"Recent posts
#81
25.7, 25.10 Series / Re: 25.7.8 upgrade
Last post by TekunoKage - November 28, 2025, 06:41:19 PMI would like to bring to your attention an issue I encountered during a recent upgrade. Unfortunately, I lost all connection to the firewall before the reboot. This is the first time I've experienced such a situation in my six years of using OPNsense.
As can be seen, the moment I lost connection to the firewall was when "Deinstalling opnsense-25.7.7_4" was running.
These are the prompts when trying to access by console:
After about 25 minutes, the interface came back online normally. It was just a brief moment of uncertainty, during which I was able to continue watching the upgrade process until it rebooted as expected. Below is a capture when it came back. I was unable to retrieve the last messages because the reboot prevented me from copying the output to the clipboard.
I just wanted to share some thoughts regarding a specific behavior I've noticed. I believe it's important for anyone planning a maintenance window to be aware of this. It's not meant as criticism—on the contrary, I truly appreciate the great work the OPNsense team is doing!
If it's deemed appropriate, I encourage the team to evaluate this behavior for potential improvements. It could further enhance the already fantastic software we've come to rely on. Thank you for all your hard work, OPNsense team!
Code Select
***GOT REQUEST TO UPDATE***
Currently running OPNsense 25.7.7_4 (amd64) at Fri Nov 28 12:58:02 AST 2025
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (118 candidates): .......... done
Processing candidates (118 candidates): .... done
The following 42 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
py311-pyopenssl: 25.3.0_1,1
Installed packages to be UPGRADED:
brotli: 1.1.0,1 -> 1.2.0,1
ca_root_nss: 3.117 -> 3.117_2
curl: 8.16.0 -> 8.17.0
libiconv: 1.17_1 -> 1.18_1
liblz4: 1.10.0,1 -> 1.10.0_2,1
nspr: 4.37 -> 4.38.2
nss: 3.117 -> 3.118.1
ntp: 4.2.8p18_4 -> 4.2.8p18_5
openvpn: 2.6.15 -> 2.6.16
opnsense: 25.7.7_4 -> 25.7.8
opnsense-update: 25.7.5_1 -> 25.7.8
pcre2: 10.46 -> 10.47
php83: 8.3.27 -> 8.3.28
php83-ctype: 8.3.27 -> 8.3.28
php83-curl: 8.3.27 -> 8.3.28
php83-dom: 8.3.27 -> 8.3.28
php83-filter: 8.3.27 -> 8.3.28
php83-gettext: 8.3.27 -> 8.3.28
php83-ldap: 8.3.27 -> 8.3.28
php83-mbstring: 8.3.27 -> 8.3.28
php83-pcntl: 8.3.27 -> 8.3.28
php83-pdo: 8.3.27 -> 8.3.28
php83-session: 8.3.27 -> 8.3.28
php83-simplexml: 8.3.27 -> 8.3.28
php83-sockets: 8.3.27 -> 8.3.28
php83-sqlite3: 8.3.27 -> 8.3.28
php83-xml: 8.3.27 -> 8.3.28
php83-zlib: 8.3.27 -> 8.3.28
pkcs11-helper: 1.29.0_3 -> 1.31.0
py311-aioquic: 1.3.0 -> 1.3.0_1
py311-cryptography: 44.0.3_4,1 -> 45.0.7_1,1
py311-dnspython: 2.8.0,1 -> 2.8.0_1,1
py311-numpy: 1.26.4_7,1 -> 1.26.4_10,1
py311-trio: 0.31.0 -> 0.32.0
py311-vici: 5.9.11_1 -> 6.0.3
qemu-guest-agent: 10.1.2 -> 10.1.2_1
readline: 8.2.13_2 -> 8.3.1
sqlite3: 3.50.4,1 -> 3.50.4_2,1
strongswan: 6.0.3 -> 6.0.3_1
sudo: 1.9.17p2_1 -> 1.9.17p2_2
zstd: 1.5.7 -> 1.5.7_1
Number of packages to be installed: 1
Number of packages to be upgraded: 41
The operation will free 1 MiB.
35 MiB to be downloaded.
[1/42] Fetching py311-cryptography-45.0.7_1,1.pkg: .......... done
[2/42] Fetching php83-filter-8.3.28.pkg: . done
[3/42] Fetching opnsense-update-25.7.8.pkg: . done
[4/42] Fetching php83-curl-8.3.28.pkg: . done
[5/42] Fetching py311-numpy-1.26.4_10,1.pkg: .......... done
[6/42] Fetching nss-3.118.1.pkg: .......... done
[7/42] Fetching libiconv-1.18_1.pkg: ......... done
[8/42] Fetching php83-ldap-8.3.28.pkg: ... done
[9/42] Fetching py311-aioquic-1.3.0_1.pkg: ....... done
[10/42] Fetching openvpn-2.6.16.pkg: ......... done
[11/42] Fetching php83-simplexml-8.3.28.pkg: . done
[12/42] Fetching php83-pdo-8.3.28.pkg: .. done
[13/42] Fetching ntp-4.2.8p18_5.pkg: ......... done
[14/42] Fetching php83-sockets-8.3.28.pkg: .. done
[15/42] Fetching php83-pcntl-8.3.28.pkg: . done
[16/42] Fetching ca_root_nss-3.117_2.pkg: .... done
[17/42] Fetching php83-sqlite3-8.3.28.pkg: .. done
[18/42] Fetching py311-vici-6.0.3.pkg: . done
[19/42] Fetching py311-trio-0.32.0.pkg: .......... done
[20/42] Fetching py311-dnspython-2.8.0_1,1.pkg: ....... done
[21/42] Fetching php83-session-8.3.28.pkg: . done
[22/42] Fetching php83-mbstring-8.3.28.pkg: .......... done
[23/42] Fetching php83-gettext-8.3.28.pkg: . done
[24/42] Fetching liblz4-1.10.0_2,1.pkg: ... done
[25/42] Fetching pkcs11-helper-1.31.0.pkg: .... done
[26/42] Fetching php83-zlib-8.3.28.pkg: . done
[27/42] Fetching zstd-1.5.7_1.pkg: ........ done
[28/42] Fetching pcre2-10.47.pkg: .......... done
[29/42] Fetching php83-ctype-8.3.28.pkg: . done
[30/42] Fetching brotli-1.2.0,1.pkg: ....... done
[31/42] Fetching curl-8.17.0.pkg: .......... done
[32/42] Fetching nspr-4.38.2.pkg: ......... done
[33/42] Fetching php83-8.3.28.pkg: .......... done
[34/42] Fetching php83-xml-8.3.28.pkg: . done
[35/42] Fetching php83-dom-8.3.28.pkg: .. done
[36/42] Fetching sqlite3-3.50.4_2,1.pkg: .......... done
[37/42] Fetching opnsense-25.7.8.pkg: .......... done
[38/42] Fetching qemu-guest-agent-10.1.2_1.pkg: ..... done
[39/42] Fetching readline-8.3.1.pkg: ......... done
[40/42] Fetching strongswan-6.0.3_1.pkg: .......... done
[41/42] Fetching sudo-1.9.17p2_2.pkg: ........ done
[42/42] Fetching py311-pyopenssl-25.3.0_1,1.pkg: .. done
Checking integrity... done (1 conflicting)
- py311-pyopenssl-25.3.0_1,1 conflicts with py311-openssl-25.0.0_1,1 on /usr/local/lib/python3.11/site-packages/OpenSSL/SSL.py
Checking integrity... done (0 conflicting)
Conflicts with the existing packages have been found.
