Recent posts

#1
Hoje 16-07-2026,Tentei por 2 vezes atualizar o firewall e deu erro.
Como tenho instalado o Adguard (mimugmail), vou tentar mais uma vez apos desinstala-lo.
Na segunda tentativa de atualização em "Sistemas-Firmware-Pacotes" travei o pacote Adguard, mas o erro persistiu.
Apesar que pelas imagens a seguir, não acredito muito que seja este o problema, mas...
Alguem teve o mesmo erro na hora de atualizar?
#2
26.7 Series / Firewall rules: Pipes and queu...
Last post by gac - Today at 01:11:42 AM
I have some rules where I've set up the traffic shaper on the rule; one queue for outbound, one queue for reverse. Both are queues. Saving rules now shows an error saying that "Pipes and queues can not be combined".

#3
26.7 Series / Re: No link with Intel E810 on...
Last post by PoMpIs - Today at 12:43:26 AM
@pfry

Here you go:

sysctl dev.ice.0.ddp_version
dev.ice.0.ddp_version: ICE OS Default Package version 1.3.43.0, track id 0xc0000001

This is my card; I saw it a while ago for 157€ and bought it without thinking twice: 😀

https://es.aliexpress.com/item/1005006344562349.html?spm=a2g0o.order_list.order_list_main.15.bb2a194dELSfTX&gatewayAdapt=glo2esp
#4
26.7 Series / Re: No link with Intel E810 on...
Last post by pfry - Today at 12:29:47 AM
Hm. I updated my main machine (on a physically isolated subnet, so no captures) to NVM 5.01 and booted FreeBSD 14.2 (driver 1.43.2-k) and it seems to work fine. No odd messages. Loads DDP 1.3.41.0. Trying to parse Intel's Feature Support Matrix when using the OS driver is... well, guesswork. I've never had a problem with an up-version NVM, and Intel's FreeBSD driver (in the 31.2.1 package) is apparently version 2.1.8. I need to reinstall 15.1 on the thing, but it'll take some time.

PoMpls: What does "sysctl dev.ice.0.ddp_version" say?
#5
26.7 Series / No problems with os-caddy plug...
Last post by HiTekRedNek - Today at 12:16:47 AM
Upgraded this morning. My system has been stable all day with no issues!

Just wanted to add this so people can see that it does work!

I run caddy on opnsense, I have tailscale VPN running as well. I have been having absolutely ZERO issues since upgrading!
#6
26.7 Series / Re: No link with Intel E810 on...
Last post by PoMpIs - Today at 12:10:28 AM
Well, I've updated mine to the latest version. I've been testing it and it's still working fine, both at 10Gbps and 25Gbps.

dmesg | grep -i ice0
[1] ice0: <Intel(R) Ethernet Network Adapter E810-XXV-4 - 1.43.3-k> mem 0x382000000000-0x382001ffffff,0x382002000000-0x38200200ffff irq 21 at device 0.0 on pci5
[1] ice0: Loading the iflib ice driver
[1] ice0: The driver could not load the DDP package file because a compatible DDP package is already present on the device.  The device has package ICE OS Default Package version 1.3.43.0, track id 0xc0000001.  The ice_ddp module has package: ICE OS Default Package version 1.3.41.0.
[1] ice0: fw 8.0.2 api 1.7 nvm 5.01 etid 80021faa netlist 4.4.2000-1.18.0.bc358136 oem 1.4031.0
[1] ice0: Using 4 Tx and Rx queues
[1] ice0: Reserving 2 MSI-X interrupts for iRDMA
[1] ice0: Using MSI-X interrupts with 7 vectors
[1] ice0: Using 4096 TX descriptors and 4096 RX descriptors
[1] ice0: Ethernet address: 9c:69:b4:68:65:99
[1] ice0: ice_add_rss_cfg on VSI 0 could not configure every requested hash type
[1] ice0: PCI Express Bus: Speed 8.0GT/s Width x16
[1] ice0: pci_iov_attach failed (error=ENOENT)
[1] ice0: Firmware LLDP agent disabled
[1] ice0: link state changed to DOWN
[1] ice0: netmap queues/slots: TX 4/4096, RX 4/4096
[11] ice0: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
[11] ice0: link state changed to UP
[1423] ice0: link state changed to DOWN
[1434] ice0: Link is up, 25 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: True, Flow Control: None
[1434] ice0: link state changed to UP
[1434] ice0: Link is up, 25 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: True, Flow Control: None
#7
26.7 Series / Re: [Solved] Attempt to Upgrad...
Last post by sAnDs - July 16, 2026, 11:56:43 PM
Quote from: Patrick M. Hausen on July 16, 2026, 11:48:51 PMThis message refers to a port that is installed as an upstream dependency but not even used by the os-cpu-microcode-intel plugin. This is not the cause of your issue. And it will just go away, eventually.

What seems to be causing all sorts of boot time freezes is the early loading of the microcode updates. Franco and team are working on it.

Ah, good to know. I appreciate the insight. Thank you.
#8
Hardware and Performance / Re: Warning about RealTek adap...
Last post by JohnSchnee - July 16, 2026, 11:54:16 PM
Hi,

I don't want to argue, but from what I experienced with the Docks and the USB Ethernet, I would not say a 100% that its not the driver.

As I mentioned, the docks needed a full powercycle to revocer the LAN-Port. It went away with new drivers. I never had this kind of issue with PCIe Cards.

It may be worth to name your specific card vendor, to sort out that this specific vendor has some quality issues at a PCB Level.

Best example for this is with the Broadcom 5720 Card - look at the Parts Count of both PCBs, one is as double as expensive with the same Chipset as the other.

If the cheapo card had problems, then it would be likely due to omitting components and not the BCM-Chip beeing just a bad Chip.
#9
26.7 Series / Re: [Solved] Attempt to Upgrad...
Last post by Patrick M. Hausen - July 16, 2026, 11:48:51 PM
Quote from: sAnDs on July 16, 2026, 11:11:39 PM"This port is deprecated. Abandoned upstream, fails to identify anything remotely new according to upstream issue reports. It is scheduled to be removed on or after 2025-06-30."

This message refers to a port that is installed as an upstream dependency but not even used by the os-cpu-microcode-intel plugin. This is not the cause of your issue. And it will just go away, eventually.

What seems to be causing all sorts of boot time freezes is the early loading of the microcode updates. Franco and team are working on it.
#10
Tutorials and FAQs / Re: Tutorial 2024/06: HAProxy ...
Last post by meyergru - July 16, 2026, 11:42:49 PM
I second that. Different map file types should be mentioned in the tutorial.

I even use type "reg", because sometimes, I use HAproxy as a first-level reverse proxy for CG-NAT backends that are only reachable via IPv4.
I want to use that for *.domain.xyz (DOMAIN_dyndns), while keeping another local backend (DOMAIN_backend) for www.domain.xyz and domain.xyz.

This does not even work with map type "beg" and ".domain.xyz", because the first dot will be ignored. You have to use a regex map with a setup like:

(?i)^www\.domain\.xyz$            DOMAIN_backend
(?i)^.+\.domain\.xyz$             DOMAIN_dyndns
(?i)^domain\.xyz$                 DOMAIN_backend

Note the order, which is relevant for "reg" maps.