Recent posts

#1
Quote from: _tribal_ on March 26, 2026, 10:38:14 PM
Quote from: eugene on March 17, 2026, 12:05:44 PMа я может попробую завести на VLESS+Reality (TCP) варианте пока что
пробуй сразу xhttp, так как reality научились портить
Кастомные конфиги с разными протоколами добавлены, так же мульти инстанс добавлен
#2
26.1 Series / Re: Private IP PPPOE -OPNSense...
Last post by nicholaswkc - Today at 06:42:58 AM
One of my LAN - almalinux cannot ping gateway IP. Very strange, it can ping one of the android tv box only. Not others Window Lan as well. I try to disable the firewalld n look the ip route show and found nothing.

 It cannot browser internet anymore. I can browser intenet yesterday. This is proof. Something is broke.

ip route show table all
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.100 metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 192.168.1.100 dev eth0 table local proto kernel scope host src 192.168.1.100
broadcast 192.168.1.255 dev eth0 table local proto kernel scope link src 192.168.1.100
fe80::/64 dev eth0 proto kernel metric 1024 pref medium
local ::1 dev lo table local proto kernel metric 0 pref medium
local fe80::96b1:914d:f21d:1e01 dev eth0 table local proto kernel metric 0 pref medium
multicast ff00::/8 dev eth0 table local proto kernel metric 256 pref medium

nicholaswkc@localhost:~$ netstat -r | more
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         _gateway        0.0.0.0         UG        0 0          0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0


nicholaswkc@localhost:~$ arp -a
? (192.168.1.102) at 5c:e9:31:82:02:a0 [ether] on eth0
? (192.168.1.101) at ec:f7:2c:17:a8:69 [ether] on eth0
? (192.168.1.104) at 98:90:96:9b:bf:08 [ether] on eth0
? (192.168.1.106) at <incomplete> on eth0
? (192.168.1.103) at 70:b5:e8:28:70:19 [ether] on eth0
_gateway (192.168.1.1) at 80:61:5f:08:2a:d8 [ether] on eth0

Poosible the hacker assign different vlan?
#3
Quote from: nero355 on Today at 12:41:03 AM
Quote from: strangerinusall on March 26, 2026, 11:31:48 PMGUI in SG250 is awful and I ended up doing updates via config files.
That's why I love Switches that have SSH access too : It's quicker and easier !!! :)

Could you post GUI screenshots of how it looks now with this new config ?

This one does have SSH access, and I presume that would have been easier, but I felt there were more chances I would mess something up this way. Certainly if you're comfortable to syntax then that's a way to go.

Here we go:
#4
Quote from: Bossybear on March 02, 2026, 04:41:46 PMIn OPNsense 26.1.2_5 I now see the custom hostname to the right in the widget. This is a good solution. Please consider this closed.
What do I need to do to enable this (26.1.5)? I still only get "custom". Is this because I use the dark theme, or because mine is IPv6 with its unwieldly / long address blurting out everything else?
#5
26.1 Series / Re: Odd block drop in log on r...
Last post by cat - Today at 05:19:21 AM
Good Morning, thanks for the reply.

I upgraded my switch couple of weeks ago and iirc igc0 used to be the trunk (i believe on LAN), that was connecting to the previous switch but is now used for pppoe. Unfortunately i deleted all the previous config backups so i cannot be 100% certain. I am now using lag/lacp.

I also realized that this three extra rules all point to vlans that were created after the deletion and switch upgrade.

#6
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by turnah - Today at 02:40:34 AM
did you manage to update? i have the same card/version and it's failing for me too
Quote from: He4DHuNt3r on March 22, 2026, 03:14:12 PM

Has anyone had any luck updating the NVM on this generic Aliexpress I226-V?