One more solver iteration is needed to resolve them.
The following 43 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
py311-pyopenssl: 25.3.0_1,1
Installed packages to be UPGRADED:
brotli: 1.1.0,1 -> 1.2.0,1
ca_root_nss: 3.117 -> 3.117_2
curl: 8.16.0 -> 8.17.0
libiconv: 1.17_1 -> 1.18_1
liblz4: 1.10.0,1 -> 1.10.0_2,1
nspr: 4.37 -> 4.38.2
nss: 3.117 -> 3.118.1
ntp: 4.2.8p18_4 -> 4.2.8p18_5
openvpn: 2.6.15 -> 2.6.16
opnsense: 25.7.7_4 -> 25.7.8
opnsense-update: 25.7.5_1 -> 25.7.8
pcre2: 10.46 -> 10.47
php83: 8.3.27 -> 8.3.28
php83-ctype: 8.3.27 -> 8.3.28
php83-curl: 8.3.27 -> 8.3.28
php83-dom: 8.3.27 -> 8.3.28
php83-filter: 8.3.27 -> 8.3.28
php83-gettext: 8.3.27 -> 8.3.28
php83-ldap: 8.3.27 -> 8.3.28
php83-mbstring: 8.3.27 -> 8.3.28
php83-pcntl: 8.3.27 -> 8.3.28
php83-pdo: 8.3.27 -> 8.3.28
php83-session: 8.3.27 -> 8.3.28
php83-simplexml: 8.3.27 -> 8.3.28
php83-sockets: 8.3.27 -> 8.3.28
php83-sqlite3: 8.3.27 -> 8.3.28
php83-xml: 8.3.27 -> 8.3.28
php83-zlib: 8.3.27 -> 8.3.28
pkcs11-helper: 1.29.0_3 -> 1.31.0
py311-aioquic: 1.3.0 -> 1.3.0_1
py311-cryptography: 44.0.3_4,1 -> 45.0.7_1,1
py311-dnspython: 2.8.0,1 -> 2.8.0_1,1
py311-numpy: 1.26.4_7,1 -> 1.26.4_10,1
py311-trio: 0.31.0 -> 0.32.0
py311-vici: 5.9.11_1 -> 6.0.3
qemu-guest-agent: 10.1.2 -> 10.1.2_1
readline: 8.2.13_2 -> 8.3.1
sqlite3: 3.50.4,1 -> 3.50.4_2,1
strongswan: 6.0.3 -> 6.0.3_1
sudo: 1.9.17p2_1 -> 1.9.17p2_2
zstd: 1.5.7 -> 1.5.7_1
Installed packages to be REMOVED:
py311-openssl: 25.0.0_1,1
Number of packages to be removed: 1
Number of packages to be installed: 1
Number of packages to be upgraded: 41
The operation will free 2 MiB.
Checking integrity... done (0 conflicting)
[1/46] Upgrading brotli from 1.1.0,1 to 1.2.0,1...
[1/46] Extracting brotli-1.2.0,1: .......... done
[2/46] Upgrading libiconv from 1.17_1 to 1.18_1...
[2/46] Extracting libiconv-1.18_1: .......... done
[3/46] Upgrading nspr from 4.37 to 4.38.2...
[3/46] Extracting nspr-4.38.2: .......... done
[4/46] Upgrading pcre2 from 10.46 to 10.47...
[4/46] Extracting pcre2-10.47: .......... done
[5/46] Upgrading php83 from 8.3.27 to 8.3.28...
[5/46] Extracting php83-8.3.28: .......... done
[6/46] Upgrading php83-mbstring from 8.3.27 to 8.3.28...
[6/46] Extracting php83-mbstring-8.3.28: .......... done
[7/46] Upgrading pkcs11-helper from 1.29.0_3 to 1.31.0...
[7/46] Extracting pkcs11-helper-1.31.0: .......... done
[8/46] Upgrading qemu-guest-agent from 10.1.2 to 10.1.2_1...
[8/46] Extracting qemu-guest-agent-10.1.2_1: .......... done
[9/46] Upgrading readline from 8.2.13_2 to 8.3.1...
[9/46] Extracting readline-8.3.1: .......... done
[10/46] Upgrading sqlite3 from 3.50.4,1 to 3.50.4_2,1...
[10/46] Extracting sqlite3-3.50.4_2,1: .......... done
[11/46] Upgrading nss from 3.117 to 3.118.1...
[11/46] Extracting nss-3.118.1: .......... done
[12/46] Upgrading zstd from 1.5.7 to 1.5.7_1...
[12/46] Extracting zstd-1.5.7_1: .......... done
[13/46] Upgrading curl from 8.16.0 to 8.17.0...
[13/46] Extracting curl-8.17.0: .......... done
[14/46] Upgrading liblz4 from 1.10.0,1 to 1.10.0_2,1...
[14/46] Extracting liblz4-1.10.0_2,1: .......... done
[15/46] Deinstalling opnsense-25.7.7_4...
As can be seen, the moment I lost connection to the firewall was when "Deinstalling opnsense-25.7.7_4" was running.
