1
22.1 Legacy Series / Re: No GUI and no Lan access
« on: March 27, 2023, 10:20:32 pm »...
And LAN is the first interface and LAN is the second, not the other way round.
....
***cough***
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
***cough***
2
General Discussion / Re: Firewall pass rules don't work
« on: March 27, 2023, 12:04:20 pm »
This is all so wrong that even the opposite is not correct... start from scratch with search terms "stateful firewall", "in" and "out" for sense fw rules etc. pp....
3
General Discussion / Re: IPsec: UDP packets do not find their way back to the socket
« on: March 27, 2023, 09:02:13 am »I remember a problem with udp fragments and radius EAP over the tunnel. Really strange problem
IPSEC-only? Or even openVPN/WG?
4
General Discussion / Re: Firewall pass rules don't work
« on: March 26, 2023, 05:27:48 pm »
Is the PASS rule above the BLOCK ALL rule? Show a screen shot of the Interface + rules...
5
German - Deutsch / Re: Opnsense irgendwie nutzlos ... Firewall filtert nicht
« on: March 26, 2023, 11:43:23 am »
Grundsätzlich klären:
- Welche Regeln gehören auf welches Interface
- Was ist "in", was ist "out" bei den Regeln
- Was ist eine "stateful" firewall.
Dann nachdenken, nacharbeiten, funktioniert....
- Welche Regeln gehören auf welches Interface
- Was ist "in", was ist "out" bei den Regeln
- Was ist eine "stateful" firewall.
Dann nachdenken, nacharbeiten, funktioniert....
6
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 24, 2023, 04:21:49 pm »
So no discussion means.... no discussion?
Could we figure out an amount of money needed to be raised by the community to keep dynDNS updates via OPNsense functional 23.7 and beyond?
There is not that much time left to come up with a solution, I guess...
Could we figure out an amount of money needed to be raised by the community to keep dynDNS updates via OPNsense functional 23.7 and beyond?
There is not that much time left to come up with a solution, I guess...
7
23.1 Production Series / Re: "DEVD: Ethernet detached event for" for igbx intefaces
« on: March 24, 2023, 10:05:47 am »
Log has events from time to time, without any user interference (no changes in config at these times, no nothing)
on various interfaces. Suricata IPS running. This is a bug in netmap, not expected behaviour, but to rare/not reproducible to debug, imho...
Code: [Select]
2023-03-21T09:18:20 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt3(igb1)
2023-03-21T08:24:40 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt3(igb1)
2023-03-21T08:24:38 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt3(igb1)
2023-03-21T08:23:46 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt3(igb1)
2023-03-21T08:23:44 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt3(igb1)
2023-03-21T03:46:35 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt3(igb1)
2023-03-20T18:32:38 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt3(igb1)
2023-03-20T18:24:02 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt3(igb1)
2023-03-12T11:41:06 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static lan(em1)
2023-03-12T11:41:03 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt1(em0)
2023-03-12T11:41:01 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt2(igb0)
2023-03-12T11:40:59 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static lan(em1)
2023-03-12T11:40:58 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt1(em0)
2023-03-12T11:40:57 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt2(igb0)
2023-03-12T11:38:39 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt1(em0)
2023-03-12T11:38:38 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static lan(em1)
2023-03-12T11:38:37 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt2(igb0)
2023-03-12T11:38:36 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt1(em0)
2023-03-12T11:38:36 Error opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static lan(em1)on various interfaces. Suricata IPS running. This is a bug in netmap, not expected behaviour, but to rare/not reproducible to debug, imho...
8
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 22, 2023, 03:10:05 pm »
@franco, what would be a viable way forward to keep dynDNS functional in 23.7 and beyond?
No question there is a significant number of users vitally relying on this feature as can be seen from the plethora of posts and threads on this topic since the discontinuation of the "legacy" plugin has been announced. Let's start the discussion early, as 23.7 not far away...
No question there is a significant number of users vitally relying on this feature as can be seen from the plethora of posts and threads on this topic since the discontinuation of the "legacy" plugin has been announced. Let's start the discussion early, as 23.7 not far away...
9
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 22, 2023, 12:31:35 pm »
Again: I'm a user, not a coder...
10
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 22, 2023, 11:54:23 am »
To sum up the current situation with dynDNS in OPNsense:
- Old plugin is "legacy" (although working) and will be discontiuned with 23.7.
- "New" plugin is discontinued by developer, no help in sight. Bugs since 23.1 spam some dyndns provider with unnecessary updates every 5 min.
- New OPNsense (python) script can't be started from GUI, currently.
This is not very positive overall, to say the least...
- Old plugin is "legacy" (although working) and will be discontiuned with 23.7.
- "New" plugin is discontinued by developer, no help in sight. Bugs since 23.1 spam some dyndns provider with unnecessary updates every 5 min.
- New OPNsense (python) script can't be started from GUI, currently.
This is not very positive overall, to say the least...
11
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 21, 2023, 04:44:04 pm »
Is it possible to lock ddclient on a 22.7.11 before upgrading to 23.1 or will an upgrade remove all package locks?
12
23.1 Production Series / Re: WireGuard speed
« on: March 21, 2023, 04:36:42 pm »
@deajan, WG adds some overhead to the frame, so using 1420+WG will result in fragmentation, I guess...
13
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 21, 2023, 02:38:48 pm »
... I switched the ddclient to 1.9_2 with the commands outlined above, hope that stops the 5 min interval update attempts at SPdyn...
14
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 21, 2023, 02:10:16 pm »
I had a look at this ddns.cache file (while switched to ddclient):
The entry for spdyn shows no ip=... and mtime=0 while for other dyndns providers the correct IP and a non-zero mtime is shown.
But trying to edit the file with nano is not possible, everything is full of artefacts when trying to enter text. Is nano broken? or my serial console with minicom (2.8, opensuse tumbleweed)?
The entry for spdyn shows no ip=... and mtime=0 while for other dyndns providers the correct IP and a non-zero mtime is shown.
But trying to edit the file with nano is not possible, everything is full of artefacts when trying to enter text. Is nano broken? or my serial console with minicom (2.8, opensuse tumbleweed)?
15
23.1 Production Series / Re: Legacy DDNS retiring without a replacement for URL callbacks?
« on: March 21, 2023, 01:47:11 pm »Code: [Select]
cat /var/tmp/ddclient_opn.statusis always empty, but adding a "." or "1" with nano doesn't help, after switching to OPNsense as backend it's always empty again (same error in log). Editing the file after switching to backend OPNsense results in no new log entries ("debug" level) and apparently triggers no IP updates to DYNDNS services.
Deleting
"/var/tmp/ddclient.cache"
(alone or in combination with /var/tmp/ddclient_opn.status) doesn't help either, as recommended here
https://github.com/opnsense/plugins/issues/3344
by sfdementor.
The commands to downgrade affects all plugins? I don't see any reference to ddclient in the commands?!?