"Recent posts
#1
26.1, 26,4 Series / Re: 26.1.8 breaks Firewall Rul...
Last post by Patrick M. Hausen - Today at 06:32:22 PMYes, the interface views show all floating rules applied to that particular interface, now. A good move, IMHO.
#2
General Discussion / Re: Using eSIMs with OPNsense ...
Last post by nero355 - Today at 06:24:59 PMQuote from: Greg_E on November 11, 2025, 10:12:12 PMYou've just created a few questions...I think the other two posts in this topic are just pure SPAM to be honest, but let's see if someone will ever answer your questions because I am also curious about the hardware part when not using regular SIM cards and usually some kind of USB Modem as the hardware part...
How are you using the eSIM? Did you install a modem in the computer or do you have a computer that was already eSIM ready?
Internal or external antenae?
I'm thinking I need to pitch for a cellular connection at work for when the primary gets slow or down, with cloud this and cloud that, you need to be connected to use these features. Adding something like a cellular data modem into my firewall might be a good solution and multi-WAN between wired and cell connections.
#3
Hardware and Performance / Re: TOPTON Mini PC Running OPN...
Last post by nero355 - Today at 06:17:21 PMQuote from: Nullman on Today at 06:01:30 PMAhh damnit... used the wrong link...Quote from: nero355 on Today at 05:49:45 PMIn that case something like this : https://www.igorslab.de/en/thermal-grizzly-phase-sheet-ptm-test-how-good-is-the-honeywell-alternative-really-in-reality/ :)Its seem like you dont know the difference between thermal sheet and thermal pad.
The Honeywell brand has the right one!
/JokeFail... My Bad! :P
#4
Virtual private networks / Re: Always On VPN (Wireguard) ...
Last post by foss-johnny - Today at 06:16:36 PMI turned on my debug logs for the WG instance and I can see the following message when the peer connects.
wg1: Packet has unallowed src IP from peer 1
My Opnsense instance is 172.16.0.1/24
My Opnsense peer for the mobile allowed IP is set to 172.16.0.101/32
My peer side config allowed IP is set to 0.0.0.0/0
I have a firewall rule from the 172.16.0.0/24 network to an internal server. I can ping it and connect to it fine from the mobile peer.
Packet capture on the WAN interface shows the wireguard connection.
I have an interface assigned to WG.
The peer connects fine and passes traffic when connected to 5G connection.
Why would this message show in the debug?
wg1: Packet has unallowed src IP from peer 1
My Opnsense instance is 172.16.0.1/24
My Opnsense peer for the mobile allowed IP is set to 172.16.0.101/32
My peer side config allowed IP is set to 0.0.0.0/0
I have a firewall rule from the 172.16.0.0/24 network to an internal server. I can ping it and connect to it fine from the mobile peer.
Packet capture on the WAN interface shows the wireguard connection.
I have an interface assigned to WG.
The peer connects fine and passes traffic when connected to 5G connection.
Why would this message show in the debug?
#5
25.7, 25.10 Legacy Series / Re: Geoblocking, IP not block...
Last post by IPinfo - Today at 06:08:45 PMHi,
I work for IPinfo. Why do you think, "101.47.29.67" is located in China?
Please check: https://ipinfo.io/101.47.29.67
https://ipinfo.io/probenet/live/101.47.29.67?type=ping®ions=&countries=SG
You can verify the location yourself using our ProbeNet tool that the IP address is located in Singapore. My hunch says it's probably in an Equinix data center. I can give you the exact data center location if you want. We have several servers in the same data center where this IP address is located. We have less than 2 ms RTT to verify the data center locations. Based on active measurement, we are confident about our reporting.
— Abdullah | DevRel, IPinfo
I work for IPinfo. Why do you think, "101.47.29.67" is located in China?
Please check: https://ipinfo.io/101.47.29.67
https://ipinfo.io/probenet/live/101.47.29.67?type=ping®ions=&countries=SG
You can verify the location yourself using our ProbeNet tool that the IP address is located in Singapore. My hunch says it's probably in an Equinix data center. I can give you the exact data center location if you want. We have several servers in the same data center where this IP address is located. We have less than 2 ms RTT to verify the data center locations. Based on active measurement, we are confident about our reporting.
— Abdullah | DevRel, IPinfo
#6
German - Deutsch / Re: MTU richtig setzen
Last post by meyergru - Today at 06:04:58 PM...und so, wie es aussieht, ist das bei Telekom-DSL-Infrastruktur nicht der Fall, was im verlinkten Artikel auch deutlich steht:
Disclaimer: "Mini" jumbo frames do not work with german Telekom and their reseller ISPs, so the best you can get is a 1492 byte MTU.
Disclaimer: "Mini" jumbo frames do not work with german Telekom and their reseller ISPs, so the best you can get is a 1492 byte MTU.
#7
Hardware and Performance / Re: TOPTON Mini PC Running OPN...
Last post by Nullman - Today at 06:01:30 PMQuote from: nero355 on Today at 05:49:45 PMIn that case something like this : https://www.igorslab.de/en/thermal-grizzly-phase-sheet-ptm-test-how-good-is-the-honeywell-alternative-really-in-reality/ :)
Its seem like you dont know the difference between thermal sheet and thermal pad.
#8
Hardware and Performance / Re: TOPTON Mini PC Running OPN...
Last post by nero355 - Today at 05:49:45 PMQuote from: Nullman on Today at 08:18:32 AMThank you my friend.Any time! :)
QuoteBut as you probably dont know, high end mini pcs are using thermal pads instead of thermal paste. Thats a permanent solution.In that case something like this : https://www.igorslab.de/en/thermal-grizzly-phase-sheet-ptm-test-how-good-is-the-honeywell-alternative-really-in-reality/ :)
#9
26.1, 26,4 Series / Re: 26.1.8 breaks Firewall Rul...
Last post by IsaacFL - Today at 05:39:11 PMMy filtered Rules (ie WAN, LAN, etc) now always shows the Floating rules also. Is this on purpose or a bug? The group rules only show with inspect button so not consistent?
I prefer to be able to focus on the interface rules I am working on and then check via inspect for Float, and Group rules.
I have the latest OPNsense 26.1.8_5-amd64
I prefer to be able to focus on the interface rules I am working on and then check via inspect for Float, and Group rules.
I have the latest OPNsense 26.1.8_5-amd64
#10
Tutorials and FAQs / Re: HOWTO - Redirect all DNS R...
Last post by colourcode - Today at 05:09:05 PMQuote from: yourfriendarmando on March 30, 2026, 09:50:46 PMI have it in an alias full of ports clients have no business accessing.
Mind sharing? Looking to expand :-)
