Recent posts

#1

Q-Feeds (Threat intelligence) / Re: Major upgrade Q-Feeds Thre...

Last post by Q-Feeds - Today at 12:45:10 AM

What filtering options would you actually use?
Anything missing in the IOC view?

Not sure if this is feasible but what about sorting based on country of origin? E.g Country from where the IoC originates.

Ideas for improving the OPNsense plugin?

Well, OPNsense has inbuilt RRD and other graph possible tooling, would it be possible under the condition its not resource heavy, to create graphs based on the events/IPs/ports/protocols?

Something similar for example as in
Lobby > Reporting > Health
Or
Firewall> Log Files > Overview?

This would still be local to the OPNsense, but would give the users more visual representation.

Regards,
S.

We will take it in consideration! We're indeed also in conversation with Deciso's developers to see if we can improve reporting f.e. mapped on MITRE (that's what we were thinking about).

#2

Q-Feeds (Threat intelligence) / Re: Q-feeds (Community Version...

Last post by Q-Feeds - Today at 12:43:22 AM

Very interesting results which seem to be all over the place. I think it also depends on if you're hosting services f.e. As Cedrik mentioned it's not just about the # blocked. Increasing that number as a blocklist provider is quite easy. I think we make the difference on what we block and how we give insights on why.

#3

26.1, 26,4 Series / Re: Partial config wipe after ...

Last post by Crane_Train - Today at 12:40:48 AM

System: Configuration: History would shed some light on when and where these parts were removed (by whom).



Cheers,
Franco

Hey, thanks for the reply.

Unfortunately it doesn't.

Context:
I had initially set up WAN traffic through a single gateway group with double failover (x2 ProtonVPN tunnels x1 Mullvad) and then progressed that to x3 gateway groups each with one failover tunnel for a total of 6 tunnels. I had aliases built out to define traffic flows with PBR fw rules depending on usecase for clean separation of concerns.

History shows absolutely none of this configuration post-single gateway group. No creation of wireguard peers, interfaces, gateways, aliases, Unbound DNS changes etc. etc., let alone their deletion.

#4

Q-Feeds (Threat intelligence) / Re: Q-Feeds Update Interval

Last post by Q-Feeds - May 07, 2026, 11:32:32 PM

We've been able to reproduce unfortunately.
Solution might be rebooting (not sure)

True solution is to empty the folder "/var/db/qfeeds-tables/"
by running these commands:

Code Select Expand

cd /var/db/qfeeds-tables/
rm *

Bug reported to the developers as well: https://github.com/opnsense/plugins/issues/5428

#5

26.1, 26,4 Series / Re: IPv6 missing from the fibe...

Last post by Patrick M. Hausen - May 07, 2026, 11:26:22 PM

What does TNG's documentation or their tech support say?

#6

26.1, 26,4 Series / IPv6 missing from the fiber co...

Last post by jensk - May 07, 2026, 10:40:13 PM

Hi all,

I got a fiber connection via TNG (Germany) and IPv4 works great.
But IPv6 does not work.

When I look at the logfile I see this messages:

Code Select Expand

<13>1 2026-05-07T22:25:12+02:00 OPNsense.internal dhcp6c 79084 - [meta sequenceId="381"] dhcp6c_script: REQUEST on pppoe1 connected to server
<13>1 2026-05-07T22:25:12+02:00 OPNsense.internal dhcp6c 84865 - [meta sequenceId="382"] dhcp6c_script: REQUEST on pppoe1 prefix now 2a00:ffff:ffff:8000::/56

When I manually add a ipv6 address in the sub net, it is working. But that is of course not doable all the time.

Code Select Expand

# ifconfig pppoe1 inet6 2a00:ffff:ffff:8000::1 prefixlen 64 alias
the "request prefix only" is disable. (I also tried it enable, same problem).

 Does anyone has an idea what I did wrong?

I setup a new OpnSense 26.1.7_3-amd64 host, so it is a fresh install

I read: https://docs.opnsense.org/manual/how-tos/ipv6_dsl.html.

CU
Jens

#7

Hardware and Performance / Re: Intel i225/i226 2.5G NIC I...

