Messages

I don't think it works that way - or at least I can't figure it out. From the vnstat.conf

Interface
    Default interface used when no other interface is specified on the command line. Leave empty for automatic selection. The automatic selection will prioritize the interface with most traffic for outputs doing database queries. Queries not using the database will first check if the database is available and select the interface with most traffic out those that are currently visible in the system. If no database can be read then the first available interface will be used. (vnstat and vnstati only)

So I think that only sets a default should nothing else be specified on the command line. It is set to vtnet0 by the install script and adding interfaces seems to change nothing. As I mentioned earlier this leads me to believe all interfaces are being monitored:

Code Select Expand

vnstat --dbiflist
Interfaces in database: enc0 ovpns1 pflog0 pfsync0 vtnet0 vtnet1 vtnet2 vtnet3 vtnet4 vtnet5 vtnet6 wg0 wg1 wg2 wg3

So to say this in a different way ala bug report style

Bug description: The VNStat interace drop down does not choose which interfaces to monitor. Instead it chooses interfaces to report on in the subsequent tabs with a seeming limit of 4 interfaces. Additionally, when multiple interfaces are chosen, an aggregate output is created.

Steps to reproduce: use the interface

Expected behavior: When choosing interfaces in the drop down, one would expect that this uses the equivalent of vnstat --enable/--disable in the back ground to either start or stop monitoring an interface and putting the results in the database. Then the hourly, monthly, year tabs would show an output related to the enabled interfaces on the first tab. For an example on the hourly tab, essentially recursing 'vnstat -h -i vtnet0' for each enabled interface.

So one of two things needs to happen in my mind. The plugin needs to be coded to do what I would expect to happen OR the help needs to be updated to say what the drop down actually does as the help is just wrong. I'm happy to make a pull request to clean up the help, but I figured I'd get this in the public eye in case the plugin actually isn't working as expected. My gut is it is a very simple implementation and the help is just very misleading.

Disable preempt is checked on the Backup

Uncheck this. It doesn't do what you think it does.

From the CARP man page:

Allow virtual hosts to preempt each other.  When enabled, a vhid in a backup state would preempt a master that is announcing itself with a lower advskew.  Disabled by default.

The second sentence is your issue. The backup is essentially allowed to forcibly take over from a master with that box checked. You don't want that. Leave it unchecked on both boxes and let Master be master and Backup be backup.

Were keys generated? And did you associate endpoints with the Local? Much of the WG config I can't see in your screenshots.

Change the firewall rule from "To This Firewall" to "WAN address".

Running 21.1.8 VNStat plugin 1.2_1

It seems I can only select 4 interfaces max or no statistics are listed. As soon as a I select a 5th interface, no stats are shown.

Here is example output:

Code Select Expand

vtnet3+vtnet2+vtnet1+vtnet0  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00     19.76 MiB |   16.52 MiB |   36.29 MiB |   96.48 kbit/s
     ------------------------+-------------+-------------+---------------

Then as soon as I add vtnet4 I get

Code Select Expand

Error: Not all requested interfaces found in database or given interfaces aren't unique.

If I remove vtnet3 and keep vtnet4 I am back in business.

Code Select Expand

vtnet4+vtnet2+vtnet1+vtnet0  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00     29.85 MiB |   25.44 MiB |   55.30 MiB |  143.12 kbit/s
     ------------------------+-------------+-------------+---------------


If I run iflist I get:

Code Select Expand

vnstat --iflist
Available interfaces: vtnet0 vtnet1 vtnet2 vtnet3 vtnet4 vtnet5 vtnet6 enc0 pflog0 pfsync0 ovpns1 wg0 wg1 wg2 wg3


This leads me to believe that the interfaces are seen by vnstat and plenty unique. I also recall in 21.1.7 (I think, or did I imagine this?) it broke out stats by interface where as now it appears it is showing a giant aggregate?

Then this shows stats per interface, so it seems it can collect stats per interface.

