Recent posts

#1
26.1 Series / Re: Firewall rules migrated an...
Last post by OPNenthu - Today at 05:53:49 AM
I tried to reproduce it on 26.1.2_5 by creating a VLAN and enabling and assigning an IP to the interface.  The rules remained in the new rules UI.

Are you maybe referring to the Floating/Group/Automation rules drop-downs?  Those still show in the legacy rules UI even after migration, but those rules actually live in Firewall->Rules [new].  The legacy UI should not display any interface level rules.

You cannot view this attachment.

It's a little confusing right now until we can disable the legacy UI.
#2
26.1 Series / Dynamic DNS - index out of ran...
Last post by Igor - Today at 05:08:04 AM
Hi, all.

I'm trying to add a dyn dns, and an error breaks the update.

On the Dynamic DNS service, after to clone the last created account - 3rd to 4th, a Cloudflare DNS - the log returns:

2026-02-20T00:44:39-03:00
Error
ddclient
Account xxxxxxxxxxxx [cloudflare - cloudflare-dns-xxxxx] raised fatal error (list index out of range)

Until the 3rd account it was working, after the clone with a new host values, it failed.

Should I open a bug?
plugin: os-ddclient, 1.30

Thanks for this great Firewall.
#3
26.1 Series / Re: Potential Bug/Exploit Witn...
Last post by Werewolf71 - Today at 03:48:55 AM
It was my wife's iPhone that reacted to the UDP port scan, so I am limited in what I can check/verify.

I checked the SYSLOG for her iPhone's traffic before the event, and saw nothing out of the ordinary, except for that moment in time the UDP port scan occurred. 

To me it appears that the UDP port scan started first.  Then somehow something 'leaked' through and touched her iPhone, causing it to react with a small flood of UDP traffic directed back to the scanning node's public IP address.

Things that make you go:  "Hmmmmmmmmmmm"
#4
26.1 Series / Re: Potential Bug/Exploit Witn...
Last post by pfry - Today at 03:38:54 AM
Quote from: Werewolf71 on Today at 03:04:04 AM[...]SCANNER_IP = 45.36.163.80[...]

Huh. An ordinary Charter/Spectrum residential IP, apparently. I can't parse "hgpnnc"; looks like a short CLLI, apparently near Winston-Salem (wnslnc)... Highpoint/Greensboro/Piedmont|Pleasant Garden...? Anyway, not likely relevant.

What is your client? If Windows, "netstat -ab" might be helpful, otherwise "netstat -ap", I believe. You might have to catch it in the act.
#5
Private Lady In Your Town - No Selfie - Anonymous Adult Dating
https://privateladyescorts.com
 
Private Lady In Your Town - Anonymous Adult Dating - No Selfie
 
NEW GIRLS
Sofia
Alt Barbie
Putri
Emmie Murray Aurora
Anika Uwunikaav
Kriss Kiss
Oryna Virgin
#6
26.1 Series / Re: Potential Bug/Exploit Witn...
Last post by Werewolf71 - Today at 03:04:04 AM
Thank you for your interest.  I was viewing the logs from a Graylog SYSLOG instance that is catching the OPNsense logs.  Providing the additional detail that you referenced.

I have set up a full packet capture for the private side of my home network, with hopes of catching the raw packets for inspection, if it happens again.




