"Recent posts
#1
German - Deutsch / Re: (Gelöst) Umstellung auf I...
Last post by osmom - Today at 12:54:21 PMDie Lösung war bei mir das im "Children" Fenster die Policys nicht angehakt waren, nach dem Anhaken ging es.
#2
26.1 Series / Re: Firewall rules migration
Last post by franco - Today at 12:25:54 PMThanks for the feedback. I'm looking at:
I think that's https://github.com/opnsense/core/commit/ba8194ded
Cheers,
Franco
QuoteDestination field validation: The firewall rules in my test VM are the default LAN rules (allow LAN to any, v4 and v6). The import validation failed with "[destination_net] A value is required." The rules export should automatically populate "any" for the destination_net field in these cases. If this behavior is by design, the error message should clarify whether to enter "any" or "*" to resolve it. (I used "any" and the import succeeded.)
I think that's https://github.com/opnsense/core/commit/ba8194ded
Cheers,
Franco
#3
26.1 Series / Re: Firewall rules migration
Last post by Monviech (Cedrik) - Today at 11:58:08 AMThe clarity can be discussed, its always hard to have enable to disable checkboxes.
https://github.com/opnsense/core/pull/9644
https://github.com/opnsense/core/pull/9644
#4
Q-Feeds (Threat intelligence) / Re: [Video] What Is Q-Feeds & ...
Last post by Seimus - Today at 11:55:58 AMNice vid.
Maybe an idea but you could do a follow up exploring their TIP portal. They have very nice tools.
Regards,
S.
Maybe an idea but you could do a follow up exploring their TIP portal. They have very nice tools.
Regards,
S.
#5
General Discussion / Re: Forum connection issues
Last post by Seimus - Today at 11:54:06 AMI had the same yesterday. Looks like for now its good.
Regards,
S.
Regards,
S.
#6
25.7, 25.10 Series / Re: OPNsense 25.7.10 . Noti...
Last post by meyergru - Today at 11:37:37 AMYou can look at the actual NVME temps with "smartctl -a /dev/nvme0ns1" after having installed the os-smart plugin.
These things tend to get very hot, especially with high usage. You might suffer the "hostwatch" write problem discussed here.
These things tend to get very hot, especially with high usage. You might suffer the "hostwatch" write problem discussed here.
#7
25.7, 25.10 Series / Re: GeoIP list no more correct...
Last post by jfou1987 - Today at 11:08:25 AMHello Abdullah,
during the debuging process, to look after what happens, i checked all the IP i used to test the inbound access thru GeoIP.
There was an Orange 5G, Proximus 5G, Proximus home VDSL, Colt pro VDSL and Proximus explore pro Fiber.
All that IP where in your database (thru the website) and correctly BE flagged.
But as i said, the txt file present in the OPNsense repository (there was also an MD5 file, so i'm aware there is an integrity verification) contains only a few amount of V4 IP, but a bunch of V6.
Here's again the copy of the mentioned file : https://uploadnow.io/f/Qzn9R5G
I used the python script to force again downloading, and the file was still the same.
I don't know why when i created a new list in the OPNsense aliases, the content tuned ok.
during the debuging process, to look after what happens, i checked all the IP i used to test the inbound access thru GeoIP.
There was an Orange 5G, Proximus 5G, Proximus home VDSL, Colt pro VDSL and Proximus explore pro Fiber.
All that IP where in your database (thru the website) and correctly BE flagged.
But as i said, the txt file present in the OPNsense repository (there was also an MD5 file, so i'm aware there is an integrity verification) contains only a few amount of V4 IP, but a bunch of V6.
Here's again the copy of the mentioned file : https://uploadnow.io/f/Qzn9R5G
I used the python script to force again downloading, and the file was still the same.
I don't know why when i created a new list in the OPNsense aliases, the content tuned ok.
#8
26.1 Series / Re: Upgrade to RC1 successful
Last post by meyergru - Today at 10:47:59 AMQuote from: Monviech (Cedrik) on Today at 08:08:23 AMThanks for reporting this was a small oversight
https://github.com/opnsense/core/pull/9642
Code Select
opnsense-patch 67668828146e80de49bc6b607db06acb12da8a61
configctl webgui restart
Works for me.
#9
25.7, 25.10 Series / Re: OPNsense 25.7.10 Ethernet ...
Last post by iMx - Today at 10:07:25 AMI cannot comment on changes between 25.1 and 25.7 specifically, nor first hand experience with bge interfaces ....
... BUT if you have ASPM enabled in the BIOS, I'd try turning that off (everywhere).
Also set a tuneable, then reboot after setting:
.. has fixed all sorts of interface randomness over the years for me, although primarily on Intel. Then if you want to narrow it down after - i.e it resolves the issue - selectively re-enable.
You can check ASPM state with:
... BUT if you have ASPM enabled in the BIOS, I'd try turning that off (everywhere).
Also set a tuneable, then reboot after setting:
Code Select
hw.pci.enable_aspm=0.. has fixed all sorts of interface randomness over the years for me, although primarily on Intel. Then if you want to narrow it down after - i.e it resolves the issue - selectively re-enable.
You can check ASPM state with:
Code Select
pciconf -lcv |grep -i aspm #10
26.1 Series / Re: Upgrade to RC1 successful
Last post by Monviech (Cedrik) - Today at 09:49:07 AMQuote from: meyergru on January 22, 2026, 06:19:49 PMBTW: In the migration assistant list of steps, it says: "Deselect anti-lockout in advanced settings" - it should be "Enable anti-lockout in advanced settings".
It's an "enable to disable" kind of checkbox, so whatever way turn it, it's always a bit confusing I guess.
