"Recent posts
#1
26.1, 26,4 Series / Re: This makes me want to cry!...
Last post by roohoo - Today at 11:12:58 PMAs requested
#2
General Discussion / Re: Flashing OPNSense .img.bz2
Last post by Ze_Mind - Today at 10:50:11 PMYes, I have done that "bzip2 -d" command. Again, it just hangs.
#3
General Discussion / Re: Flashing OPNSense .img.bz2
Last post by Patrick M. Hausen - Today at 10:15:43 PMHave you tried doing a "bzip2 -d" first?
#4
General Discussion / Flashing OPNSense .img.bz2
Last post by Ze_Mind - Today at 09:35:37 PMI don't know where this goes. move if needed.
When I flash this with Etcher, it gives me an error.
When I go to extract the img.bz2 file, all it does is hang. Not making it past 20%.
There something wrong with your files, or is it just me? I tried this on Debian as well on Mint. So it's not OS dependent.
Running Debian Testing KDE Plasna.
When I flash this with Etcher, it gives me an error.
Code Select
Something went wrong. If it is a compressed Image, please check that the archive is not corrupted. Error starting flasher sidecar process.When I go to extract the img.bz2 file, all it does is hang. Not making it past 20%.
There something wrong with your files, or is it just me? I tried this on Debian as well on Mint. So it's not OS dependent.
Running Debian Testing KDE Plasna.
#5
26.1, 26,4 Series / Re: This makes me want to cry!...
Last post by Patrick M. Hausen - Today at 09:11:07 PMCan you show Interfaces: Overview, please?
#6
General Discussion / Unbound fails after reboot fro...
Last post by kernelhappy - Today at 08:41:11 PMI hit this yesterday, I'm new to opnsense so it cost me about an hour of network downtime while debugging, I'm posting it here in case someone else gets stuck.
I filed a GitHub bug report with data and logs here https://github.com/opnsense/core/issues/10170
I'm guessing it's probably a small, contained change if someone is looking for a quick kill, but I do not know the codebase.
TL;DR: A host override with a trailing dot in the Host field (e.g. "myhost.") plus domain "lan" ends up as "myhost..lan" in unbound.conf. Unbound refuses to start — "Empty label" / "Could not set up local zones". It's easy to trigger via the "+" shortcut next to a DHCP lease and it appears some clients report hostnames with a trailing dot (valid FQDN notation). OPNsense saves it as-is.
The nasty part is it doesn't fail at save time, but it does fail on the next reboot. So an unattended/unintended reboot will leave you (or everyone else on the network if you're not present) without DNS.
Workaround for anyone stuck right now:
It looks like this may be related to #3944 (whitespace), #5550 (special chars), and #5804 (DHCP/override conflicts) — all seem to involve hostname sanitization.
I filed a GitHub bug report with data and logs here https://github.com/opnsense/core/issues/10170
I'm guessing it's probably a small, contained change if someone is looking for a quick kill, but I do not know the codebase.
TL;DR: A host override with a trailing dot in the Host field (e.g. "myhost.") plus domain "lan" ends up as "myhost..lan" in unbound.conf. Unbound refuses to start — "Empty label" / "Could not set up local zones". It's easy to trigger via the "+" shortcut next to a DHCP lease and it appears some clients report hostnames with a trailing dot (valid FQDN notation). OPNsense saves it as-is.
The nasty part is it doesn't fail at save time, but it does fail on the next reboot. So an unattended/unintended reboot will leave you (or everyone else on the network if you're not present) without DNS.
Workaround for anyone stuck right now:
- Option 8 from the console to get a shell (or ssh in if enabled)
- /usr/local/sbin/unbound-checkconf /var/unbound/unbound.conf — tells you which entry is bad
- Services → Unbound DNS → Overrides → Host Overrides → strip the trailing dot, Apply
- configctl unbound reconfigure && service unbound onestart
It looks like this may be related to #3944 (whitespace), #5550 (special chars), and #5804 (DHCP/override conflicts) — all seem to involve hostname sanitization.
#7
26.1, 26,4 Series / Re: Suricata - Divert (IPS)
Last post by Mario_Rossi - Today at 08:25:09 PMI did some research and testing on my installation.
I posted the results in this thread on my forum: https://hwtweakers.net/forum/viewtopic.php?t=48471
I know, it's in Italian, but I know that with Google Translate, it shouldn't be a problem anymore.
If it could be useful to the community, you could copy/translate/paste and integrate the official guides.
It's not exactly a super detailed guide from scratch, and I've overlooked several steps, but it should still be helpful.
I posted the results in this thread on my forum: https://hwtweakers.net/forum/viewtopic.php?t=48471
I know, it's in Italian, but I know that with Google Translate, it shouldn't be a problem anymore.
If it could be useful to the community, you could copy/translate/paste and integrate the official guides.
It's not exactly a super detailed guide from scratch, and I've overlooked several steps, but it should still be helpful.
#8
Russian - Русский / Re: os-amneziawg — плагин Amne...
Last post by Dmitry - Today at 07:58:39 PMТакая же история, к сожалению:
[WARN] Failed to install amnezia-tools via pkg.
Try manually: pkg add <URL from pkg.freebsd.org>
[OK] Temporary FreeBSD repo config removed
[WARN] One or more binaries/modules are still missing.
[WARN] Plugin will be installed but AmneziaWG will NOT start.
[WARN] Failed to install amnezia-tools via pkg.
Try manually: pkg add <URL from pkg.freebsd.org>
[OK] Temporary FreeBSD repo config removed
[WARN] One or more binaries/modules are still missing.
[WARN] Plugin will be installed but AmneziaWG will NOT start.
#9
25.7, 25.10 Legacy Series / Question on Reports
Last post by samr - Today at 07:36:25 PMCurrently one of my hosts is downloading a file at about 1.37kpbs and I see the "in" traffic rate in my "Common" interface. However, on the WAN interface, I see almost the same traffic rate on the "out". There is nothing else going on in my network at this time and I would expect the "in" on both my "Common" and "WAN" to interfaces to match. Am I misunderstanding the "in" and "out" on the interfaces as far as the traffic speed in the Reporting section?
#10
26.1, 26,4 Series / Re: This makes me want to cry!...
Last post by roohoo - Today at 06:49:10 PMThis is what my WebGUI looks like...