These are the prompts when trying to access by console:
Code Select
FreeBSD/amd64 (ACME-OPNsense-01.example.net) (ttyu0)
login: root
Password:
sh: /usr/local/libexec/opnsense-auth: not found
Login incorrect
login: root
Password:
sh: /usr/local/libexec/opnsense-auth: not found
Login incorrect
login:
After about 25 minutes, the interface came back online normally. It was just a brief moment of uncertainty, during which I was able to continue watching the upgrade process until it rebooted as expected. Below is a capture when it came back. I was unable to retrieve the last messages because the reboot prevented me from copying the output to the clipboard.
Code Select
***GOT REQUEST TO UPDATE***
Currently running OPNsense 25.7.7_4 (amd64) at Fri Nov 28 12:58:02 AST 2025
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (118 candidates): .......... done
Processing candidates (118 candidates): .... done
The following 42 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
py311-pyopenssl: 25.3.0_1,1
Installed packages to be UPGRADED:
brotli: 1.1.0,1 -> 1.2.0,1
ca_root_nss: 3.117 -> 3.117_2
curl: 8.16.0 -> 8.17.0
libiconv: 1.17_1 -> 1.18_1
liblz4: 1.10.0,1 -> 1.10.0_2,1
nspr: 4.37 -> 4.38.2
nss: 3.117 -> 3.118.1
ntp: 4.2.8p18_4 -> 4.2.8p18_5
openvpn: 2.6.15 -> 2.6.16
opnsense: 25.7.7_4 -> 25.7.8
opnsense-update: 25.7.5_1 -> 25.7.8
pcre2: 10.46 -> 10.47
php83: 8.3.27 -> 8.3.28
php83-ctype: 8.3.27 -> 8.3.28
php83-curl: 8.3.27 -> 8.3.28
php83-dom: 8.3.27 -> 8.3.28
php83-filter: 8.3.27 -> 8.3.28
php83-gettext: 8.3.27 -> 8.3.28
php83-ldap: 8.3.27 -> 8.3.28
php83-mbstring: 8.3.27 -> 8.3.28
php83-pcntl: 8.3.27 -> 8.3.28
php83-pdo: 8.3.27 -> 8.3.28
php83-session: 8.3.27 -> 8.3.28
php83-simplexml: 8.3.27 -> 8.3.28
php83-sockets: 8.3.27 -> 8.3.28
php83-sqlite3: 8.3.27 -> 8.3.28
php83-xml: 8.3.27 -> 8.3.28
php83-zlib: 8.3.27 -> 8.3.28
pkcs11-helper: 1.29.0_3 -> 1.31.0
py311-aioquic: 1.3.0 -> 1.3.0_1
py311-cryptography: 44.0.3_4,1 -> 45.0.7_1,1
py311-dnspython: 2.8.0,1 -> 2.8.0_1,1
py311-numpy: 1.26.4_7,1 -> 1.26.4_10,1
py311-trio: 0.31.0 -> 0.32.0
py311-vici: 5.9.11_1 -> 6.0.3
qemu-guest-agent: 10.1.2 -> 10.1.2_1
readline: 8.2.13_2 -> 8.3.1
sqlite3: 3.50.4,1 -> 3.50.4_2,1
strongswan: 6.0.3 -> 6.0.3_1
sudo: 1.9.17p2_1 -> 1.9.17p2_2
zstd: 1.5.7 -> 1.5.7_1
Number of packages to be installed: 1
Number of packages to be upgraded: 41
The operation will free 1 MiB.
35 MiB to be downloaded.
[1/42] Fetching py311-cryptography-45.0.7_1,1.pkg: .......... done
[2/42] Fetching php83-filter-8.3.28.pkg: . done
[3/42] Fetching opnsense-update-25.7.8.pkg: . done
[4/42] Fetching php83-curl-8.3.28.pkg: . done
[5/42] Fetching py311-numpy-1.26.4_10,1.pkg: .......... done
[6/42] Fetching nss-3.118.1.pkg: .......... done
[7/42] Fetching libiconv-1.18_1.pkg: ......... done
[8/42] Fetching php83-ldap-8.3.28.pkg: ... done
[9/42] Fetching py311-aioquic-1.3.0_1.pkg: ....... done
[10/42] Fetching openvpn-2.6.16.pkg: ......... done
[11/42] Fetching php83-simplexml-8.3.28.pkg: . done
[12/42] Fetching php83-pdo-8.3.28.pkg: .. done
[13/42] Fetching ntp-4.2.8p18_5.pkg: ......... done
[14/42] Fetching php83-sockets-8.3.28.pkg: .. done
[15/42] Fetching php83-pcntl-8.3.28.pkg: . done
[16/42] Fetching ca_root_nss-3.117_2.pkg: .... done
[17/42] Fetching php83-sqlite3-8.3.28.pkg: .. done
[18/42] Fetching py311-vici-6.0.3.pkg: . done
[19/42] Fetching py311-trio-0.32.0.pkg: .......... done
[20/42] Fetching py311-dnspython-2.8.0_1,1.pkg: ....... done
[21/42] Fetching php83-session-8.3.28.pkg: . done
[22/42] Fetching php83-mbstring-8.3.28.pkg: .......... done
[23/42] Fetching php83-gettext-8.3.28.pkg: . done
[24/42] Fetching liblz4-1.10.0_2,1.pkg: ... done
[25/42] Fetching pkcs11-helper-1.31.0.pkg: .... done
[26/42] Fetching php83-zlib-8.3.28.pkg: . done
[27/42] Fetching zstd-1.5.7_1.pkg: ........ done
[28/42] Fetching pcre2-10.47.pkg: .......... done
[29/42] Fetching php83-ctype-8.3.28.pkg: . done
[30/42] Fetching brotli-1.2.0,1.pkg: ....... done
[31/42] Fetching curl-8.17.0.pkg: .......... done
[32/42] Fetching nspr-4.38.2.pkg: ......... done
[33/42] Fetching php83-8.3.28.pkg: .......... done
[34/42] Fetching php83-xml-8.3.28.pkg: . done
[35/42] Fetching php83-dom-8.3.28.pkg: .. done
[36/42] Fetching sqlite3-3.50.4_2,1.pkg: .......... done
[37/42] Fetching opnsense-25.7.8.pkg: .......... done
[38/42] Fetching qemu-guest-agent-10.1.2_1.pkg: ..... done
[39/42] Fetching readline-8.3.1.pkg: ......... done
[40/42] Fetching strongswan-6.0.3_1.pkg: .......... done
[41/42] Fetching sudo-1.9.17p2_2.pkg: ........ done
[42/42] Fetching py311-pyopenssl-25.3.0_1,1.pkg: .. done
Checking integrity... done (1 conflicting)
- py311-pyopenssl-25.3.0_1,1 conflicts with py311-openssl-25.0.0_1,1 on /usr/local/lib/python3.11/site-packages/OpenSSL/SSL.py
Checking integrity... done (0 conflicting)
Conflicts with the existing packages have been found.