Last post by BrandyWine - May 07, 2026, 09:44:08 PM

i upgraded the protectli from 2.17 to 2.32 firmware, i left the deciso at 2.25 *shurg*

edit: oh i c, i was also running 0.9.1-rc3 on VP2440.. yea 0.9.0 coreboot was 100% broken for FreeBSD + igc because of ASPM. AMI bios completely disabled ASPM, adds 4-5w to idle, which is like 50%, but also solves the issues.

Well, if you can test more, restore ASPM to 100% and then disable ASPM L1.2 on the 226 devices. This assuming the Deciso still has v2.25 nvm. See the last few posts in https://forum.opnsense.org/index.php?topic=48695.210

#8

26.1, 26,4 Series / Re: KEA is still a mess IMHO

Last post by JamesFrisch - May 07, 2026, 09:38:21 PM

I'm unable to tell.

Me too ;) no seriously, I have this issues with OPNsense, but of course it could also be KEA that is the root issue.

#9

Hardware and Performance / Re: [solved] Intel i226 Firmwa...

Last post by BrandyWine - May 07, 2026, 09:37:51 PM

I also cant find any source for that.
With "but it seems to ben an hardware (silicon) issue to me" i meant i assume that's an non fixable hardware issue.
Why? Because when it would be fixable they have done it by: setting an correct register value or fix the firmware (nvm).
But they have disabled the L1.2 substrate completely in the driver for all newer linux kernels.

Again: That are my personal thought's and assumptions.

Which makes me wonder what happened with the i226. If we can disable one ASPM level for this specific pcie device, why disable it completely in the igc code?
It almost appears like Intel wanted to squash any negative sentiment of the i226 so they did it via igc driver code. Surely there exists an issue, or did exist. I suspect with the amount of 226 units sold, along with very few actually being able to update nvm (as some have done via this forum), perhaps easier to take care of the problem that still lingers among mass amount of 226's out there, so just cut out the ASPM feature from the igc code. But even that requires massive amounts of kernel upgrades.

So to me, something is off. My suspicion is, the 2.32 nvm perhaps is the fix at hardware firmware level, but because very few vendors are supporting this low-level nvm upgrade, maybe Intel just decided to tackle the issue at driver level? TBD I guess.

#10

German - Deutsch / Re: WAN-Umstellung von PPPoE a...

Last post by PrinceLG - May 07, 2026, 08:05:06 PM

Hallo zusammen,

Dank eurer Hilfe läuft die OPNSense am Glasfseranschluss der Lünecom ! Vielen Dank.

Beim ersten Versuch habe ich alle Vorschläge umgesetzt:

- System: Settings: General die Option "Allow DNS server list to be overridden by DHCP/PPP on WAN" aktiviert.
- am PC die Netzwerkverbindung von DHCP auf manuell geändert und unter bevorzugter DNS die IP der OPNSense eingetragen.
- den Firefox DoH habe ich auf Standard DNS-Resolver gestellt
- Unbound-DNS auf Port 53 gestellt
- Adguard deakiviert

Diese Änderungen führten nicht zum Erfolg kein Zugriff auf das Registrierungsportal portal.deinnetz.de

Beim zweiten Versuch habe ich nach Zurücksetzen und Neustart nur folgendes geändert:

- System: Settings: General die Option "Allow DNS server list to be overridden by DHCP/PPP on WAN" aktiviert.
- am PC die Netzwerkverbindung von DHCP auf manuell geändert und unter bevorzugter DNS die IP der OPNSense eingetragen.
- zusätzlich hier jedoch den DNS-Server der Lünecom 46.253.240.11 unter Alternativer DNS eingetrage.

Direkt danach meldete sich in Firefox die Anmeldeseite des Registrierungsportals und ich konnte die Aktivierung vollständig abschließen.
Danach sofort 290Mbps download und 128Mbps upload - Mega Erfolg !!

Ich denke der entscheidende Punkt war die Option System: Settings: General die Option "Allow DNS server list to be overridden by DHCP/PPP on WAN"
und dass ich zusätzlich die IP des Lünecom DNS Servers als Alternativer DNS eingetragen habe.

Die Änderungen habe ich nach der erfolgreichen Registrierung wieder zurückgenommen und für das nächste Mal gut dokumentiert.

Ende gut alles gut !!!! ich wünsche euch eine schöne Zeit und Danke für die schnelle Hilfe zum Erfolg

So macht OPNSense richtig Spass und Freude