Recent posts

#81
25.7, 25.10 Series / Re: Adding a VLAN takes 26 cli...
Last post by franco - November 19, 2025, 09:28:24 PM
Basically what people are asking for is a setup wizard. We'll be extending the existing wizard with a few use-case type presets in 26.1 but nothing that resembles a non-first-time setup yet.

If this is viable then we can talk about extending this idea based on the new wizard structure, but you still need all the old pages if you ever want to go back and edit a specific parameter.


Cheers,
Franco
#82
25.7, 25.10 Series / Re: Feature Requst: KEA DHCPv6...
Last post by franco - November 19, 2025, 09:22:13 PM
I think so too. Since WAN is still dynamic in your case you may not get the IPv6 properly from the ISP which causes this instability intermittently.


Cheers,
Franco
#83
Q-Feeds (Threat intelligence) / Re: NEW FEATURE: Dark Web Moni...
Last post by Q-Feeds - November 19, 2025, 08:48:03 PM
Quote from: Seimus on November 19, 2025, 08:43:30 PMSmall BUG report,

- When you expand the Advanced Options menu, you cant anymore shrink it
- In table view mode, the HASH can not be shown (eye icon doesn't work)

And a small Q,
QuoteAdditional assets (other emails, passwords, hashes, IPs, domains, etc.) can be added here and require administrator approval before they can be used in searches

By admin this is meant by Q-feeds?

Regards,
S.

Thanks will fix them asap! And yes by Admin we mean Q-Feeds but I understand we might improve that wording as well ;-)
#84
25.7, 25.10 Series / Re: Feature Requst: KEA DHCPv6...
Last post by Ed V. - November 19, 2025, 08:47:16 PM
I completely re-created the FR as Feature Request: Kea DHCP: Enable shared networks for DHCPv4 and DHCPv6, a sanity check would be appreciated if time permits...
#85
Q-Feeds (Threat intelligence) / Re: NEW FEATURE: Dark Web Moni...
Last post by Seimus - November 19, 2025, 08:43:30 PM
Small BUG report,

- When you expand the Advanced Options menu, you cant anymore shrink it
- In table view mode, the HASH can not be shown (eye icon doesn't work)

And a small Q,
QuoteAdditional assets (other emails, passwords, hashes, IPs, domains, etc.) can be added here and require administrator approval before they can be used in searches

By admin this is meant by Q-feeds?

Regards,
S.
#86
25.7, 25.10 Series / Re: memory leak?
Last post by frstrtr - November 19, 2025, 08:36:33 PM
I have similar behaviour
- Proxmox:  Memory usage 71.37% (11.42 GiB of 16.00 GiB) and increasing
- OPNsense lobby: 2.22% (362/16339)
#87
General Discussion / Re: does anyone currently have...
Last post by DEC670airp414user - November 19, 2025, 07:42:04 PM
sadly i do not work from home.

i guess i will find out the hardway.    within the first part of December.   i would rather not switch firewalls if i do not have too
#88
German - Deutsch / Re: Opnsense DNS Warum funktio...
Last post by bamf - November 19, 2025, 07:39:06 PM
Quote from: The_Master on November 05, 2025, 03:50:12 PMWoher der DNS Suffix kommt "local" erschließt sich mir nicht. Habe das nirgends eingetragen.

.local ist mDNS https://de.wikipedia.org/wiki/Zeroconf#Multicast_DNS

Offiziell vorgesehen für Heimnetze ist .home.arpa; .internal kommt neu dazu und ist in der Standardeinstellung noch keine local-zone in Unbound.
#89
25.7, 25.10 Series / Re: IPv6 on a routed network
Last post by nhendriks - November 19, 2025, 07:36:01 PM
Ah fair enough. Not quite sure what to do though, guess I'm a bit out of my league here.

My /etc/network/interfaces file looks like this but I still can't ping from the OPNsense VM itself :(. As expected I can ping VM's from OPNsense and I can ping OPNsense from my VM's (both LAN and WAN interface addresses). Going out of the network isn't working and I have no clue why.
auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

iface eno2 inet manual

iface eno3 inet manual

iface eno4 inet manual
#iDRAC - DO NOT USE

auto vmbr0
iface vmbr0 inet static
        address $someIPv4-address
        gateway $someIPv4-address
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
        post-up sysctl net.ipv6.conf.all.forwarding=1
        post-up ip route add $someIPv4-address dev vmbr0
        post-up ip route add $someIPv4-address dev vmbr0
#        post-up /user/sbin/ip route add 2a02:898:331::1/128 via 2a02:898::331:1/128 dev vmbr0
        post-up /usr/sbin/ip route add 2a02:898:331::/48 dev vmbr0
        pre-down ip route add $someIPv4-address dev vmbr0
        pre-down ip route add $someIPv4-address dev vmbr0
        pre-down /usr/sbin/ip route add 2a02:898:331::/48 dev vmbr0
#WAN

iface vmbr0 inet6 static
        address 2a02:898::331:1/64
        gateway 2a02:898:0:00::1

iface idrac inet manual

auto vmbr1
iface vmbr1 inet manual
        bridge-ports eno2
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094
        post-up /user/sbin/ip route add 2a02:898:331:1::/64 via 2a02:898:331::1/64 dev vmbr1
#LAN
#90
25.7, 25.10 Series / Certificate Cleanup - Legacy O...
Last post by ThyOnlySandman - November 19, 2025, 07:05:14 PM
Attempting to clean up (delete) old Sub CA cert and it's issued certs.
The cert won't delete because its in use by legacy OpenVPN which has since been removed from WebUI.
So apparently the legacy OpenVPN configuration has remained.  When I switched long time ago I believe I had just disabled the legacy OpenVPN servers.

Does this now require some manual edits of XML config and import?
What's simplest way to purge legacy OpenVPN config to free up certs for deletion?