"Recent posts
#81
25.7, 25.10 Series / Re: The new configuration clea...
Last post by franco - December 01, 2025, 04:24:35 PMIn theory we could remove empty parent notes if we know we had contents in there, but it is a bit of guesswork.
This happens when a specific plugin has multiple models populating a child node for each model but the shared parent node is never directly referenced.
In practice this doesn't matter operationally. It's just the XML that looks a little less clean than it could be, but again this is only 1-2 lines in the file.
Cheers,
Franco
This happens when a specific plugin has multiple models populating a child node for each model but the shared parent node is never directly referenced.
In practice this doesn't matter operationally. It's just the XML that looks a little less clean than it could be, but again this is only 1-2 lines in the file.
Cheers,
Franco
#82
25.7, 25.10 Series / Re: (Solved?) Freeradius - can...
Last post by franco - December 01, 2025, 04:21:39 PMLooks like a bot reply? There was one the other day on Twitter that claimed VPN was broken in the latest update, but it wouldn't actually tell which VPN. Likewise here I see a lot of text and "debugging" but no mention of "radius" in a FreeRADIUS thread. ;)
Cheers,
Franco
Cheers,
Franco
#83
General Discussion / Re: Is public-dns.info still a...
Last post by meyergru - December 01, 2025, 04:09:48 PMO.K., so you need AG Home on top. The column "Should be used for" for the lists suggests Unbound and OpnSense, but I fail to see how that works.
And that may also be circumvented by using the IP on itself, since AG Home is never asked.
P.S.: There is a "near-native" approach in Unbound's blocklists, but it uses the wildcard domains only. You do not even have to know the URL. The blocklist type has to be set to "[hagezi] DoH/VPN/TOR/Proxy Bypass", see https://github.com/opnsense/core/issues/8224 - however, it is not the RPZ type list that is being used, just the wildcard domains.
And that may also be circumvented by using the IP on itself, since AG Home is never asked.
P.S.: There is a "near-native" approach in Unbound's blocklists, but it uses the wildcard domains only. You do not even have to know the URL. The blocklist type has to be set to "[hagezi] DoH/VPN/TOR/Proxy Bypass", see https://github.com/opnsense/core/issues/8224 - however, it is not the RPZ type list that is being used, just the wildcard domains.
#84
German - Deutsch / Re: Verständnisfrage zu Portfo...
Last post by meyergru - December 01, 2025, 04:08:12 PMMit einem vServer wird das wohl eher schwierig... Virtualisierung per Proxmox auf einem Virtualisierungshost? Ich meinte schon einen echten Root-Server.
#85
German - Deutsch / Re: Verständnisfrage zu Portfo...
Last post by osmom - December 01, 2025, 04:03:52 PMHallo Awado,
der letzte Vorschlag von Mergu mit einem neuen vServer ist wohl besser als die vorhandene Installation auszudünnen. Vor allem kannst du zuerst mit dem Billgsten vServer bei Hetzner starten und dann nach Bedarf upgraden.
der letzte Vorschlag von Mergu mit einem neuen vServer ist wohl besser als die vorhandene Installation auszudünnen. Vor allem kannst du zuerst mit dem Billgsten vServer bei Hetzner starten und dann nach Bedarf upgraden.
#86
Virtual private networks / Re: OPNsense as OpenVPN Server...
Last post by ita.tc - December 01, 2025, 03:56:52 PMHi viragomann,
thanks for your response. I don't know how I missed including that information in my original post. I can't even get a connection, it always ends in a time out. Sadly I locked myself out of the device (as mentioned) and the current client log I have only reflects that complete unavailability.
Should this setup even work in theory? I suspect some kind of NAT issue but I'm absolutely not sure.
thanks for your response. I don't know how I missed including that information in my original post. I can't even get a connection, it always ends in a time out. Sadly I locked myself out of the device (as mentioned) and the current client log I have only reflects that complete unavailability.
Should this setup even work in theory? I suspect some kind of NAT issue but I'm absolutely not sure.
#87
General Discussion / Re: Problems with NRPE
Last post by Patrick M. Hausen - December 01, 2025, 03:56:44 PMIn the OP no command named "bfd_state" is defined in the configuration. That's why "check_users" works but "bfd_state" doesn't.
#88
General Discussion / Re: Problems with NRPE
Last post by michaelsage - December 01, 2025, 03:52:28 PMDid you manage to fix this? In the lastest version of OPNSense I am having the same issue with one plugin (check_procs) it executes fine locally, but when I try and run it over NRPE from my Nagios server, I get unable to read output.
Thanks
Thanks
#89
German - Deutsch / Re: Frage bzgl. Unmanaged Swit...
Last post by osmom - December 01, 2025, 03:42:11 PMAus deiner Beschreibung ist mir der Sinn des 3 Switches nicht ganz klar. Du kannst doch über den neuen Kabelkanal 2 Leitungen zwischen Opensense und deinem bestehenden Switch legen.
Da dein Powerline laut deiner Beschreibung nach schwach ist, besprich doch mit deinem Hauselektriker ob der Einbau eines Pasekopplers nicht die bessere Investition wäre. z.B. https://shop.allnet.de/ALLNET-ALL16881-Powerline-Phasenkoppler-Signalbruecke-3-Pha/112411
Da dein Powerline laut deiner Beschreibung nach schwach ist, besprich doch mit deinem Hauselektriker ob der Einbau eines Pasekopplers nicht die bessere Investition wäre. z.B. https://shop.allnet.de/ALLNET-ALL16881-Powerline-Phasenkoppler-Signalbruecke-3-Pha/112411
#90
25.7, 25.10 Series / Re: "The release type "opnsens...
Last post by Maurice - December 01, 2025, 03:35:57 PMQuote from: LGDL on November 30, 2025, 07:54:37 PMJust not sure why this update would not be included in the installer.
The installer images get updated twice a year and don't contain any changes made since the last major release. That's a little different to other software where you can typically download an installer for the latest version.
If you need to install the latest version directly, you'd have to build your own image (or use opnsense-bootstrap).
Cheers
Maurice
