Quote from: franco on Today at 03:23:34 PM# md5sum /tmp/tmpcfd_* | awk '{ print $1 }' | sort | uniq -c | sort -rn
Quote9331 d41d8cd98f00b204e9800998ecf8427e
2 d8a70aede1c95108c0296f6a6abfebaa
1 db76c9261e5dad81b34d8d7d48a9002f
1 b253f2bcc48d5ccd8d9652904a6131a0
1 a3ed12d95eaf83edc4055da9c8aebf8f
1 9f52409143ef46ab2ee11604782c2ddf
1 86bd9ded6a0fbd4a09404a43cfc743b3
1 7ef1d48bb1e01cee7fcccaa91ad54799
1 761219420eb10521cf4087b6912ba82b
1 70706585f8924f2a30bc3cb176e6976f
1 5f428cbec633eaa1410f433bbafb2d08
1 5eede87a3adb1956a1312c4d97ab0b5a
1 58e0494c51d30eb3494f7c9198986bb9
1 4df0fd0be6ddaddf44fc689c489a14ea
1 2ec68f745b73b7403f0852ed559e9430
1 24b23c602450824808ff0221c6923377
1 1c01c224b68add24f6c6ba2e6afe9273
Quote2026-07-08T15:21:21 Error configd.py [f83c44bd-7bb0-443d-975c-a47f6f5953f6] Script action failed with Command '/usr/local/opnsense/scripts/filter/read_log.py --limit '1000' --digest '9eb69a9b6e1717db6f9b0b7ecd7ba451'' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 93, in execute subprocess.run(script_command, env=self.config_environment, shell=True, ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ check=not self.disable_errors, stdout=output_stream, stderr=error_stream) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.13/subprocess.py", line 577, in run raise CalledProcessError(retcode, process.args, output=stdout, stderr=stderr) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/filter/read_log.py --limit '1000' --digest '9eb69a9b6e1717db6f9b0b7ecd7ba451'' returned non-zero exit status 1.
Quote from: viragomann on Today at 04:55:42 PMQuote from: teddybearnemo on Today at 04:34:18 PMPort range : 80 to 443Which port range is this?
You can state the source port and the destination port. Source should be "any", the destination that one your GUI is listening on. Is it 443?
Also range from 80 to 443 is a bad idea. You can create an alias and add both ports to it. So the rule covers 80 + 443.
Also ensure that the new interface is selected in System: Settings: Administration > Listen Interfaces.
Quote from: teddybearnemo on Today at 04:34:18 PMProtocol tcpYou set that for the destination port range, not the source. But as @viragomann writes, better to create an alias and use that. Or allow all access to destination 'This Firewall', not sure you want to be restricted in an case of emergency.
Port range : 80 to 443
Quote from: teddybearnemo on Today at 04:34:18 PMPort range : 80 to 443Which port range is this?
$ curl -sv --connect-timeout 10 "https://s3.eu-west-1.amazonaws.com"
* Host s3.eu-west-1.amazonaws.com:443 was resolved.
* IPv6: (none)
* IPv4: 3.5.75.39, 3.5.67.235, 3.5.66.27, 3.5.71.89, 52.92.32.24, 3.5.67.45, 3.5.71.84, 3.5.74.68
* Trying 3.5.75.39:443...
* Trying 3.5.67.235:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* SSL Trust Anchors:
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
* subject: CN=*.s3-eu-west-1.amazonaws.com
* start date: Nov 14 00:00:00 2025 GMT
* expire date: Nov 6 23:59:59 2026 GMT
* issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M04
* Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* subjectAltName: "s3.eu-west-1.amazonaws.com" matches cert's "s3.eu-west-1.amazonaws.com"
* OpenSSL verify result: 0
* SSL certificate verified via OpenSSL.
* Established connection to s3.eu-west-1.amazonaws.com (3.5.75.39 port 443) from x.x.x.x port 33241
* using HTTP/1.x
> GET / HTTP/1.1
> Host: s3.eu-west-1.amazonaws.com
> User-Agent: curl/8.21.0
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 307 Temporary Redirect
< x-amz-id-2: xxxxxxxxxxxxxxxxx
< x-amz-request-id: xxxxxxxxxxxxxxxxxx
< Date: Tue, 14 Jul 2026 13:37:25 GMT
< Location: https://aws.amazon.com/s3/
< Content-Length: 0
< Server: AmazonS3
<
* Connection #0 to host s3.eu-west-1.amazonaws.com:443 left intact