I've tried updating to 2.32 and lower firmware versions, but it always fails - Tried updating through Windows, EFI & Linux with iomem=relaxed

Inventory
nvmupdatew64e -i -l log.txt

Config file will not be read.
Inventory
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Alternate MAC address is not set.
    Flash inventory started.
    Shadow RAM inventory started.
    Shadow RAM inventory finished.
    Flash inventory finished.
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Vendor                 : 8086
    Device                 : 125C
    Subvendor              : 8086
    Subdevice              : 0000
    Revision               : 4
    LAN MAC                : XXXXXXXXXXXX
    Alt MAC                : 000000000000
    SAN MAC                : 000000000000
    ETrackId               : 80000286
    SerialNumber           :  XXXXXXXXXXXXXXXX
    NVM Version            : 2.19(2.13)
    PBA                    : G23456-000
    VPD status             : Not set
    VPD size               : 0
    NVM update             : No config file entry
      checksum             : Valid

Config
CURRENT FAMILY: 1.0.0
CONFIG VERSION: 1.20.0

; NIC device
BEGIN DEVICE
DEVICENAME: Intel(R) Ethernet Controller I226-V
VENDOR: 8086
DEVICE: 125C
SUBVENDOR: 8086
SUBDEVICE: 0000
NVM IMAGE: FXVL_125C_V_1MB_2.32.bin
EEPID: 80000425
RESET TYPE: REBOOT
REPLACES: 80000286
END DEVICE

NVM.log
nvmupdatew64e.exe -b -l nvm.log -m XXXXXXXXXXXX  -f -u -c nvm.cfg

Config file read.
Inventory
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Alternate MAC address is not set.
    Flash inventory started.
    Shadow RAM inventory started.
    Shadow RAM inventory finished.
    Flash inventory finished.
Update
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Creating backup images in directory: XXXXXXXXXXXX .
    Backup images created.
    Flash update started.
Error:       Flash update failed.
    Device update failed.
Update security revisions
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Skipping update minimum security revisions.
Update VPD with VPD template
[00:013:00:00]: Intel(R) Ethernet Controller I226-V
    Skipping VPD update with VPD template.

#7
Tutorials and FAQs / Re: ExpressVPN anyone?
Last post by Daves_nt_here - Today at 02:29:55 AM
I think so. I've just finished following two or three different tutorials on how to set up the CLI interface but they're all from 2023 and 2024. Spent about an hour on chat with somebody from ExpressVPN going over their most recent post and even that isn't working. After an hour my session was disconnected so I think they just gave up. In the morning I'm going to start looking for a new provider. Very basic googling I might go with Nord but I got to do my research first. Make sure they will work with open sense or Linux command line.

I think I've been with them almost 10 years now. I wonder how many other clients they're going to lose with this upgrade.
#8
I'm trying to test the LAN side with iperf and I'm not sure what I'm doing wrong here but I can't connect to the client on on opensense, firewall rule is in place to allow any lan source to talk to the firewall on any port
#9
26.1 Series / Re: OPENvpn settings
Last post by LisaMT - Today at 01:15:28 AM
My opnsense is a server, and when I travel I can connect to the OpenVPN server with my OpenVPN client config.  All using Ubuntu  24.04. 
Keep in mind the OpenVPN still works fine, but in Opnsense there's no longer a way to generate client configs and export them.  YES I can create a new client config as an 'instance', but there doesn't seem to be a way to export that into a file that can be imported into NetworkManager.
In the previous opnsense version the client config/export worked great. 
#10
26.1 Series / Re: Kea ipv4 broke in 26.1.5
Last post by LisaMT - Today at 01:11:16 AM
I have a laptop that I occasionally use that has been on a working IP reservation for a long time. 
Today I turned it on and was surprised to see it got an IP address in the restricted range(pool). 
The MAC showed up in the Kea pool while the reservation also showed the correct MAC.  My lease time is set very low,so when the system tried to renew it should have jumped to the reservation, but didn't. 
With the IP set manually to the same one as the reservation, the system can now do updates.