Recent posts

#81
General Discussion / Re: Forward local port to WAN...
Last post by teclab - January 18, 2026, 05:04:08 PM
Quote from: viragomann on January 17, 2026, 07:54:26 PM... you want to tunnel the traffic through SSH for security reasons or whatever.
No, this is only the workaround.

Quote from: viragomann on January 17, 2026, 07:54:26 PMI don't think that OPNsense gets the tunneld traffic in on any interface, which can be used for port forwarding. I assume, it enters the machine on localhost, but this is not available in a port forwarding rule.
Not quite sure if we are on the same page? Every connection enters on the localhost, that's what port forwarding is for.

I already setup NAT from WAN to a local machine behind. This works OK.
But now I thought about setting up NAT from LAN to WAN (but on the IP alias).
#83
German - Deutsch / Re: Eigener DNS bei einer IPv6...
Last post by n3 - January 18, 2026, 04:55:50 PM
Danke euch beiden für die zwei Beiträge. Das hilft es besser einordnen zu können. Viele Wege führen nach Rom und so kann man besser einschätzen, welchen Weg man gehen möchte. Aktuell läuft mein System wie im HowTo von @meyergru beschrieben. IPv6 First klingt interessant, weil ich in vielen Fällen gerne ein e
Early Adopter bin, aber ich muss schauen, ob mir der Mehraufwand es wert ist.
#84
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 imp...
Last post by Maurice - January 18, 2026, 04:48:28 PM
Quote from: franco on January 18, 2026, 01:52:51 PMThen the code in dhcp6c repo wasn't pulled correctly?
Pulled, compiled and installed correctly.

Quote from: franco on January 18, 2026, 01:52:51 PMOr are you using the "no release" option, too?
Nope.

But I now made the next step and switched to opnsense-devel (26.1.b_143). ifconfig now shows pltime and vltime for the GUA on the tracking LAN interface. So it seems devel is indeed required for this to work.

Did not apply the multi-dhcp6c patch yet, maybe tomorrow.

Great new radvd features by the way, like PREF64! 👍

Cheers
Maurice
#85
25.7, 25.10 Series / Re: 25.7.11 GeoIP [SOLVED]
Last post by MoonbeamFrame - January 18, 2026, 04:27:37 PM
OK. Now resolved. The problem was caused by the rebuild order.

I did the initial rebuild from a fresh download of the installation sources. Restored the config, then applied updates.

Doing the rebuild, then applying the updates, then restoring the backup works.
#86
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by Patrick M. Hausen - January 18, 2026, 04:16:39 PM
No. Use the web interface to enable SSH and log in. There is SSH for every desktop operating system imaginable.
#87
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by BigFreddy - January 18, 2026, 04:04:36 PM
Quote from: Patrick M. Hausen on January 18, 2026, 04:02:40 PMYou type D M E S G followed by the ENTER key after logging in to the firewall via SSH or connected to the console and selecting "8" for a shell. All lower case letters.

Is there a way to do this from the web interface ?
#88
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by Patrick M. Hausen - January 18, 2026, 04:02:40 PM
You type D M E S G followed by the ENTER key after logging in to the firewall via SSH or connected to the console and selecting "8" for a shell. All lower case letters.
#89
25.7, 25.10 Series / Re: What is the official migra...
Last post by stanthewizzard - January 18, 2026, 04:00:29 PM
Hello all :)

Something is very bothering
with ISC DHCPv6
Subnet Subnet mask Available range are prepopulated

Not the case with kea or dnsmasq. Or am I missing something ?

Thanks for clarifications
#90
25.7, 25.10 Series / Re: hostwatch at 100% CPU
Last post by crlt - January 18, 2026, 03:58:59 PM
Quote from: bycarlsjr on January 17, 2026, 07:05:25 PM
Quote from: Patrick M. Hausen on January 17, 2026, 04:01:33 PMNothing is going to be worse, just disable it.

Interfaces: Neighbors: Automatic Discovery

It fills in a missing feature people coming from consumer routers like Fritzbox got used to and frequently demanded: show an overview of all devices in my network.

More useless garbage that we didn't ask for..... Why can't this be a plugin that those folks can install separately and not brick our routers.... I have a 16Gig hostwatch log this morning, lose gui, forced to restart to recover...  Definitely not a professional group here....

I don't think that's fair to say as it was a popular request. I believe that it's not a plugin because it's developed by the opnsense team and you can simply disable it. With all that said it probably could have shipped disabled by default.

I manage a few personal firewalls across a few locations and I always read the change log and forums before updating so I knew to look out for this potential issue. Perhaps you should consider doing that in the future.