Messages

1

20.7 Production Series / Softflow Support

« on: January 12, 2021, 09:18:22 am »

For operational reasons I would like to install a softflow deamon on the opnsense server.
Is this possible.
If not has anybody any experience with converting netflow into softflow.
Thanks
Aimee

Update sorted.

2

20.7 Production Series / Feature Request: NUT netserver mode

« on: November 09, 2020, 06:21:41 pm »

As opnsense is on 24/7, and is on a UPS capable of supporting more server's, it would be helpful to make netserver option available to inform other NUT netclient's that the power is failing, and to initiate a shutdown.

Netserver Mode is essentially identical to Standalone Mode but with the additional benefit of offering NUT services to other machines on the network by way of those machines running NUT client software

3

20.7 Production Series / Re: Sensei Scheduled reports FAIL

« on: September 09, 2020, 07:43:11 pm »

Mon port standard 25 aucune configuration d'authentification a récemment échoué sans raison apparente
Votre configuration de messagerie n'est pas valide! [/ b]

Réponse: Smtp: l'extension AUTH SMTP non prise en charge par le serveur.

Aucun autre e-mail provenant d'autres serveurs n'a rencontré de problème.
Ramener sensei au point où il a fonctionné n'a pas résolu le problème.
Rétablir l'opnsense au moment où cela fonctionnait n'a pas résolu le problème.

La base de données est mongodb.

Je voudrais savoir comment configurer l'e-mail de sensei en utilisant smtps ou starttls où le serveur de messagerie est local, c'est-à-dire un certificat auto-signé.

Cette déclaration est inutile.
Veuillez noter que le support des billets pour les éditions free / home / soho est gratuit à partir de maintenant et que les billets sont traités en priorité. Surtout avec les rapports de bogues, nous prenons cela très au sérieux, mais cela peut prendre un certain temps pour revenir. [/ I] [/ b]

car les utilisateurs non payants donnent au fournisseur un avertissement précoce sur les problèmes, gratuitement.
Notre temps coûte.

Anglais

My standard port 25 no authentication setup has recently failed for no apparent reason
Your mail configuration is invalid!

Response: Smtp :SMTP AUTH extension not supported by server.

No other emails from other servers have experienced an issue.
Rolling back sensei to the point it has worked has not rectified the issue.
Rolling back opnsense to when it worked has has not rectified the issue.

Database is mongodb.

I would like to find out how to setup the email from sensei using smtps or starttls where the mail server is local, ie self signed certificate.

This statement is unhelpful.
Please be noted that ticket support for free/home/soho editions is complimentary as of now and tickets are processed on a priority basis. Especially with bug reports, we take it very seriously but it might take some time to get back.

as the non paying users give the vendor an early heads up on issues, free of charge.
Our time costs.

4

20.7 Production Series / Re: Firewall question re blocking

« on: August 24, 2020, 08:13:11 pm »

yes getting loads of stuff thats really quite normal, so will have to investigate further.
Thanks again for your assistance

5

20.7 Production Series / Re: Firewall question re blocking

« on: August 24, 2020, 07:15:44 pm »

Thanks, just to confirm the one in Floating, with the hard to find cos its in system and really should be in the firewall page to log enable / disable one? 

6

20.7 Production Series / Firewall question re blocking

« on: August 24, 2020, 06:32:40 pm »

I have a LAN rule, using an alias, which contains the ports I allow out.
This works, and I see the traffic in the firewall  log.
However, I wish to see any attempts to bypass the rule with ports not in the alias.
Is this possible as a following rule will not see for example port 22 (not on the alias list) due to the previous rule.
Whats required is an inverse logging option I believe..

7

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 06, 2020, 02:41:07 pm »

Hi

Works now even post reboot.

Any ideas why, is it the parsing of the config file thats the issue?

8

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 05, 2020, 09:08:08 am »

OK, but it will be a few hours until I can get some downtime.
Can you confirm you want all of the custom entries removed, ie empty, and then add in the miscellaneous page the server ip@port.
Then do a few restarts of unbound and optionally a reboot, then post the complete unbound.conf.

9

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 05, 2020, 08:23:34 am »

Contents on unbound.conf, this works


server:
tls-cert-bundle: /etc/ssl/cert.pem

forward-zone:
name: "."

forward-tls-upstream: yes

#AandA
forward-addr:217.169.20.22@853

10

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 04, 2020, 11:05:22 pm »

Pre change (using servers in unbound.conf), traffic detected, sites resolved.
Post change, unbound.conf server's commented out.
A working dns added, checked in dot.conf.
server:
  tls-cert-bundle: /etc/ssl/cert.pem
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 217.169.20.22@853
No traffic observed, no resolving.

11

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 04, 2020, 08:25:45 pm »

Hi
Thanks for that.
I have tried it earlier today, not working.
I did
enter ip address @853 on the miscellaneous page
Saved
Commented out all other server entries in the custom options
Saved
restarted unbound.
Does it need a reboot?

12

20.7 Production Series / Re: [RESOLVED]DNS over TLS doesn't work

« on: August 04, 2020, 07:23:53 pm »

Hi
I am also having issues getting this to work.
Commenting out all forwarders in the Custom options pane, and then putting an ip address as such
in the Dns over TLS field on the Miscellaneous page
9.9.9.9
or
9.9.9.9@853
and saving, make no change to /var/unbound/unbound.conf, and resolving does not work.
Q1 which is the correct format 9.9.9.9 or 9.9.9.9@853?
Q2 why no change to the /var/unbound/unbound.conf file, are the entries held elsewhere?
Q3 Am I doing something stupid?

Thanks

13

20.7 Production Series / Re: Upgrade to 20.7 , huge memory use (from 2Gb to 11Gb) Firewall log files Dead !

« on: August 03, 2020, 09:03:57 am »

I had some issues on an upgrade, see

https://forum.opnsense.org/index.php?topic=18358.0

14

20.7 Production Series / Re: Services not restarting on reboot

« on: August 03, 2020, 09:02:05 am »

I had an issue like this after the upgrade, so I re-installed and then setup with a backup.
Both syslogs are running, not checked if they were the issue behind a massive use of the disk over time.

https://forum.opnsense.org/index.php?topic=18358.0

15

20.7 Production Series / Re: Post 20.7 CPU Usage & CPU Widget

« on: August 03, 2020, 08:58:14 am »

Temperature display works for me (dual core, can disply core 0, or core0 + core 1)
Intel based system.
Ensure that the correct option is selected (acpi, amd or intel)