"
Tested. Don't seem to appear as truncated. Perhaps its a browser thing??
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
15.7 Legacy Series / Re: Installation issues 15.7.11
November 02, 2015, 08:17:43 AM
Change your controller type to IDE in Bios if its set to AHCI. That particular AMD controller does that. It will fix the problem when you do. Please revert back.
#3
15.7 Legacy Series / Re: USB Installer img dd problem
October 24, 2015, 08:02:02 PM
Hello plip,
If you happen to have a Windows PC then the easiest way to do it is use http://sourceforge.net/projects/win32diskimager/ . Simply select your flash drive as the target and flash it.
Have a good day.
If you happen to have a Windows PC then the easiest way to do it is use http://sourceforge.net/projects/win32diskimager/ . Simply select your flash drive as the target and flash it.
Have a good day.
#4
15.7 Legacy Series / Re: openvpn, site 2 site, can't change interface
October 23, 2015, 10:34:32 PMQuote from: franco on October 23, 2015, 05:49:55 PM
You can fix this locally by running the following in the OPNsense root shell (probably SSH, that URL is tedious):
# cd /usr/local/www
# fetch https://raw.githubusercontent.com/opnsense/core/99d09800acd7dac6559fc4f213097ab755f12279/src/www/vpn_openvpn_server.php
Will be part of 15.7.18 next week.
What changed franco ? A bug that i missed?
#5
15.7 Legacy Series / Re: Routing Help
October 23, 2015, 10:33:14 PMQuote from: avengineering on October 23, 2015, 08:33:33 PM
Yes,
the firewall is open and all is allowed
Ok. Thank you. Just for a small test, can you disable all types of SPI / firewall on your Fritzbox too? Or perhaps add your client IP 10.40.1.x/32 as a DMZ host on Fritz?
Just trying to give options here.
#6
15.7 Legacy Series / Re: [SOLVED] dhcpd fails to start after first reboot on fresh install.
October 23, 2015, 06:03:31 PM
Hey mate! Good to see you back in action again. 8) You did explain everything and i found that rc.recover workaround before touching the forum. But that is awesome to see the commits being pushed before and still going on. I will check the commits i details.
thanks again.
thanks again.
#7
15.7 Legacy Series / Re: Routing Help
October 23, 2015, 05:59:57 PM
Hi,
Did you add an allow rule for the firewall and also allowed private networks to access ?
Did you add an allow rule for the firewall and also allowed private networks to access ?
#8
15.7 Legacy Series / Re: DDoS Migitation Level
October 22, 2015, 08:24:17 PM
Thanks for your advise but that is not an option to switch over to something else completely if a small bug/feature becomes an issue. What we can do is try to optimize it and fix the issue (if any) . The website www.calomel.org has pretty nice DDoS mitigation info and i am doing a rebuild of the NanoBSD alongwith other tweaks to handle DDoS better.
#9
15.7 Legacy Series / Re: dhcpd fails to start after first reboot on fresh install.
October 22, 2015, 04:55:37 PM
Hi,
I am using my own builds of 15.7.1 but the issue persists in the source for nanobsd images. There is no such error on CDROM installs. And i dont think that it is an old issue that hasn't been fixed. The dhcp issue mentioned in the startup were related to the upgrades from lower to 15.7.1. I found the problem so i have to rebuild the images from source. Since I am using custom build kernel with custom drivers, i am not hooked up with opnsense updates at all so if anything, i have to do everything at my end. I am just hoping that franco is around to tell me if any other file is linked with the dhcpd config else the image builds will get messed up.
The temp issue is to disable the RD , reboot and re-enable the RD with a slight increase from 40-60 to 64-80Mb respectively. But i would like to get to the bottom of this and make it a permanent fix.
Issue
-----------
group and user is _dhcp not dhcpd
/usr/local/sbin/dhcpd -user _dhcp -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1
root@amd64builds:~ # /usr/local/sbin/dhcpd -user _dhcp -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1
Internet Systems Consortium DHCP Server 4.2.8
Copyright 2004-2015 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
lease 192.168.1.100: no subnet.
lease 192.168.1.100: no subnet.
Wrote 0 leases to leases file.
Multiple interfaces match the same subnet: em0 em1
Multiple interfaces match the same shared network: em0 em1
Listening on BPF/em1/08:00:27:fd:bf:05/192.168.0.0/16
Sending on BPF/em1/08:00:27:fd:bf:05/192.168.0.0/16
Sending on Socket/fallback/fallback-net
I am confused about the NanoBSD builds. Its the same compile and build structure for both except the last stage of packaging is different for images. So why is this mismatch of group/ user for just the nano images?? :|
franco , can you show me the git commit for this issue?
EDIT: Commits and history for this issue is below in franco's post.