One more solver iteration is needed to resolve them.
The following 43 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
py311-pyopenssl: 25.3.0_1,1
Installed packages to be UPGRADED:
brotli: 1.1.0,1 -> 1.2.0,1
ca_root_nss: 3.117 -> 3.117_2
curl: 8.16.0 -> 8.17.0
libiconv: 1.17_1 -> 1.18_1
liblz4: 1.10.0,1 -> 1.10.0_2,1
nspr: 4.37 -> 4.38.2
nss: 3.117 -> 3.118.1
ntp: 4.2.8p18_4 -> 4.2.8p18_5
openvpn: 2.6.15 -> 2.6.16
opnsense: 25.7.7_4 -> 25.7.8
opnsense-update: 25.7.5_1 -> 25.7.8
pcre2: 10.46 -> 10.47
php83: 8.3.27 -> 8.3.28
php83-ctype: 8.3.27 -> 8.3.28
php83-curl: 8.3.27 -> 8.3.28
php83-dom: 8.3.27 -> 8.3.28
php83-filter: 8.3.27 -> 8.3.28
php83-gettext: 8.3.27 -> 8.3.28
php83-ldap: 8.3.27 -> 8.3.28
php83-mbstring: 8.3.27 -> 8.3.28
php83-pcntl: 8.3.27 -> 8.3.28
php83-pdo: 8.3.27 -> 8.3.28
php83-session: 8.3.27 -> 8.3.28
php83-simplexml: 8.3.27 -> 8.3.28
php83-sockets: 8.3.27 -> 8.3.28
php83-sqlite3: 8.3.27 -> 8.3.28
php83-xml: 8.3.27 -> 8.3.28
php83-zlib: 8.3.27 -> 8.3.28
pkcs11-helper: 1.29.0_3 -> 1.31.0
py311-aioquic: 1.3.0 -> 1.3.0_1
py311-cryptography: 44.0.3_4,1 -> 45.0.7_1,1
py311-dnspython: 2.8.0,1 -> 2.8.0_1,1
py311-numpy: 1.26.4_7,1 -> 1.26.4_10,1
py311-trio: 0.31.0 -> 0.32.0
py311-vici: 5.9.11_1 -> 6.0.3
qemu-guest-agent: 10.1.2 -> 10.1.2_1
readline: 8.2.13_2 -> 8.3.1
sqlite3: 3.50.4,1 -> 3.50.4_2,1
strongswan: 6.0.3 -> 6.0.3_1
sudo: 1.9.17p2_1 -> 1.9.17p2_2
zstd: 1.5.7 -> 1.5.7_1
Installed packages to be REMOVED:
py311-openssl: 25.0.0_1,1
Number of packages to be removed: 1
Number of packages to be installed: 1
Number of packages to be upgraded: 41
The operation will free 2 MiB.
Checking integrity... done (0 conflicting)
[1/46] Upgrading brotli from 1.1.0,1 to 1.2.0,1...
[1/46] Extracting brotli-1.2.0,1: .......... done
[2/46] Upgrading libiconv from 1.17_1 to 1.18_1...
[2/46] Extracting libiconv-1.18_1: .......... done
[3/46] Upgrading nspr from 4.37 to 4.38.2...
[3/46] Extracting nspr-4.38.2: .......... done
[4/46] Upgrading pcre2 from 10.46 to 10.47...
[4/46] Extracting pcre2-10.47: .......... done
[5/46] Upgrading php83 from 8.3.27 to 8.3.28...
[5/46] Extracting php83-8.3.28: .......... done
[6/46] Upgrading php83-mbstring from 8.3.27 to 8.3.28...
[6/46] Extracting php83-mbstring-8.3.28: .......... done
[7/46] Upgrading pkcs11-helper from 1.29.0_3 to 1.31.0...
[7/46] Extracting pkcs11-helper-1.31.0: .......... done
[8/46] Upgrading qemu-guest-agent from 10.1.2 to 10.1.2_1...
[8/46] Extracting qemu-guest-agent-10.1.2_1: .......... done
[9/46] Upgrading readline from 8.2.13_2 to 8.3.1...
[9/46] Extracting readline-8.3.1: .......... done
[10/46] Upgrading sqlite3 from 3.50.4,1 to 3.50.4_2,1...
[10/46] Extracting sqlite3-3.50.4_2,1: .......... done
[11/46] Upgrading nss from 3.117 to 3.118.1...
[11/46] Extracting nss-3.118.1: .......... done
[12/46] Upgrading zstd from 1.5.7 to 1.5.7_1...
[12/46] Extracting zstd-1.5.7_1: .......... done
[13/46] Upgrading curl from 8.16.0 to 8.17.0...
[13/46] Extracting curl-8.17.0: .......... done
[14/46] Upgrading liblz4 from 1.10.0,1 to 1.10.0_2,1...
[14/46] Extracting liblz4-1.10.0_2,1: .......... done
[15/46] Deinstalling opnsense-25.7.7_4...
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
[15/46] Deleting files for opnsense-25.7.7_4: .......... done
[16/46] Upgrading ca_root_nss from 3.117 to 3.117_2...
[16/46] Extracting ca_root_nss-3.117_2: ..... done
[17/46] Upgrading ntp from 4.2.8p18_4 to 4.2.8p18_5...
[17/46] Extracting ntp-4.2.8p18_5: .......... done
[18/46] Upgrading openvpn from 2.6.15 to 2.6.16...
===> Creating groups
Using existing group 'openvpn'
===> Creating users
Using existing user 'openvpn'
[18/46] Extracting openvpn-2.6.16: .......... done
[19/46] Upgrading opnsense-update from 25.7.5_1 to 25.7.8...
