"Recent posts
#81
26.1 Series / Re: RTSP proxy does not work a...
Last post by JGeek00 - January 30, 2026, 11:57:43 PMIt's not. It was originally developed by someone else but I ended up taking that code, applying some fixes and installing manually on my machine. It has been doing its job since then. After upgrading from 25.7.11 to 26.1 it still worked in terms of not crashing, but it wasn't doing it's job because it can no longer capture the requests that the tv box sends to the RTSP server. I never submitted the plugin to the plugins repo because I think the code quality is not good enough to be used by someone else (I'm not a python dev, I fixed it just enough for it to work), but it was doing its job for me. I started using it with OPNsense 24 and it never failed or crashed. And as far I know there's no "compatibility mode" for the firewall on 26.1 that would allow me to continue using the plugin. Also on that plugins list I see that igmp-proxy is no longer maintained (I also use it). I'm a bit concerned that some future update will include a breaking change that will cause also igmp-proxy to stop working.
#82
25.7, 25.10 Series / Re: Dnsmasq stops occasionaly
Last post by ligand - January 30, 2026, 11:57:24 PMYup. I restarted dnsmasq after the update.
#83
26.1 Series / Re: 26.1 is out!!!
Last post by nero355 - January 30, 2026, 11:32:49 PMQuote from: OPNenthu on January 30, 2026, 05:42:54 PMUPDATE: to close the loop, I was able to bring the bridge interface down with 'nmcli conn down br0', but the inverse 'nmcli conn up br0' returned success and never actually brought it up.There are a couple more nmcli options I see mentioned in the man page : Maybe try those too ?
I followed up with 'nmcli device up br0' and this timed out (failed).
I then used the GUI toggle switch for the parent interface (which was already up in 'ip a' but showed as down in the GUI) and it brought it back up.
However the same toggle switch does not bring the br0 interface down :P
So it's quite an inconsistent mess. Probably either a Mint / Ubuntu bug, or my configuration is just too complex or I set it up incorrectly.
Another option is nmtui which might help.
And if you are in for an adventure you could try configuring networking via SystemD and remove NetworkManager completely like I did last year :)
#84
26.1 Series / Re: OpnSense 25.7.11_9 upgrade...
Last post by franco - January 30, 2026, 11:21:36 PMQuoteFetching pkg-2.3.1_1: .......... done
pkg-2.5.1: already unlocked
Checking integrity... done (0 conflicting)
Nothing to do.
Is that a new upstream bug? It should reinstall here and our version does:
QuoteNo packages are required to be fetched.
Integrity check was successful.
pkg-2.3.1_1: already unlocked
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be REINSTALLED:
pkg-2.3.1_1
Number of packages to be reinstalled: 1
[1/1] Reinstalling pkg-2.3.1_1...
[1/1] Extracting pkg-2.3.1_1: .......... done
Checking integrity... done (0 conflicting)
Anyway I'm glad you could solve it. Upgrading with the wrong pkg version might have been devastating.
Cheers,
Franco
#85
26.1 Series / Re: MiniUPNPD
Last post by franco - January 30, 2026, 11:18:37 PMI think I found it. Looks like a feature removal gone wrong:
# opnsense-patch https://github.com/opnsense/core/commit/311184daa8
# /usr/local/etc/rc.filter_configure
It should bring back the required anchors.
Cheers,
Franco
# opnsense-patch https://github.com/opnsense/core/commit/311184daa8
# /usr/local/etc/rc.filter_configure
It should bring back the required anchors.
Cheers,
Franco
#86
26.1 Series / [solved] Re: OpnSense 25.7.11_...
Last post by Noci - January 30, 2026, 10:46:38 PMThat worked out:
Type opnsense
Version 26.1_4
Architecture amd64
Commit 889098cfa
Mirror https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Repositories OPNsense (Priority: 11)
Updated on Fri Jan 30 22:40:46 CET 2026
Checked on N/A
Type opnsense
Version 26.1_4
Architecture amd64
Commit 889098cfa
Mirror https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Repositories OPNsense (Priority: 11)
Updated on Fri Jan 30 22:40:46 CET 2026
Checked on N/A
#87
German - Deutsch / Divert IPS
Last post by juergen2025 - January 30, 2026, 10:36:36 PMHallo zusammen,
ich beschäftige mich aktuell mit Suricata/IPS unter OPNsense 26.x und bin dabei über die Dokumentation zu Divert (IPS) in Kombination mit Rules [new] gestolpert.
