But neither Chrome nor Firefox are fooled by it. I tried on both Windows (where the antivirus may play with the certificates) as well as upon Linux. Yup, I have installed the CA twice, once in the operating system, and once in Firefox, then I have rebooted and tested this.
#11
23.1 Legacy Series / OpenVPN fails in 23.1.7
May 04, 2023, 02:54:06 PM

/usr/local/etc/rc.d/openvpn: WARNING: /usr/local/etc/openvpn/openvpn.conf is not readable.
/usr/local/etc/rc.d/openvpn: WARNING: failed precmd routine for openvpn
#12
23.1 Legacy Series / dhcpd practically dead
April 17, 2023, 05:09:23 AM
I have:

/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid igb1 igb2 em0

My LAN is igb3.

/etc/dhcpd.conf and /var/run/dhcpd.pid are nonexistent.

ls /var/dhcpd does not seem to make sense.

I do run Zenarmor. And I have used opnsense-bootstrap recently. Kernel is kernel-23.1.5-netmap2.
#13
23.1 Legacy Series / ddclient-devel is broken
January 22, 2023, 08:05:53 PM
It says:


Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4                                                                                                                                                                                                                                             105.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4                                                                                                                                                                                                                                             107.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4                                                                                                                                                                                                                                             108.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 216                                                                                                                                                                                                                                             3.
SUCCESS:  updating : good: IP address set to xx.xx.xxx.xx
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4                                                                                                                                                                                                                                             105.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 216                                                                                                                                                                                                                                             3.
FAILED:   updating : unexpected status (0)
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
FAILED:    was not updated because protocol <undefined> is not supported.


Reverting to stable ddclient (ddclient-3.9.1.pkg) solves the problem (but you should backup the folder /usr/local/opnsense/scripts/ddclient beforehand and then restore it).
#14
22.7 Legacy Series / force LAN IPv6 suffix
December 19, 2022, 11:40:06 PM
I have the LAN have a v6/t6 (track WAN) IPv6 address. It has /62 suffix.

How do I force a /64 suffix for LAN only? I want to keep the track WAN option.
#15
Zenarmor (Sensei) / Mangles local hosts resolution
December 09, 2022, 07:49:40 PM
Eastpect redirects all DNS resolutions of local hosts to 100.2.3.4. E.g., instead of 192.168.1.2 or 192.168.1.3 I get 100.2.3.4 for every local host.
#16
Zenarmor (Sensei) / Memory usage
November 14, 2022, 02:22:13 PM
On my APU2 (4 GB RAM), 93% of memory are used, and 2% of 8 GB swap are used.
#17
Zenarmor (Sensei) / TLS blocking page
October 28, 2022, 05:22:30 AM
I have enabled TLS blocking page (beta). How do I trust its certificate upon client PCs?

The certificate from /usr/local/opnsense/www/devServer/ says it's for localhost.

Also tried the certificates from /usr/local/sensei/cert/

I have found something about it at https://stackoverflow.com/questions/59738140/why-is-firefox-not-trusting-my-self-signed-certificate
#18
Zenarmor (Sensei) / Whitelist problems
July 28, 2022, 04:30:26 AM
Zenarmor 1.11.4 no longer honors the whitelist.

That is to dns11.quad9.net and cloudflare-dns.com port 853.
#19
Zenarmor (Sensei) / Loss of LAN connectivity
July 01, 2022, 06:06:59 AM
976.452223 [1139] generic_netmap_attach     Emulated adapter for igb1 created (prev was NULL)
976.452269 [1044] generic_netmap_dtor       Emulated netmap adapter for igb1 destroyed
976.633263 [1139] generic_netmap_attach     Emulated adapter for igb1 created (prev was NULL)
976.722312 [ 320] generic_netmap_register   Emulated adapter for igb1 activated
#20
22.1 Legacy Series / Automatic OpenDNS
March 25, 2022, 10:19:19 AM
I want to check if this makes sense:

In Services / OpenDNS I have:

Filter DNS requests using OpenDNS : check
Do not alter system DNS server settings: check
Username <censored>
Password <censored>
Network <censored>

Test result    good

# cat /etc/resolv.conf
domain locallandomain
nameserver 127.0.0.1
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 208.67.222.220
nameserver 208.67.220.222
search locallandomain

In Services / Unbound DNS /  DNS over TLS I have:

each of those four IPs
port 853
dns.opendns.com

Does it make sense? I.e. DoT to OpenDNS. Do I need a firewall rule to filter DNS calls or it does that automatically?

In Firewall: Diagnostics: Statistics / rules there is nothing with port 53, nothing with DNS, and nothing with domain.