[19/46] Extracting opnsense-update-25.7.8: .......... done
[20/46] Upgrading php83-ctype from 8.3.27 to 8.3.28...
[20/46] Extracting php83-ctype-8.3.28: ........ done
[21/46] Upgrading php83-curl from 8.3.27 to 8.3.28...
[21/46] Extracting php83-curl-8.3.28: .......... done
[22/46] Upgrading php83-dom from 8.3.27 to 8.3.28...
[22/46] Extracting php83-dom-8.3.28: .......... done
[23/46] Upgrading php83-filter from 8.3.27 to 8.3.28...
[23/46] Extracting php83-filter-8.3.28: ......... done
[24/46] Upgrading php83-gettext from 8.3.27 to 8.3.28...
[24/46] Extracting php83-gettext-8.3.28: ........ done
[25/46] Upgrading php83-ldap from 8.3.27 to 8.3.28...
[25/46] Extracting php83-ldap-8.3.28: ........ done
[26/46] Upgrading php83-pcntl from 8.3.27 to 8.3.28...
[26/46] Extracting php83-pcntl-8.3.28: ......... done
[27/46] Upgrading php83-pdo from 8.3.27 to 8.3.28...
[27/46] Extracting php83-pdo-8.3.28: .......... done
[28/46] Upgrading php83-session from 8.3.27 to 8.3.28...
[28/46] Extracting php83-session-8.3.28: .......... done
[29/46] Upgrading php83-simplexml from 8.3.27 to 8.3.28...
[29/46] Extracting php83-simplexml-8.3.28: ......... done
[30/46] Upgrading php83-sockets from 8.3.27 to 8.3.28...
[30/46] Extracting php83-sockets-8.3.28: .......... done
[31/46] Upgrading php83-sqlite3 from 8.3.27 to 8.3.28...
[31/46] Extracting php83-sqlite3-8.3.28: ......... done
[32/46] Upgrading php83-xml from 8.3.27 to 8.3.28...
[32/46] Extracting php83-xml-8.3.28: ......... done
[33/46] Upgrading php83-zlib from 8.3.27 to 8.3.28...
[33/46] Extracting php83-zlib-8.3.28: ........ done
[34/46] Upgrading py311-numpy from 1.26.4_7,1 to 1.26.4_10,1...
[34/46] Extracting py311-numpy-1.26.4_10,1: .......... done
[35/46] Upgrading py311-vici from 5.9.11_1 to 6.0.3...
[35/46] Extracting py311-vici-6.0.3: .......... done
[36/46] Upgrading strongswan from 6.0.3 to 6.0.3_1...
[36/46] Extracting strongswan-6.0.3_1: .......... done
[37/46] Upgrading sudo from 1.9.17p2_1 to 1.9.17p2_2...
[37/46] Extracting sudo-1.9.17p2_2: .......... done
[38/46] Deinstalling py311-dnspython-2.8.0,1...
[38/46] Deleting files for py311-dnspython-2.8.0,1: .......... done
[39/46] Upgrading py311-trio from 0.31.0 to 0.32.0...
[39/46] Extracting py311-trio-0.32.0: .......... done
[40/46] Deinstalling py311-aioquic-1.3.0...
[40/46] Deleting files for py311-aioquic-1.3.0: .......... done
[41/46] Deinstalling py311-openssl-25.0.0_1,1...
[41/46] Deleting files for py311-openssl-25.0.0_1,1: .......... done
[42/46] Upgrading py311-cryptography from 44.0.3_4,1 to 45.0.7_1,1...
[42/46] Extracting py311-cryptography-45.0.7_1,1: .......... done
[43/46] Installing py311-pyopenssl-25.3.0_1,1...
[43/46] Extracting py311-pyopenssl-25.3.0_1,1: .......... done
[44/46] Installing py311-aioquic-1.3.0_1...
[44/46] Extracting py311-aioquic-1.3.0_1: .......... done
[45/46] Installing py311-dnspython-2.8.0_1,1...
[45/46] Extracting py311-dnspython-2.8.0_1,1: .......... done
[46/46] Installing opnsense-25.7.8...
[46/46] Extracting opnsense-25.7.8: .......... done
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
>>> Invoking update script 'refresh.sh'
Migrated OPNsense\Unbound\Unbound from 1.0.12 to 1.0.13
Flushing all caches...done.
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: No changes to trust store were made.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring cron...done.
Configuring system logging...done.
You may need to manually remove /usr/local/etc/ssl/cert.pem if it is no longer needed.
=====
Message from openvpn-2.6.16:
--
Note that OpenVPN now configures a separate user and group "openvpn",
which should be used instead of the NFS user "nobody"
when an unprivileged user account is desired.
It is advisable to review existing configuration files and
to consider adding/changing user openvpn and group openvpn.
=====
Message from strongswan-6.0.3_1:
--
The default strongSwan configuration interface have been updated to vici.
To use the stroke interface by default either compile the port without the vici option or
set 'strongswan_interface="stroke"' in your rc.conf file.
