"Recent posts
#1
26.1, 26,4 Series / Re: Issues with Reboot / Power...
Last post by wincent - Today at 04:30:53 AM #2
26.1, 26,4 Series / Re: Rules [New] filtering bug(...
Last post by gaurhoth - Today at 03:33:11 AMI did see that issue, but I didn't feel like it totally applied as it seems like since 26.1.8 there has been a slight shift in intended direction. Previously you had to click the 'inspect' eye button to show all the rules... now in 26.1.10 it looks like they are wanting to show all the rules relevant to the interface filter but in collapsible sections. This actually makes a lot of sense to me and I prefer it. You can collapse sections for a condensed view, expand them for an exhaustive look and the sections give a clear visual indicator for the order in which rules will be processed.
It's just inconsistent at the moment with some floating rules appearing and some not. I'll see about putting in a new bug issue as the previously one is closed and see where it goes.
It's just inconsistent at the moment with some floating rules appearing and some not. I'll see about putting in a new bug issue as the previously one is closed and see where it goes.
#3
26.1, 26,4 Series / Re: Rules [New] filtering bug(...
Last post by Netlearn - Today at 02:18:53 AMThe expected behavior is not to show floating rules in "Interface rules" sections.
In fact, you should not see that rule when selecting "v30_TrustedEth". It may be a bug relative to the use of the negation (!WAN) you are using in your floating rule.
There is an issue about this on GitHub: https://github.com/opnsense/core/issues/10313
Better leave your comments there, as the "Rules (new)" interface is a work in progress.
In fact, you should not see that rule when selecting "v30_TrustedEth". It may be a bug relative to the use of the negation (!WAN) you are using in your floating rule.
There is an issue about this on GitHub: https://github.com/opnsense/core/issues/10313
Better leave your comments there, as the "Rules (new)" interface is a work in progress.
#4
26.1, 26,4 Series / Rules [New] filtering bug(?) f...
Last post by gaurhoth - Today at 12:39:33 AMNot sure if this is a bug or I'm just misunderstanding the intent. But in Firewall > Rules [new], the interface filter in the top-left dropdown appears to incorrectly hide some floating rules that apply to the selected interface. When viewing All rules, four floating rules are visible. One floating rule is assigned using an inverted interface selector, ! WAN. Three other floating rules are explicitly assigned to both LAN and v30_TrustedEth. When the top-left filter is changed to v30_TrustedEth, only the ! WAN floating rule remains visible. The three floating rules explicitly assigned to v30_TrustedEth disappear from the filtered view even though they apply to that interface. At the very least, it's rather inconsistent. Why does the '! Wan' rule show up but the explicitly defined floating rule doesn't on the interface?
OPNsense 26.1.10-amd64
You cannot view this attachment.
OPNsense 26.1.10-amd64
You cannot view this attachment.
#5
26.1, 26,4 Series / Re: Issues with Reboot / Power...
Last post by mrzaz - Today at 12:02:39 AMQuote from: EmilyLewis on June 24, 2026, 10:55:04 AMThe fact that shutdown and reboot work correctly from the console but not from the web GUI makes me think this is less likely to be an ACPI or VM power-management issue and more likely something in the path between the GUI and the underlying system command. If ACPI were the main problem, I would expect both methods to fail in a similar way or at least reach the same point before hanging.
I'd be interested to know whether anything relevant appears in the system log at the exact moment you click Reboot or Power Off in the GUI. If the GUI displays "shutdown in progress" but nothing appears on the console, it almost sounds as if the request is being accepted by the interface but never actually reaching the process responsible for initiating the shutdown.
The suggestion regarding UEFI is still worth testing, though. Virtualized environments sometimes behave differently enough that seemingly unrelated settings end up affecting system control actions in unexpected ways.
Yes, I totally agree with you that this feels like something else. Not a hanging in shutdown but rather the webgui commands
/ui/core/reboot
/ui/core/halt
that does not trigger the underlying codebase to actually trigger the reboot or halt.
As mentioned, trigger from console works totally fine but not from web-gui.
I am running the latest release 26.1.10.
I will do some testing and see if I could catch anything in any log and get back.
I checked some logs and found a few entries in Web GUI (lighthttpd) log.