SCANNER_IP = 45.36.163.80

timestamp   source   message
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9319,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,46652,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9321,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,15946,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9318,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,28496,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9317,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,64274,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9331,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,56299,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9316,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,37499,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9320,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,25566,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9323,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,41253,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9324,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,15935,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,54,9328,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,30811,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9322,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,37367,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9325,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,35622,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9327,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,24423,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9326,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,51875,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9330,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,52030,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9329,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,53247,49
2026-02-19T15:36:26.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,18484,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51536,48
2026-02-19T15:36:26.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,18484,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,61503,51536,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,53287,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51537,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,53287,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,39173,51537,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,35093,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51538,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,35093,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,59266,51538,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,3406,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51539,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,3406,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,45066,51539,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,873,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51540,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,873,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,2356,51540,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,33810,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51541,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,33810,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,54597,51541,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,57291,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51542,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,57291,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,28222,51542,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,50441,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51543,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,50441,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,60136,51543,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9334,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,57665,49
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,48008,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51544,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,48008,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,3600,51544,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,42554,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51545,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,42554,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,15340,51545,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,25127,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51546,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,25127,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,60149,51546,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,1807,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51547,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,1807,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,44900,51547,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,64006,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51548,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,64006,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,34174,51548,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,53892,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51549,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,53892,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,42543,51549,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,22058,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51550,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,22058,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,42140,51550,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,38924,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51551,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,38924,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,44999,51551,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,63294,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,59858,51552,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,63294,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,19522,51552,48
2026-02-19T15:36:27.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9359,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,57665,49
2026-02-19T15:36:27.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9367,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,57665,49
2026-02-19T15:36:28.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9377,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,57665,49
2026-02-19T15:36:28.000-05:00   OPNsense.lab   11,,,02f4bab031b57d1e30553ce08e0ec131,igc1,match,block,in,4,0x0,,53,9404,0,DF,17,udp,69,<SCANNER_IP>,<HOME_PUBLIC_IP>,51536,57665,49
2026-02-19T15:36:29.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,39400,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,57336,51536,48
2026-02-19T15:36:29.000-05:00   OPNsense.lab   88,,,32b0c9606bf44cc4ae86af3b6e178b80,igc0,match,pass,in,4,0x0,,64,57310,0,none,17,udp,68,<HOME_NODE_PRIVATE_IP>,<SCANNER_IP>,61164,51536,48
2026-02-19T15:36:29.000-05:00   OPNsense.lab   77,,,528d46c993d2f22268135be7b26815f2,igc1,match,pass,out,4,0x0,,63,57310,0,none,17,udp,68,<HOME_PUBLIC_IP>,<SCANNER_IP>,25406,51536,48
#7
26.1 Series / Re: Potential Bug/Exploit Witn...
Last post by pfry - Today at 02:40:13 AM
The ports don't seem to be well-known, and it doesn't look like anything I'm familiar with. The pattern from your device looks a bit like a trace or scan (climbing destination port). The packets from the remote are a bit odd, as it would have available sessions, but they follow a random pattern somewhat (but not entirely) like the NAT sources from your device.

How are you viewing the logs? Timestamp is missing. Using the GUI, latest is at the top.

Filter leakage seems unlikely. I have different (not pf) filters on my servers and haven't observed any leakage. (I have observed some really wacky behavior from Windows, though...)

The "scanner" IP might help.
#8
General Discussion / Proper DNSBLs for Unbound
Last post by OPNenthu - Today at 02:36:56 AM
I'm a bit ignorant still on advanced DNS topics.  Please be patient :)

This thread is in response to the discussion on page 1, specifically posts #5-8, here: https://forum.opnsense.org/index.php?topic=50857.0

I didn't want to further derail the IPFire topic so am posting separately to better understand this.

---

I feel that some of the DNS hosts lists that we use in Unbound are not specifically written for it and result in incomplete blocking because Unbound uses exact matching, whereas other engines may treat them as zones and automatically block subdomains.

For reference here are the built-in DNSBLs in OPNsense for Unbound.

It appears the hagezi lists, for example, are wildcarded but many of the others (e.g. AdGuard) are not and those could (depending how they're written) be less reliable in Unbound.

Is that a fair assessment and is there RPZ support in the roadmap for the Unbound UI?  Would that solve this, and is there even a gap or am I off with this assessment?

Thanks.  This has long been one of my nagging unresolved questions.
#9
Virtual private networks / Re: Run PostUp command when Wi...
Last post by allddd - Today at 01:36:36 AM
Quote from: Greelan on Today at 12:45:53 AMMullvad support also told me that they wouldn't support psk-exchange anymore.

Makes sense. I haven't tried it myself, but it seems like it could be (ab)used to get around the five-device limit, since you get both a PSK and a primary key that isn't visible in the account settings.
#10
German - Deutsch / Re: Wireguard Log
Last post by allddd - Today at 01:30:48 AM
Laut src/if_wg.c ist die Zahl nur eine interne ID. Irgendwie komisch, dass sie fürs Logging verwendet wird, sich aber nicht mit einer IP/einem Pubkey verknüpfen lässt. Wahrscheinlich bringt sie den Entwicklern was, für End User ist sie anscheind nicht gedacht.