=====
Message from opnsense-25.7.8:
--
Some will win, some will lose, some are born to sing the blues
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: .......... done
The following package files will be deleted:
/var/cache/pkg/py311-cryptography-45.0.7_1,1~c815f3235b.pkg
/var/cache/pkg/php83-filter-8.3.28~4a8f33be7d.pkg
/var/cache/pkg/py311-cryptography-45.0.7_1,1.pkg
/var/cache/pkg/opnsense-update-25.7.8.pkg
/var/cache/pkg/php83-filter-8.3.28.pkg
/var/cache/pkg/opnsense-update-25.7.8~fee3f6a970.pkg
/var/cache/pkg/php83-curl-8.3.28~6accc1b1ac.pkg
/var/cache/pkg/py311-numpy-1.26.4_10,1.pkg
/var/cache/pkg/php83-curl-8.3.28.pkg
/var/cache/pkg/py311-numpy-1.26.4_10,1~448cb68ef2.pkg
/var/cache/pkg/nss-3.118.1~5ad385b9f3.pkg
/var/cache/pkg/libiconv-1.18_1.pkg
/var/cache/pkg/nss-3.118.1.pkg
/var/cache/pkg/libiconv-1.18_1~f25bb554f1.pkg
/var/cache/pkg/php83-ldap-8.3.28~8c8d10b5e9.pkg
/var/cache/pkg/py311-aioquic-1.3.0_1.pkg
/var/cache/pkg/php83-ldap-8.3.28.pkg
/var/cache/pkg/py311-aioquic-1.3.0_1~254dacaf7b.pkg
/var/cache/pkg/openvpn-2.6.16~4f8aacf57c.pkg
/var/cache/pkg/php83-pdo-8.3.28.pkg
/var/cache/pkg/openvpn-2.6.16.pkg
/var/cache/pkg/php83-simplexml-8.3.28~270147682b.pkg
/var/cache/pkg/php83-pdo-8.3.28~af0a7d61fb.pkg
/var/cache/pkg/php83-simplexml-8.3.28.pkg
/var/cache/pkg/ntp-4.2.8p18_5~53ce7b3a74.pkg
/var/cache/pkg/pcre2-10.47.pkg
/var/cache/pkg/php83-pcntl-8.3.28.pkg
/var/cache/pkg/ntp-4.2.8p18_5.pkg
/var/cache/pkg/php83-sockets-8.3.28~be778264e4.pkg
/var/cache/pkg/py311-vici-6.0.3~b2271437be.pkg
/var/cache/pkg/php83-sockets-8.3.28.pkg
/var/cache/pkg/php83-pcntl-8.3.28~93eff41d3d.pkg
/var/cache/pkg/ca_root_nss-3.117_2~f94361d547.pkg
/var/cache/pkg/ca_root_nss-3.117_2.pkg
/var/cache/pkg/php83-sqlite3-8.3.28~a9398ff640.pkg
/var/cache/pkg/php83-sqlite3-8.3.28.pkg
/var/cache/pkg/php83-session-8.3.28.pkg
/var/cache/pkg/py311-vici-6.0.3.pkg
/var/cache/pkg/py311-trio-0.32.0~379cd91a24.pkg
/var/cache/pkg/py311-trio-0.32.0.pkg
/var/cache/pkg/py311-dnspython-2.8.0_1,1~e877f271aa.pkg
/var/cache/pkg/php83-session-8.3.28~a99ce5be66.pkg
/var/cache/pkg/py311-dnspython-2.8.0_1,1.pkg
/var/cache/pkg/php83-mbstring-8.3.28~aea088c9f8.pkg
/var/cache/pkg/php83-mbstring-8.3.28.pkg
/var/cache/pkg/php83-gettext-8.3.28~f630bfacb2.pkg
/var/cache/pkg/php83-gettext-8.3.28.pkg
/var/cache/pkg/liblz4-1.10.0_2,1~665677c9bb.pkg
/var/cache/pkg/liblz4-1.10.0_2,1.pkg
/var/cache/pkg/pkcs11-helper-1.31.0~e98973b0f9.pkg
/var/cache/pkg/php83-zlib-8.3.28~0ace26b122.pkg
/var/cache/pkg/pkcs11-helper-1.31.0.pkg
/var/cache/pkg/zstd-1.5.7_1~788f890814.pkg
/var/cache/pkg/php83-zlib-8.3.28.pkg
/var/cache/pkg/zstd-1.5.7_1.pkg
/var/cache/pkg/pcre2-10.47~81f85770cc.pkg
/var/cache/pkg/php83-ctype-8.3.28~b4ea07e69e.pkg
/var/cache/pkg/php83-ctype-8.3.28.pkg
/var/cache/pkg/brotli-1.2.0,1~6e6393bc03.pkg
/var/cache/pkg/brotli-1.2.0,1.pkg
/var/cache/pkg/curl-8.17.0~0363fce9c2.pkg
/var/cache/pkg/curl-8.17.0.pkg
/var/cache/pkg/nspr-4.38.2~38753a629c.pkg
/var/cache/pkg/nspr-4.38.2.pkg
/var/cache/pkg/php83-8.3.28~9dc92cfc41.pkg
/var/cache/pkg/php83-xml-8.3.28~c5ef2658e7.pkg
/var/cache/pkg/php83-8.3.28.pkg
/var/cache/pkg/php83-xml-8.3.28.pkg
/var/cache/pkg/php83-dom-8.3.28~847af91472.pkg
/var/cache/pkg/php83-dom-8.3.28.pkg
/var/cache/pkg/sqlite3-3.50.4_2,1~3c97aae41e.pkg
/var/cache/pkg/sqlite3-3.50.4_2,1.pkg
/var/cache/pkg/opnsense-25.7.8~c4e566826f.pkg
/var/cache/pkg/opnsense-25.7.8.pkg
/var/cache/pkg/qemu-guest-agent-10.1.2_1~b37217a222.pkg
/var/cache/pkg/readline-8.3.1~f2b679163f.pkg
/var/cache/pkg/qemu-guest-agent-10.1.2_1.pkg
/var/cache/pkg/readline-8.3.1.pkg
/var/cache/pkg/strongswan-6.0.3_1~51975838ce.pkg
/var/cache/pkg/strongswan-6.0.3_1.pkg
/var/cache/pkg/sudo-1.9.17p2_2~c026b03dc3.pkg
/var/cache/pkg/sudo-1.9.17p2_2.pkg
/var/cache/pkg/py311-pyopenssl-25.3.0_1,1~d4e6f43fa1.pkg
/var/cache/pkg/py311-pyopenssl-25.3.0_1,1.pkg
The cleanup will free 35 MiB
Deleting files: .......... done
Nothing to do.
Starting web GUI...done.
Fetching base-25.7.8-amd64.txz: .............................. done
Fetching kernel-25.7.8-amd64.txz: ........ done
!!!!!!!!!!!! ATTENTION !!!!!!!!!!!!!!!
! A critical upgrade is in progress. !
! Please do not turn off the system. !
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Installing kernel-25.7.8-amd64.txz... done
Installing base-25.7.8-amd64.txz...
I just wanted to share some thoughts regarding a specific behavior I've noticed. I believe it's important for anyone planning a maintenance window to be aware of this. It's not meant as criticism—on the contrary, I truly appreciate the great work the OPNsense team is doing!
If it's deemed appropriate, I encourage the team to evaluate this behavior for potential improvements. It could further enhance the already fantastic software we've come to rely on. Thank you for all your hard work, OPNsense team!
#82
Dutch - Nederlands / Re: opnsense ha en kea-dhcp ha...
