"Recent posts
#1
26.1, 26,4 Series / Re: Maltrails fail2ban doesn't...
Last post by Taomyn - Today at 08:53:26 AMI just revisited this plugin and I'm finding the same that the /fail2ban won't open and thus doesn't populate the firewall alias
#2
26.7 Development Series / Re: OPNsense 26.7-BETA images
Last post by patient0 - Today at 07:56:34 AMQuote from: newsense on June 26, 2026, 11:10:23 PM@patient0 Were you on using there the new FW rules or haven't migrated yet?
I had migrated the firewall rules some time ago, the VM is running latest devel since OPNsense 25.
But I just realized I have not migrated the outbound NAT rules yet. So these two (one for IPv4 and one for IPv6) were and still are in the legacy 'Outbound' section.
Addition: I just tried exporting the two Outbound NAT rules in the migration assistant and it did throw an error:
Quote{"errorMessage":"fputcsv(): the $escape parameter must be provided as its default value will change","errorTrace":"#0 [internal function]: {closure:/usr/local/opnsense/www/api.php:27}(8192, 'fputcsv(): the ...', '/usr/local/opns...', 198)\n#1 /usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php(198): fputcsv(Resource id #8, Array, ';')\n#2 /usr/local/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/MigrationController.php(79): OPNsense\\Base\\ApiControllerBase->exportCsv(Array)\n#3 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Dispatcher.php(166): OPNsense\\Firewall\\Api\\MigrationController->downloadOutboundAction()\n#4 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Router.php(156): OPNsense\\Mvc\\Dispatcher->dispatch(Object(OPNsense\\Mvc\\Request), Object(OPNsense\\Mvc\\Response), Object(OPNsense\\Mvc\\Session))\n#5 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Router.php(139): OPNsense\\Mvc\\Router->performRequest(Object(OPNsense\\Mvc\\Dispatcher))\n#6 /usr/local/opnsense/www/api.php(36): OPNsense\\Mvc\\Router->routeRequest('/api/firewall/m...', Array)\n#7 {main}"}
#3
Hardware and Performance / Re: latencyspikes of seconds ...
Last post by pfry - Today at 02:27:25 AMHuh. Stalling on interrupts (95%). Are you using Realtek Ethernets with the factory (not the plugin) driver? If so, try the plugin. If not, what Ethernet interfaces do you have?
#4
German - Deutsch / Re: Absoluter Anfänger hat Ver...
Last post by cola247 - Today at 12:55:19 AMUnter Aliase kann ich Dienstgruppen erstellen..
Hier brauche ich UDP und teilweise nur TCP an gewissen Ports..
Wenn ich so einen erstellten Alias anwenden will in den Regeln, muss ich zwischen Tcp/Udp oder nur tcp oder nur udp wählen...
Also muss ich eine Gruppe erstellen für UDP und eine für TCP oder Tcp/Udp.
Was ist das für ein umständlicher käse.
Bisher habe ich einzelne "Dienste" erstellt mit jeweiligen Port und Protokoll, und diese dann in eine Gruppe gesteckt (Zyxel).
Innerhalb der Gruppe wurde auf Port 1 nur udp, auf Port 2 tcp/Udp und beispielsweise auf port 3 nur tcp erlaubt.
Alles in einer einzigen Regel!
Statt wie hier in der Nerdwall umständlich durch 2 oder mehr aliase.
?!
Hier brauche ich UDP und teilweise nur TCP an gewissen Ports..
Wenn ich so einen erstellten Alias anwenden will in den Regeln, muss ich zwischen Tcp/Udp oder nur tcp oder nur udp wählen...
Also muss ich eine Gruppe erstellen für UDP und eine für TCP oder Tcp/Udp.
Was ist das für ein umständlicher käse.
Bisher habe ich einzelne "Dienste" erstellt mit jeweiligen Port und Protokoll, und diese dann in eine Gruppe gesteckt (Zyxel).
Innerhalb der Gruppe wurde auf Port 1 nur udp, auf Port 2 tcp/Udp und beispielsweise auf port 3 nur tcp erlaubt.
Alles in einer einzigen Regel!
Statt wie hier in der Nerdwall umständlich durch 2 oder mehr aliase.
?!
#5
Hardware and Performance / Re: latencyspikes of seconds ...
Last post by thelittleblackbird - Today at 12:42:34 AMhere you have it, in the attached file.
I tried to implement the tunnable described in the opnsense documentation about performance:
https://docs.opnsense.org/troubleshooting/performance.html
if you need something else just ask
thanks
I tried to implement the tunnable described in the opnsense documentation about performance:
https://docs.opnsense.org/troubleshooting/performance.html
if you need something else just ask
thanks
#6
Hardware and Performance / Re: latencyspikes of seconds ...
Last post by pfry - Today at 12:33:13 AMAn interrupt handler issue? I haven't seen one myself. Do you have any unusual sysctls (tuneables) configured?
Can you paste a "top" capture?
Can you paste a "top" capture?
#7
Tutorials and FAQs / Re: What to do and what to avo...
Last post by cookiemonster - Today at 12:33:11 AMClear, thank you all contributors.
#8
Zenarmor (Sensei) / Re: Cancelling my subscription...
Last post by cookiemonster - Today at 12:25:56 AMI don't have a paid subscription but I was at the start very willing to be helpful and was engaged with their support team to help them help me diagnose problems and in return they got to improve their product. It felt the fair tradeoff of being early user/tester for a free product. All as expected.
As time has gone by I am more and more disheartened with the trajectory so far taken, in that it feels now they've had our use, they can move to their paying market with a more mature product.
Again, not unexpected BUT as with the functionality gone that used to be free and the main one, multicore, exactly as you have clearly explained, has had me 1) wondering if it is still worth the machine's stress for what it gets 2) whether to stop using it.
It seems the balance against us is too uneven. The impression that they have taken without giving back to balance the scales a bit for us early testers is the more bitter one.
A similar thinking is growing with Crowdsec to be honest but this is not the place for this one.
So yes, same impressions, same fork in the road. No decision taken yet but feels close. I don't know yet what will replace it though.
As time has gone by I am more and more disheartened with the trajectory so far taken, in that it feels now they've had our use, they can move to their paying market with a more mature product.
Again, not unexpected BUT as with the functionality gone that used to be free and the main one, multicore, exactly as you have clearly explained, has had me 1) wondering if it is still worth the machine's stress for what it gets 2) whether to stop using it.
It seems the balance against us is too uneven. The impression that they have taken without giving back to balance the scales a bit for us early testers is the more bitter one.
A similar thinking is growing with Crowdsec to be honest but this is not the place for this one.
So yes, same impressions, same fork in the road. No decision taken yet but feels close. I don't know yet what will replace it though.
#9
26.7 Development Series / Re: OPNsense 26.7-BETA images
Last post by newsense - June 26, 2026, 11:10:23 PM@patient0 Were you on using there the new FW rules or haven't migrated yet?
#10
German - Deutsch / Re: Absoluter Anfänger hat Ver...
Last post by cola247 - June 26, 2026, 10:53:13 PMFrüher oder später komme ich an mein Ziel, ob mit oder ohne euch. 8-D
