"Recent posts
#1
Virtual private networks / Re: restart wireguard service
Last post by Bob.Dig - Today at 11:25:36 AMIf you talk about ProtonVPN, I would just disable gateway monitoring altogether. Technically there shouldn't be any leaks because the gateway is considered as always up. And if it is not up, you probably will notice anyway.
#2
General Discussion / Re: Average CPU temperature go...
Last post by Nullman - Today at 11:04:06 AMQuote from: nsantiago2719 on Today at 10:28:10 AMIt is a N150 Mini PC. I've already accepted the fact that its normal, I cannot find any reason why its running high. I'm in a tropical country btw, so I dont think its because of the change of weather especially I have AC on almost 24/7. But hey, that might be really the case.
Having said that, I am thinking of replacing the fan inside and hopefully that changes everything.
There are no issues with your device and those temperatures are normal. Relax and dont think about it.
#3
General Discussion / Re: Average CPU temperature go...
Last post by nsantiago2719 - Today at 10:28:10 AMQuote from: BrandyWine on Today at 06:59:32 AM55C, on a 4 core, with a load avg ~0.1 ? Sounds a bit high for a near 100% idle system. 37-40C is what I would expect.
What CPU is it? What device is it?
It is a N150 Mini PC. I've already accepted the fact that its normal, I cannot find any reason why its running high. I'm in a tropical country btw, so I dont think its because of the change of weather especially I have AC on almost 24/7. But hey, that might be really the case.
Having said that, I am thinking of replacing the fan inside and hopefully that changes everything.
#4
26.1, 26,4 Series / Re: OPNsense 26.1.8_5 Freezes ...
Last post by bestboy - Today at 10:25:51 AMI seem to have similar issues. The firewall seems to be still up & running, but it seems to shut out everything. The issue reminds me of the "new" startup behavior with divert-to rules: all traffic is dropped until the Suricata service is up & running. But this is happening after a day of uptime and the service (probably) up. In the suricata logs I found these errors:
Error
suricata
[100216] <Error> -- thread W-8000 failed
Warning
suricata
[101690] <Warning> -- Write to ipfw divert socket failed: No buffer space available
I'm not sure what buffer space ran out. mbufs seemed to be fine when checking the health graph in reporting. I'm running with kern.ipc.nmbclusters = 1000000
Unfortunately I just upgraded the system on the weekend from the rock solid 25.7.11. I also did the rules migration and migrated Suricata to the new divert-to functionality. So many moving parts changed in just a few days.
To me the problem "feels" to be firewall related so my first mitigation attempt is to revert the divert-to changes back to netmap for now.
I'm using a Protectli FW2B on CoreBoot with an Intel Celeron J3060
Error
suricata
[100216] <Error> -- thread W-8000 failed
Warning
suricata
[101690] <Warning> -- Write to ipfw divert socket failed: No buffer space available
I'm not sure what buffer space ran out. mbufs seemed to be fine when checking the health graph in reporting. I'm running with kern.ipc.nmbclusters = 1000000
Unfortunately I just upgraded the system on the weekend from the rock solid 25.7.11. I also did the rules migration and migrated Suricata to the new divert-to functionality. So many moving parts changed in just a few days.
To me the problem "feels" to be firewall related so my first mitigation attempt is to revert the divert-to changes back to netmap for now.
I'm using a Protectli FW2B on CoreBoot with an Intel Celeron J3060
#5
German - Deutsch / Re: Aktivierung IPv6 an einem ...
Last post by Patrick M. Hausen - Today at 10:17:58 AMUnd das hat genau was mit OPNsense zu tun?
#6
German - Deutsch / Aktivierung IPv6 an einem Voda...
Last post by PWL - Today at 09:30:11 AMAnleitung: IPv6-Aktivierung an einem Vodafone DSL-Anschluss
"Internet" -> "Zugangsdaten" -> "IPv6" -> "IPv6-Unterstützung aktiv" -> "IPv6-Anbindung mit Tunnelprotokoll verwenden" -> Tunnelprotokoll "6to4" wählen. "Weitere Einstellungen" weiter unten bleiben deaktiviert.
Kontrolle: "Diagnose" -> "Sicherheit" -> "1. Verbindung, Internet". Die FritzBox ist neben IPv4 nun auch über IPv6 mit dem Internet verbunden.
"Internet" -> "Zugangsdaten" -> "IPv6" -> "IPv6-Unterstützung aktiv" -> "IPv6-Anbindung mit Tunnelprotokoll verwenden" -> Tunnelprotokoll "6to4" wählen. "Weitere Einstellungen" weiter unten bleiben deaktiviert.
Kontrolle: "Diagnose" -> "Sicherheit" -> "1. Verbindung, Internet". Die FritzBox ist neben IPv4 nun auch über IPv6 mit dem Internet verbunden.
#7
26.1, 26,4 Series / Re: Trying to build a IP block...
Last post by Patrick M. Hausen - Today at 09:07:37 AMNAT is applied before filter rules, so the destination address needs to be the internal DNAT target, not the public address on WAN.
#8
26.1, 26,4 Series / Re: Intel ucode Plugin vs Pack...
Last post by Patrick M. Hausen - Today at 09:02:28 AMYes to your question about the plugin. But OPNsense pulls all packages from the OPNsense repo. If you manually activate the FreeBSD repo, you have a high probability of messing up you installation. Simply don't do that.
#9
26.1, 26,4 Series / Re: OPNsense 26.1.8_5 Freezes ...
Last post by meyergru - Today at 08:59:49 AMDisable ASPM, maybe?
#10
26.1, 26,4 Series / Re: FreeBSD 15.1 will be relea...
Last post by Rene78 - Today at 08:52:27 AMQuote from: newsense on May 26, 2026, 07:23:58 PMThe bigger change might actually be openssl 3.5.x in 26.7 for the packages
Arent't pf changes like VLAN on bridges a massive change as well? Can imagine that this would require a substantial change in the opnsense logic etc.