2026-06-25T00:12:06 Informational lighttpd 192.168.x.x 192.168.x.x- [25/Jun/2026:00:12:05 +0200] "GET / HTTP/1.1" 302 0 "http://192.168.x.x/ui/core/reboot" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:152.0) Gecko/20100101 Firefox/152.0"
2026-06-25T00:12:06 Informational lighttpd 192.168.x.x 192.168.x.x- [25/Jun/2026:00:12:05 +0200] "GET / HTTP/1.1" 302 0 "http://192.168.x.x/ui/core/reboot" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:152.0) Gecko/20100101 Firefox/152.0"
2026-06-25T00:11:21 Informational lighttpd 192.168.x.x 0 192.168.x.x- [25/Jun/2026:00:11:20 +0200] "POST /api/core/system/reboot HTTP/1.1" 200 15 "http://192.168.x.x/ui/core/reboot" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:152.0) Gecko/20100101 Firefox/152.0"
2026-06-25T00:10:53 Informational lighttpd 192.168.x.x 192.168.x.x - [25/Jun/2026:00:10:52 +0200] "GET /api/core/system/status?path=%2Fui%2Fcore%2Freboot HTTP/1.1" 200 187 "http://192.168.x.x/ui/core/reboot" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:152.0) Gecko/20100101 Firefox/152.0"
and following in audit:
2026-06-25T00:11:21 Informational configd.py action allowed system.reboot for user root
But nothing relevant in system, boot, configd (Backend) log.
I enabled ALL settings for each log.
/Danne
#6
26.1, 26,4 Series / Re: Issues with Reboot / Power...
Last post by mrzaz - June 24, 2026, 11:57:17 PMQuote from: nero355 on June 24, 2026, 12:16:30 AMQuote from: annoniempjuh on June 23, 2026, 10:15:31 AMBut it doesn't do anything when you use the OPNsense webGUI to Reboot/Power Off so that doesn't really matter in this case if I have understood the issue correctly :)Quote from: mrzaz on June 23, 2026, 10:00:35 AM...os-qemu-guest-agent is under community plugins ;)
AFAIK there is no QEMU vm support in OpnSense.
...
Correct. Doing a reboot or power off in GUI, only shows that "reboot" or "shutdown initiated but then nothing happens.
It stays like that forever and nothing happens. As can be seen also in console that zero output that a shutdown
has been initiated and starts killing PIDs and synching filesystem preparing for a shutdown or reboot.
If I then do the exact same procedure, but via the console, then it immediately starts showing signs of shutdown initiated
and finally it shuts down or reboot depending which one I chose.
Have some issues with a stubborn Suricata PID the never kills (or at least take way to long to respond)
but that is a separate issue for another day. :-)
//Danne
#7
26.1, 26,4 Series / Re: Issues with Reboot / Power...
Last post by mrzaz - June 24, 2026, 11:52:22 PMQuote from: annoniempjuh on June 23, 2026, 10:15:31 AMQuote from: mrzaz on June 23, 2026, 10:00:35 AM...
AFAIK there is no QEMU vm support in OpnSense.
...
os-qemu-guest-agent is under community plugins ;)
yes, found it. Had forgot to click in the clickbox for community plugins.
My thought was earlier that "wow ho much plugins that had been removed,
but it was just that they had placed them in a separate category. :-)
//Danne
#8
Tutorials and FAQs / Re: What to do and what to avo...
Last post by cookiemonster - June 24, 2026, 10:45:23 PMThank you for this @meyergru . I had to abandon my last attempt at this and I can see from this what changes I must adopt despite following the guide, for instance not manually crafting the certs but using an app. The price of the recommended one for the this purpose stings but the technical background is very valuable. Thank you. I might be able to re-visit the attempts.
#9
Q-Feeds (Threat intelligence) / Re: Q-Feeds, Suricata, Crowdse...
Last post by Seimus - June 24, 2026, 10:38:22 PMQuote from: Greg_E on June 23, 2026, 05:40:12 PMo my speeds should go up a little, and still running 16gb of ram to cache the rules (when possible).
And this is the problem, up a little yes but if you need 10G IntraVLAN you are basically out of options with ZA.
Regards,
S.
#10
Zenarmor (Sensei) / Re: Install/Deinstall Loop (li...
Last post by ureyni - June 24, 2026, 10:04:31 PMHi Mlenje,
As I understand you have mimugmail repo.
Updating mimugmail repository catalogue...
graphite2 is exists in mimugmail repo.
root@OPNsense:~ # pkg search -r mimugmail graphite2
graphite2-1.3.14 Rendering capabilities for complex non-Roman writing systems
I guess , May source of issue is this repo.
As I understand you have mimugmail repo.
Updating mimugmail repository catalogue...
graphite2 is exists in mimugmail repo.
root@OPNsense:~ # pkg search -r mimugmail graphite2
graphite2-1.3.14 Rendering capabilities for complex non-Roman writing systems
I guess , May source of issue is this repo.