Last post by @Nospam - November 28, 2025, 06:18:05 PMQuote from: ckruijntjens on May 22, 2025, 11:25:04 PMGoedemiddag,
Ik heb 2 firewalls waar ha perfect werkt. Echter nu wil ik de kea-dhcp server ook ha maken. ik heb alles ingesteld volgens de documentatie, Maar als ik in kea-dhcp de control agent wil starten stop en kea-dhcp server ermee en de control agent start niet.
Heeft iemand enige ervaring hiermee? en eventueel de oplossing?
Mooi artikel over juist dit onderwerp. een op een migratie mogelijk.
https://4sysops.com/archives/running-a-dhcp-server-on-opnsense-with-kea/
Zelf zoek ik nog een DNS oplossing voor mijn AD/windows omgeving met Opnsense.
#83
General Discussion / Re: No Beep on Startup and Shu...
Last post by franco - November 28, 2025, 05:57:48 PMNote that you can disable sounds via System: Settings: Misc: System Sounds because that is easy to forget and nobody mentioned it. ;)
"When this is checked, startup and shutdown sounds will no longer play."
Cheers,
Franco
"When this is checked, startup and shutdown sounds will no longer play."
Cheers,
Franco
#84
25.7, 25.10 Series / Re: 25.7.8 Pulseway code 11 wh...
Last post by pbk - November 28, 2025, 05:51:52 PMI dug around a bit... If you create a Monit task to check for the service, you can at least start it automagically – but this is only a workaround.
So if anybody else is affected by this issue (there are not many RMM tools out there supporting BSD), the Monit task settings:
Type: Process
Match: pulsewayd
Start: /etc/rc.d/pulseway start
Stop: /etc/rc.d/pulseway stop
Tests: Nothing selected
Depends: Nothing selected
Hope this helps others until a better solution becomes available :-)
So if anybody else is affected by this issue (there are not many RMM tools out there supporting BSD), the Monit task settings:
Type: Process
Match: pulsewayd
Start: /etc/rc.d/pulseway start
Stop: /etc/rc.d/pulseway stop
Tests: Nothing selected
Depends: Nothing selected
Hope this helps others until a better solution becomes available :-)
#85
25.7, 25.10 Series / Re: 25.7.8 Pulseway code 11 wh...
Last post by franco - November 28, 2025, 05:50:55 PMWe use "service" once for restarting configd on package updates. I'm not sure what's going on in your install, but 25.7.x shouldn't make a difference.
"pulseway" is not in FreeBSD ports either if I checked correctly. That means it's highly unlikely the update did anything.
Cheers,
Franco
"pulseway" is not in FreeBSD ports either if I checked correctly. That means it's highly unlikely the update did anything.
Cheers,
Franco
#86
General Discussion / Re: Managing the HA passive no...
Last post by viragomann - November 28, 2025, 05:23:42 PMYou need to add the rule to the interface, which the traffic is going out.
If you want to access the LAN IP of the secondary, the packets will go out on the LAN interface. If you access the SYNC interface, the packets go out on SYNC.
Its wise to use ever the same IP to access the firewall. So you need the rule only on a single interface.
And of course you should limit the rule to the admin source and to the secondary as destination.
Best to use an alias, which includes both, the IP of the primary and secondary, so you can sync the rules to the secondary and it will also work in case it has the master role.
If you want to access the LAN IP of the secondary, the packets will go out on the LAN interface. If you access the SYNC interface, the packets go out on SYNC.
Its wise to use ever the same IP to access the firewall. So you need the rule only on a single interface.
And of course you should limit the rule to the admin source and to the secondary as destination.
Best to use an alias, which includes both, the IP of the primary and secondary, so you can sync the rules to the secondary and it will also work in case it has the master role.
#87
General Discussion / Re: Managing the HA passive no...
Last post by Patrick M. Hausen - November 28, 2025, 05:20:41 PMNAT the OpenVPN client network to the internal CARP address of the pair. That will work no matter which node is the active one.
#88
25.7, 25.10 Series / 25.7.8 Pulseway code 11 when s...
Last post by pbk - November 28, 2025, 05:17:22 PMHi there,
here's an issue which seems related to 25.7.8. If the Pulseway RMM (or Kaseya VSA) is installed on an OPNsense system, it'll fail starting the service on boot up. Service is started by rc.conf.
25.7.8 was installed on one system only so far.
If the Pulseway service is started after OPNsense is fully stated up, it starts and runs:
If the system is reverted back to 25.7.7_4, everything works again and the service is started during boot up.
I'm posting it here because it might not be Pulseway's fault because the service does start fine manually. And the release notes for 28.7.8 said we should report weird behaviour which might be related to the newer kernel.
here's an issue which seems related to 25.7.8. If the Pulseway RMM (or Kaseya VSA) is installed on an OPNsense system, it'll fail starting the service on boot up. Service is started by rc.conf.
25.7.8 was installed on one system only so far.
Code Select
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="324"] <118>[26] Starting pulseway.
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 73890 - [meta sequenceId="325"] /usr/sbin/service: WARNING: $mpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 78128 - [meta sequenceId="326"] /usr/sbin/service: WARNING: $dhcp6c_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="327"] <118>[26] Starting lldpd.
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="328"] <118>[26] pulseway already running? (pid=22825).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="329"] <118>[26] >>> Invoking start script 'syslog'
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="330"] <118>[26] >>> Invoking start script 'xen'
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="331"] <118>[26] Starting xenguest.
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="332"] <118>[27] >>> Invoking start script 'carp'
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="333"] <118>[27] >>> Invoking start script 'cron'
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 90361 - [meta sequenceId="334"] /usr/sbin/service: WARNING: $unbound_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 93123 - [meta sequenceId="335"] /usr/sbin/service: WARNING: $radvd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 37088 - [meta sequenceId="336"] /usr/sbin/service: WARNING: $configd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 49328 - [meta sequenceId="337"] /usr/sbin/service: WARNING: $openvpn_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 50789 - [meta sequenceId="338"] /usr/sbin/service: WARNING: $openssh_enable is not set properly - see rc.conf(5).