Mir ist klar, dass es zwei Ansätze gibt: Netmap (IPS) als klassisches, globales IPS ohne zusätzliche Firewall-Regeln und Divert (IPS) mit selektiver Inspektion über ,,Divert-to"-Regeln.
Aktuell nutze ich weiterhin Netmap (IPS), da es für mein Setup stabil und unkompliziert funktioniert. Divert (IPS) wirkt auf mich dagegen deutlich komplexer. Ich bin in dem Thema kein Profi und würde daher gerne wissen, ob Divert primär für sehr granulare, regelbasierte Inspektion gedacht ist oder ob es darüber hinaus konzeptionelle Vorteile gegenüber Netmap gibt? Außerdem interessiert mich, ob Divert als neuer empfohlener Weg gilt oder eher eine Advanced-/Speziallösung ist?
Vielen Dank vorab für eure Einschätzungen!
ich beschäftige mich aktuell mit Suricata/IPS unter OPNsense 26.x und bin dabei über die Dokumentation zu Divert (IPS) in Kombination mit Rules [new] gestolpert.
Mir ist klar, dass es zwei Ansätze gibt: Netmap (IPS) als klassisches, globales IPS ohne zusätzliche Firewall-Regeln und Divert (IPS) mit selektiver Inspektion über ,,Divert-to"-Regeln.
Aktuell nutze ich weiterhin Netmap (IPS), da es für mein Setup stabil und unkompliziert funktioniert. Divert (IPS) wirkt auf mich dagegen deutlich komplexer. Ich bin in dem Thema kein Profi und würde daher gerne wissen, ob Divert primär für sehr granulare, regelbasierte Inspektion gedacht ist oder ob es darüber hinaus konzeptionelle Vorteile gegenüber Netmap gibt? Außerdem interessiert mich, ob Divert als neuer empfohlener Weg gilt oder eher eine Advanced-/Speziallösung ist?
Vielen Dank vorab für eure Einschätzungen!
#88
26.1 Series / Re: OpnSense 25.7.11_9 upgrade...
Last post by Noci - January 30, 2026, 10:18:40 PMReinstall didnt work So now i try:
# pkg install --force pkg-2.3.1_1
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be DOWNGRADED:
pkg: 2.5.1 -> 2.3.1_1
Number of packages to be downgraded: 1
The process will require 2 MiB more space.
Proceed with this action? [y/N]: y
[1/1] Downgrading pkg from 2.5.1 to 2.3.1_1...
[1/1] Extracting pkg-2.3.1_1: 100%
# pkg install --force pkg-2.3.1_1
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be DOWNGRADED:
pkg: 2.5.1 -> 2.3.1_1
Number of packages to be downgraded: 1
The process will require 2 MiB more space.
Proceed with this action? [y/N]: y
[1/1] Downgrading pkg from 2.5.1 to 2.3.1_1...
[1/1] Extracting pkg-2.3.1_1: 100%
#89
German - Deutsch / Re: VLAN und Rules
Last post by meyergru - January 30, 2026, 10:16:57 PMSiehe https://forum.opnsense.org/index.php?topic=42985.0, Punkt 3.
#90
26.1 Series / Re: OpnSense 25.7.11_9 upgrade...
Last post by Noci - January 30, 2026, 10:16:54 PMIt took a little bit longer.
***GOT REQUEST TO UPGRADE***
Currently running OPNsense 25.7.11_9 (amd64) at Fri Jan 30 22:12:43 CET 2026
Fetching packages-26.1-amd64.tar: ............ done
Fetching base-26.1-amd64.txz: .... done
Fetching kernel-26.1-amd64.txz: ... done
Extracting packages-26.1-amd64.tar... done
Extracting base-26.1-amd64.txz... done
Extracting kernel-26.1-amd64.txz... done
Please reboot.