I am using my own builds of 15.7.1 but the issue persists in the source for nanobsd images. There is no such error on CDROM installs. And i dont think that it is an old issue that hasn't been fixed. The dhcp issue mentioned in the startup were related to the upgrades from lower to 15.7.1. I found the problem so i have to rebuild the images from source. Since I am using custom build kernel with custom drivers, i am not hooked up with opnsense updates at all so if anything, i have to do everything at my end. I am just hoping that franco is around to tell me if any other file is linked with the dhcpd config else the image builds will get messed up.
The temp issue is to disable the RD , reboot and re-enable the RD with a slight increase from 40-60 to 64-80Mb respectively. But i would like to get to the bottom of this and make it a permanent fix.
Issue
-----------
group and user is _dhcp not dhcpd
/usr/local/sbin/dhcpd -user _dhcp -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1
root@amd64builds:~ # /usr/local/sbin/dhcpd -user _dhcp -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1
Internet Systems Consortium DHCP Server 4.2.8
Copyright 2004-2015 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
lease 192.168.1.100: no subnet.
lease 192.168.1.100: no subnet.
Wrote 0 leases to leases file.
Multiple interfaces match the same subnet: em0 em1
Multiple interfaces match the same shared network: em0 em1
Listening on BPF/em1/08:00:27:fd:bf:05/192.168.0.0/16
Sending on BPF/em1/08:00:27:fd:bf:05/192.168.0.0/16
Sending on Socket/fallback/fallback-net
I am confused about the NanoBSD builds. Its the same compile and build structure for both except the last stage of packaging is different for images. So why is this mismatch of group/ user for just the nano images?? :|
franco , can you show me the git commit for this issue?
EDIT: Commits and history for this issue is below in franco's post.
#10
15.7 Legacy Series / [SOLVED] dhcpd fails to start after first reboot on fresh install.
October 22, 2015, 01:06:22 PM
dhcpd runs ok at install. Once rebooted, this happens. No changes made on a stock fresh install except IP configurations.
Here is the error:
/status_services.php: The command '/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.2.8 Copyright 2004-2015 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ no such user: dhcpd If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-bugs at isc.org mailing list, please read the section on the README about submitting bug reports and requests for help. Please do not under any circumstances send requests for help directly to the authors of this software - please send them to the appropriate mailing list as described in the README file. exiting.'
opnsense: /status_services.php: The command '/bin/sh /tmp/dhcpd.sh' returned exit code '1', the output was 'chown: dhcpd: illegal group name' .
The group should exist right? No change was made to the custom image build for dhcpd.
Any ideas? Its NanoBSD image.
Here is the error:
/status_services.php: The command '/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid em1' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.2.8 Copyright 2004-2015 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ no such user: dhcpd If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-bugs at isc.org mailing list, please read the section on the README about submitting bug reports and requests for help. Please do not under any circumstances send requests for help directly to the authors of this software - please send them to the appropriate mailing list as described in the README file. exiting.'
opnsense: /status_services.php: The command '/bin/sh /tmp/dhcpd.sh' returned exit code '1', the output was 'chown: dhcpd: illegal group name' .
The group should exist right? No change was made to the custom image build for dhcpd.
Any ideas? Its NanoBSD image.
#11
15.7 Legacy Series / Re: DDoS Migitation Level
October 21, 2015, 09:56:35 PM
Thank you for your reply. The basic DoS features are pretty good but DDoS is 100x more flow of wanted DoS traffic. The defaults from FreeBSD don't actually handle normal DDoS so im pretty sure that higher level DDoS attacks will kill the default installs. Its not about OPNSense being more vulnerable to DDoS attacks but the aggressive turntables needed to prevent them.
#12
15.7 Legacy Series / Re: VPN ipsec trunk
October 20, 2015, 10:51:13 AM
Anything is almost possible. Its just that things work differently and instead of one click / step, you end up setting up 2 or 3 things for that.
#13
15.7 Legacy Series / Re: Captive Portal - Redirecting from HTTPS stucks
October 20, 2015, 10:50:16 AM
Was your proxy running in transparent mode when this happened?
Quote from: AdSchellevis on October 15, 2015, 01:31:36 PM
Hi Holger,
It's very likely a bug, we're in the process of completely rewriting captive portal because of various issues and the current quality of the code behind it.
Soon we will release development packages with the new code in it.
Cheers,
Ad
#14
15.7 Legacy Series / Re: WAN gateway on different network
October 20, 2015, 10:48:31 AM
Hello,
The easiest way to do and check it to add a Static route from "System" tab. Then you can create a firewall rule for the Virtual IP created and test an access from the outside through OPNSense VMachine. Now it happens that private networks are blocked so you need to disable "block private networks" option for testing purposes. Just a suggestion. I hope it helps.
The easiest way to do and check it to add a Static route from "System" tab. Then you can create a firewall rule for the Virtual IP created and test an access from the outside through OPNSense VMachine. Now it happens that private networks are blocked so you need to disable "block private networks" option for testing purposes. Just a suggestion. I hope it helps.
#15
15.7 Legacy Series / Re: Is Pfsense BUG (Limiters + HA) present also in OPNsense?
October 20, 2015, 10:43:15 AM
I verified it and the limiter worked.