Code Select Expand

vnstat

                      rx      /      tx      /     total    /   estimated
enc0:
       Jul '21           0 B  /         0 B  /         0 B  /     --     
         today           0 B  /         0 B  /         0 B  /     --     

ovpns1:
       Jul '21           0 B  /         0 B  /         0 B  /     --     
         today           0 B  /         0 B  /         0 B  /     --     

pflog0:
       Jul '21           0 B  /    1.06 MiB  /    1.06 MiB  /     --     
         today           0 B  /    1.06 MiB  /    1.06 MiB  /     --     

pfsync0:
       Jul '21      2.05 MiB  /   10.71 MiB  /   12.76 MiB  /   15.33 MiB
         today      2.05 MiB  /   10.71 MiB  /   12.76 MiB  /   19.17 MiB

vtnet0:
       Jul '21     10.60 MiB  /   19.16 MiB  /   29.76 MiB  /   35.76 MiB
         today     10.60 MiB  /   19.16 MiB  /   29.76 MiB  /   44.73 MiB

vtnet1:
       Jul '21    208.17 KiB  /  635.98 KiB  /  844.14 KiB  /     --     
         today    208.17 KiB  /  635.98 KiB  /  844.14 KiB  /    1.24 MiB

vtnet2:
       Jul '21     15.84 MiB  /    2.97 MiB  /   18.81 MiB  /   22.99 MiB
         today     15.84 MiB  /    2.97 MiB  /   18.81 MiB  /   28.28 MiB

vtnet3:
       Jul '21           0 B  /  111.36 KiB  /  111.36 KiB  /     --     
         today           0 B  /  111.36 KiB  /  111.36 KiB  /     --     

vtnet4:
       Jul '21      7.65 MiB  /    6.72 MiB  /   14.36 MiB  /   15.33 MiB
         today      7.65 MiB  /    6.72 MiB  /   14.36 MiB  /   21.59 MiB

vtnet5:
       Jul '21      7.75 MiB  /    6.57 MiB  /   14.31 MiB  /   15.33 MiB
         today      7.75 MiB  /    6.57 MiB  /   14.31 MiB  /   21.51 MiB

vtnet6:
       Jul '21      2.12 MiB  /   10.86 MiB  /   12.98 MiB  /   15.33 MiB
         today      2.12 MiB  /   10.86 MiB  /   12.98 MiB  /   19.51 MiB

wg0:
       Jul '21    642.51 KiB  /    2.29 MiB  /    2.92 MiB  /    2.55 MiB
         today    642.51 KiB  /    2.29 MiB  /    2.92 MiB  /    4.38 MiB

wg1:
       Jul '21           0 B  /    4.69 KiB  /    4.69 KiB  /     --     
         today           0 B  /    4.69 KiB  /    4.69 KiB  /     --     

wg2:
       Jul '21      2.24 KiB  /    2.05 KiB  /    4.29 KiB  /     --     
         today      2.24 KiB  /    2.05 KiB  /    4.29 KiB  /       6 KiB

wg3:
       Jul '21           0 B  /         0 B  /         0 B  /     --     
         today           0 B  /         0 B  /         0 B  /     --   

And I can get individual stats via the CLI

Code Select Expand

root@OPNsense1:/var/log # vnstat -h -i vtnet0

vtnet0  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00     11.35 MiB |   23.50 MiB |   34.84 MiB |   81.19 kbit/s
         16:00      1.77 MiB |    2.40 MiB |    4.17 MiB |  116.51 kbit/s
     ------------------------+-------------+-------------+---------------
root@OPNsense1:/var/log # vnstat -h -i vtnet1

vtnet1  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00    214.40 KiB |  646.82 KiB |  861.21 KiB |    1.96 kbit/s
         16:00     28.98 KiB |   41.52 KiB |   70.50 KiB |    1.93 kbit/s
     ------------------------+-------------+-------------+---------------
root@OPNsense1:/var/log # vnstat -h -i vtnet2

vtnet2  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00     20.10 MiB |    3.32 MiB |   23.42 MiB |   54.56 kbit/s
         16:00      2.01 MiB |  524.48 KiB |    2.52 MiB |   70.39 kbit/s
     ------------------------+-------------+-------------+---------------
root@OPNsense1:/var/log # vnstat -h -i vtnet3

vtnet3  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00           0 B |  117.51 KiB |  117.51 KiB |      267 bit/s
         16:00           0 B |   20.10 KiB |   20.10 KiB |      548 bit/s
     ------------------------+-------------+-------------+---------------
root@OPNsense1:/var/log # vnstat -h -i vtnet4

vtnet4  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00      8.05 MiB |    7.07 MiB |   15.13 MiB |   35.25 kbit/s
         16:00      1.39 MiB |    1.22 MiB |    2.61 MiB |   72.84 kbit/s
     ------------------------+-------------+-------------+---------------
root@OPNsense1:/var/log # vnstat -h -i vtnet5

vtnet5  /  hourly

         hour        rx      |     tx      |    total    |   avg. rate
     ------------------------+-------------+-------------+---------------
     07/24/21
         15:00      8.16 MiB |    6.93 MiB |   15.08 MiB |   35.15 kbit/s
         16:00      1.44 MiB |    1.13 MiB |    2.57 MiB |   71.90 kbit/s
     ------------------------+-------------+-------------+---------------