>>> Invoking upgrade script 'sanity.sh'
The Package manager "pkg" is incompatible and needs a reinstall.
>>> Error in upgrade script '10-sanity.sh'
>>> Invoking upgrade script 'isc-dhcp-plugin.sh'
Skipping already installed legacy ISC-DHCP plugin...
>>> Invoking upgrade script 'cleanup.sh'
The upgrade was aborted due to an error.
***DONE***
# pkg info pkg
pkg-2.5.1
Name : pkg
Version : 2.5.1
Installed on : Fri Jan 23 00:52:37 2026 CET
Origin : ports-mgmt/pkg
Architecture : FreeBSD:14:amd64
Prefix : /usr/local
Categories : ports-mgmt
Licenses : BSD2CLAUSE
Maintainer : pkg@FreeBSD.org
WWW : https://github.com/freebsd/pkg
Comment : Package manager
Options :
DOCS : on
Shared Libs required:
libarchive.so.7
libc.so.7
libcrypto.so.30
libelf.so.2
libjail.so.1
libm.so.5
libssl.so.30
libthr.so.3
libutil.so.9
libz.so.6
Shared Libs provided:
libpkg.so.4
Annotations :
FreeBSD_version: 1403000
build_timestamp: 2026-01-15T01:04:23+0000
built_by : poudriere-git-3.4.4-15-g61aba751
port_checkout_unclean: no
port_git_hash : 9514ac9990434680c9394df1a07b7b7469198293
ports_top_checkout_unclean: no
ports_top_git_hash: 9514ac9990434680c9394df1a07b7b7469198293
repo_type : binary
repository : FreeBSD
Flat size : 23.6MiB
Description :
Package management tool
***GOT REQUEST TO UPGRADE***
Currently running OPNsense 25.7.11_9 (amd64) at Fri Jan 30 22:12:43 CET 2026
Fetching packages-26.1-amd64.tar: ............ done
Fetching base-26.1-amd64.txz: .... done
Fetching kernel-26.1-amd64.txz: ... done
Extracting packages-26.1-amd64.tar... done
Extracting base-26.1-amd64.txz... done
Extracting kernel-26.1-amd64.txz... done
Please reboot.
>>> Invoking upgrade script 'sanity.sh'
The Package manager "pkg" is incompatible and needs a reinstall.
>>> Error in upgrade script '10-sanity.sh'
>>> Invoking upgrade script 'isc-dhcp-plugin.sh'
Skipping already installed legacy ISC-DHCP plugin...
>>> Invoking upgrade script 'cleanup.sh'
The upgrade was aborted due to an error.
***DONE***
# pkg info pkg
pkg-2.5.1
Name : pkg
Version : 2.5.1
Installed on : Fri Jan 23 00:52:37 2026 CET
Origin : ports-mgmt/pkg
Architecture : FreeBSD:14:amd64
Prefix : /usr/local
Categories : ports-mgmt
Licenses : BSD2CLAUSE
Maintainer : pkg@FreeBSD.org
WWW : https://github.com/freebsd/pkg
Comment : Package manager
Options :
DOCS : on
Shared Libs required:
libarchive.so.7
libc.so.7
libcrypto.so.30
libelf.so.2
libjail.so.1
libm.so.5
libssl.so.30
libthr.so.3
libutil.so.9
libz.so.6
Shared Libs provided:
libpkg.so.4
Annotations :
FreeBSD_version: 1403000
build_timestamp: 2026-01-15T01:04:23+0000
built_by : poudriere-git-3.4.4-15-g61aba751
port_checkout_unclean: no
port_git_hash : 9514ac9990434680c9394df1a07b7b7469198293
ports_top_checkout_unclean: no
ports_top_git_hash: 9514ac9990434680c9394df1a07b7b7469198293
repo_type : binary
repository : FreeBSD
Flat size : 23.6MiB
Description :
Package management tool