<45>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain syslog-ng 13690 - [meta sequenceId="1"] Configuration reload request received, reloading configuration;
<45>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain syslog-ng 13690 - [meta sequenceId="2"] Configuration reload finished;
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 59564 - [meta sequenceId="3"] /usr/sbin/service: WARNING: $dhcpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 61028 - [meta sequenceId="4"] /usr/sbin/service: WARNING: $dhcpd6_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 62616 - [meta sequenceId="5"] /usr/sbin/service: WARNING: $strongswan_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 65911 - [meta sequenceId="6"] /usr/sbin/service: WARNING: $snmptrapd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 67926 - [meta sequenceId="7"] /usr/sbin/service: WARNING: $snmpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 70971 - [meta sequenceId="8"] /usr/sbin/service: WARNING: $rrdcached_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 83400 - [meta sequenceId="9"] /usr/sbin/service: WARNING: $kpropd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 86704 - [meta sequenceId="10"] /usr/sbin/service: WARNING: $samplicator_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 88919 - [meta sequenceId="11"] /usr/sbin/service: WARNING: $xenguest_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 91219 - [meta sequenceId="12"] /usr/sbin/service: WARNING: $choparp_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 93550 - [meta sequenceId="13"] /usr/sbin/service: WARNING: $lighttpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 97460 - [meta sequenceId="14"] /usr/sbin/service: WARNING: $php_fpm_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="15"] OK
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 39706 - [meta sequenceId="16"] /usr/sbin/service: WARNING: $mpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 42364 - [meta sequenceId="17"] /usr/sbin/service: WARNING: $dhcp6c_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 55528 - [meta sequenceId="18"] /usr/sbin/service: WARNING: $unbound_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain root 57465 - [meta sequenceId="19"] /usr/sbin/service: WARNING: $radvd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain opnsense 59989 - [meta sequenceId="20"] /usr/local/sbin/pluginctl: plugins_configure crl (1)
<13>1 2025-11-28T16:33:26+01:00 OPNsensePlayground.localdomain opnsense 59989 - [meta sequenceId="21"] /usr/local/sbin/pluginctl: plugins_configure crl (execute task : core_trust_crl(1))
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 84561 - [meta sequenceId="22"] /usr/sbin/service: WARNING: $configd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 93146 - [meta sequenceId="23"] /usr/sbin/service: WARNING: $openvpn_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 95159 - [meta sequenceId="24"] /usr/sbin/service: WARNING: $openssh_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 1440 - [meta sequenceId="25"] /usr/sbin/service: WARNING: $dhcpd_enable is not set properly - see rc.conf(5).
<12>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain opnsense 59903 - [meta sequenceId="26"] /usr/local/sbin/pluginctl: warning: ignoring missing default tunable request: vm.pmap.pti
<12>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain opnsense 59903 - [meta sequenceId="27"] /usr/local/sbin/pluginctl: warning: ignoring missing default tunable request: hw.ibrs_disable
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 3069 - [meta sequenceId="28"] /usr/sbin/service: WARNING: $dhcpd6_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 5221 - [meta sequenceId="29"] /usr/sbin/service: WARNING: $strongswan_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 7231 - [meta sequenceId="30"] /usr/sbin/service: WARNING: $snmptrapd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 9190 - [meta sequenceId="31"] /usr/sbin/service: WARNING: $snmpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 11137 - [meta sequenceId="32"] /usr/sbin/service: WARNING: $rrdcached_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="33"] <118>[27] >>> Invoking start script 'openvpn'
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="34"] <118>[27] >>> Invoking start script 'sysctl'
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain opnsense 59989 - [meta sequenceId="35"] /usr/local/sbin/pluginctl: plugins_configure crl (execute task : openvpn_refresh_crls(1))
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 21310 - [meta sequenceId="36"] /usr/sbin/service: WARNING: $kpropd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 22332 - [meta sequenceId="37"] /usr/sbin/service: WARNING: $samplicator_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 23532 - [meta sequenceId="38"] /usr/sbin/service: WARNING: $xenguest_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 24823 - [meta sequenceId="39"] /usr/sbin/service: WARNING: $choparp_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 26010 - [meta sequenceId="40"] /usr/sbin/service: WARNING: $lighttpd_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain root 27649 - [meta sequenceId="41"] /usr/sbin/service: WARNING: $php_fpm_enable is not set properly - see rc.conf(5).
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="42"] <118>[27] Service `sysctl' has been restarted.
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="43"] <118>[27] >>> Invoking start script 'beep'
<11>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain pulsewayd 22825 - [meta sequenceId="44"] Signal handled: 11
<13>1 2025-11-28T16:33:27+01:00 OPNsensePlayground.localdomain kernel - - [meta sequenceId="45"] <6>[28] pid 22825 (pulsewayd), jid 0, uid 0: exited on signal 11 (no core dump - bad address)
If the Pulseway service is started after OPNsense is fully stated up, it starts and runs:
Code Select
root@OPNsensePlayground:~ # service pulseway start
Starting pulseway.
root@OPNsensePlayground:~ # service pulseway status
pulseway is running as pid 77088.If the system is reverted back to 25.7.7_4, everything works again and the service is started during boot up.
I'm posting it here because it might not be Pulseway's fault because the service does start fine manually. And the release notes for 28.7.8 said we should report weird behaviour which might be related to the newer kernel.
#89
German - Deutsch / Re: Plugin "os-cpu-microcode-a...
Last post by meyergru - November 28, 2025, 05:09:25 PMNein, diese Meldung kommt immer am Ende der Installationen. Scroll nach oben und Du wirst sehen, dass sich das auf andere Pakete bezieht. Wie Du sehen kannst, ob es Updates gibt, steht in der offiziellen Dokumentation. Dazu braucht es meist auch einen Reboot.
#90
German - Deutsch / Re: Plugin "os-cpu-microcode-a...
Last post by ziegler - November 28, 2025, 04:56:20 PMDanke für die Antwort
Ich habe es installiert, bekomme aber eine Meldung danach das dass Paket veraltet ist:
This port is deprecated; you may wish to reconsider installing it:
Abandoned upstream, fails to identify anything remotely new according to upstream issue reports.
It is scheduled to be removed on or after 2025-06-30.
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***
Das iritiert mich jetzt.
Ich habe die opnsense 25.7.8
Ich habe es installiert, bekomme aber eine Meldung danach das dass Paket veraltet ist:
This port is deprecated; you may wish to reconsider installing it:
Abandoned upstream, fails to identify anything remotely new according to upstream issue reports.
It is scheduled to be removed on or after 2025-06-30.
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***
Das iritiert mich jetzt.
Ich habe die opnsense 25.7.8