It appears the default is to log to the syslog, but nothing seems to be in the syslog regarding vnstat.

So I don't know what to think or how to troubleshoot - nor have I seen any mention of there being a 4 interface limit.  Any thoughts?

EDIT: More thoughts...

vnstat --dbiflist shows all interfaces

Code Select Expand

vnstat --dbiflist
Interfaces in database: enc0 ovpns1 pflog0 pfsync0 vtnet0 vtnet1 vtnet2 vtnet3 vtnet4 vtnet5 vtnet6 wg0 wg1 wg2 wg3


This leads me to believe that the interface selection on the General tab is a configuration for reporting NOT a configuration on what to monitor - despite the face the help says "Set the interface to listen on.". So maybe I just don't understand how this plugin is supposed to work.

That's actually quite helpful in that it makes me want to do a pcap and dig deeper. This is going to turn out to be something stupid I've overlooked I bet.

Network plan:

Client > 16 port switch > LAN port > OPNSense > WAN port > Modem

The modem is ISP supplied CPE... an Arris something. It is set to bridge mode and the OPNSense holds the IP. There is no double NAT if that is what you were after.

Network plan wise, there isn't much to it. NAT wise, it is the default out of the box NAT. It is set to hybrid NAT for a Wireguard tunnel, but this all goes through the primary NAT through the primary gateway created out of the box. The traffic originates on the out of the box LAN too. Screenshots here: https://imgur.com/a/t7RDOun

I have several apps that fail to setup video. Audio typically works. What'sApp and FaceTime are the main offenders. Zoom seems to be fine. Has anyone had experience with this? Any fixes? This feels like a similar issue to SIP back in the day where the media portion of the call is not setting up properly as there is no proxy. But every consumer cheapo router works with these protocols, so I am sure OPNSense can as well. I'm on 21.1.8 FWIW. Thoughts?

As the title says - the Updates tab no longer gives terminal output and just spins after a 21.1.7_1 upgrade. Are others seeing this or is this just me? Otherwise it seems packages install properly - it's just that now it's a black box and the first time I got a tad worried. If it's just me, ignore me. If it's not just me, I'll get a bug report in as Git doesn't show this as a reported issue.

EDIT: Feel free to delete this thread. Firefox at it again. I saw so many issues where a FF cache clear fixed things and what do you know, I cleared the cache and everything is fine. Sigh.

I must be blind or confused or drunk... but the apply button stays put when I am now going back to make a GIF to demonstrate. Ignore me and if I can reproduce it, I'll get a GIF up.

I have several apps that seem to not be able to setup video - namely meet.google.com and WhatsApp. FaceTime works perfectly well. In sniffing around it appears that both of those apps are trying to setup a dynamic UDP port inbound via WebRTC or similar. Essentially this feels like the old VoIP and passive FTP issues of yore. Is there a STUN server one can use with OPNsense? Or is there a built in fix for this? Another fix I haven't considered?

1:1 NAT is not an option as I have all sorts of random devices connecting on the LAN side and this just needs to work dynamically.

EDIT: I should mention, this is on 21.1.4

This is an embarrassing question - but where is the apply button? If you edit a rule, a blue apply button appears. Great. If you move on to another screen it disappears and for the life on me - I can't find where there is a master apply button.

I suppose I could toggle logging on/off for a random rule to make it reappear, but that seems hacky?

Here we go...

Code Select Expand

curl -k -u "sometoken":"somekey" 'https://192.168.40.2/api/firewall/alias/toggleItem/44724741-c37e-419a-9fa2-3aad79111335'  --data-raw '{}'

"$enabled=null" in the docs simply mean to pass a null set in the --data-raw - so hopefully this helps someone somewhere.

Ooooo, that's clever. Thank you!