Recent posts

#1
26.1, 26,4 Series / Re: High Memory Usage After OP...
Last post by elvinmammadov - Today at 04:03:16 PM
Thank you for your reply.

This system is running OPNsense. I disabled "HostWatch," which reduced RAM usage from approximately 90% to 78%. However, memory usage was previously only around 20–30%.

The attached top output shows that the suricata process is using about 5.8 GB of resident memory, so it appears to be the main contributor to the high RAM usage.

Could you please advise what may be causing this and how I can reduce the memory consumption?
#2
26.7 Series / Re: os-nginx configuration pag...
Last post by muchacha_grande - Today at 03:55:27 PM
This window (Edit Security Header) has folder tabs.
I've been navigating through every menu and edit window and didn't find other edit window that has folder tabs inside.
#3
26.7 Series / Re: Firewall rules: Pipes and ...
Last post by gac - Today at 03:53:41 PM
I threw it on Pastebin, probably easier to read https://pastebin.com/DjGTf8rv
#4
26.7 Series / Re: [Solved] Attempt to Upgrad...
Last post by franco - Today at 03:48:13 PM
Quote from: Patrick M. Hausen on Today at 01:46:54 PMAn experimental microcode update package for OPNsense 26.7 will be published soon and I will open a new forum thread with a call for testers. A bit of patience, please.

# pkg add -f https://pkg.opnsense.org/FreeBSD:15:amd64/snapshots/misc/os-cpu-microcode-amd-devel-1.1_1.pkg

or

# pkg add -f https://pkg.opnsense.org/FreeBSD:15:amd64/snapshots/misc/os-cpu-microcode-intel-devel-1.1_1.pkg

These will not do very early loading and let init boot for a bit, but in the grand scheme of things it's still a relative early loading WRT OPNsense boot sequence.

I don't know if you need to install the dependencies via pkg install first, but there is a storm here and I need to run for now.


Cheers,
Franco
#5
Tutorials and FAQs / Re: OPNsense aarch64 firmware ...
Last post by franco - Today at 03:40:48 PM
Nice, works like a charm <3
#6
General Discussion / Re: Periodic NIC issues (?) wi...
Last post by franco - Today at 03:27:23 PM
Not until we know what's going on.
#7
Quote from: muchacha_grande on July 16, 2026, 10:59:06 PMI've found another problem with Nginx pages. I can't access HTTP(S)->Security Headers.
I created an issue at https://github.com/opnsense/core/issues/10546#issue-4903753570

@Timeraider, @Stinky-Packets, can you confirm if you have access to this page. The Edit Security Header page only shows empty tabs.

I can access HTTP(S) > Security Headers but clicking the "Add" button just shows a row of empty, clickable tabs.
#8
26.7 Series / OpenSense Firewall Rule with D...
Last post by chrisq - Today at 03:15:17 PM
I'm not sure if this is with the latest version or a Suricata update.

I am using pass rules with divert to, in the previous version it would pass.

I ended up taking removing Suricate Divert To -> Intrusion Detection as when this was enabled on the latest update I see a Pass in the firewall rule log and then a block for the same traffic on the same rule.

This was for a connection that was nat'd from port 122 to a destination port 22, the WAN allow rule to 22 with an allow the traffic to the host. Disabling divert to fixed the issue but really want this to work as previously.

#9
26.7 Series / Re: Firewall rules: Pipes and ...
Last post by franco - Today at 02:58:46 PM
Yeah, just a hunch.  Mind sharing this with me? Email or PM is also ok:

# pluginctl -g OPNsense.TrafficShaper


Cheers,
Franco
#10
26.7 Series / Re: Firewall rules: Pipes and ...
Last post by gac - Today at 02:44:08 PM
I have....

Pipes: Upload, Download
Queues: Upload-Queue, Download-Queue, LowPrio-In-Queue, LowPrio-Out-Queue, HighPrioUp-Queue
Rules: Upload-Rule, Download-Rule

So I don't see anything that would overlap, and as you say these are descriptions rather than names so I assumed that behind the scenes they were referred to by some abstracted UUID in the config since they're not guaranteed to be unique.