"Recent posts
#81
General Discussion / Re: Unbound strange behavior
Last post by OPNenthu - December 07, 2025, 09:25:44 AMThe release notes for 25.7.8 have an important note:
https://forum.opnsense.org/index.php?topic=49869.0
Maybe this is it?
https://forum.opnsense.org/index.php?topic=49869.0
QuoteThe Unbound blocklists feature formerly known as a business feature is
now a community feature. Since this required merging both the existing
community one with the business one you need to make sure to reapply the
blocklist settings after the reboot since it will not generate a new and
possibly incompatible format. Make sure to check your automatically
migrated settings while at it.
Maybe this is it?
#82
25.7, 25.10 Series / Re: 25.7.9: pkg exited on sign...
Last post by franco - December 07, 2025, 09:24:56 AMYou cut the update log short, which means context could be missing. A bug exists in FreeBSD pkg using HTTPS since libcurl was added. FreeBSD has no HTTPS repositories but we do. We also have a fix.
Cheers,
Franco
Cheers,
Franco
#83
25.7, 25.10 Series / insight aggregator dies "Datab...
Last post by JL - December 07, 2025, 08:16:34 AMThis has been going on since quite some time. The fix reported is to 'delete all netflow data' which does not sit well with me.
This looks like a reoccurring bug ? Not few posts on this board signal this error happened in the past.
flowd_aggregate.pyflowd aggregate died with message Traceback (most recent call last): File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 162, in run aggregate_flowd(self.config, do_vacuum) File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 80, in aggregate_flowd stream_agg_object.add(copy.copy(flow_record)) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/source.py", line 69, in add super(FlowSourceAddrTotals, self).add(flow) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/__init__.py", line 187, in add self._update_cur.execute(self._insert_stmt, flow) sqlite3.DatabaseError: database disk image is malformed
/var/netflow shows no broken files or lock files left behind
work-around with data loss
BUG report created https://github.com/opnsense/core/issues/9499
This looks like a reoccurring bug ? Not few posts on this board signal this error happened in the past.
flowd_aggregate.pyflowd aggregate died with message Traceback (most recent call last): File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 162, in run aggregate_flowd(self.config, do_vacuum) File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 80, in aggregate_flowd stream_agg_object.add(copy.copy(flow_record)) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/source.py", line 69, in add super(FlowSourceAddrTotals, self).add(flow) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/__init__.py", line 187, in add self._update_cur.execute(self._insert_stmt, flow) sqlite3.DatabaseError: database disk image is malformed
/var/netflow shows no broken files or lock files left behind
work-around with data loss
Code Select
cd /usr/local/opnsense/scripts/netflow/
./flush_all.sh allBUG report created https://github.com/opnsense/core/issues/9499
#84
25.7, 25.10 Series / Re: GeoIP with ipinfo stopped ...
Last post by reincoder - December 07, 2025, 06:14:07 AMThank you very much, everyone, for your kindness and patience. To confirm again:
- The engineering team performed the rollback, and we are now aware of the issue.
- @Kayakero's review helped us to pinpoint the issue.
- This was not related to rate limits. Due to multiple retries to the API endpoint we returned 429 rate limit error.
- We will proceed with the migration to the new cloud storage system; however, at this moment, we do not think Opnsense needs to patch anything. We will make the adjustments on our end.
If there is any issue, please reach out to us on our community: https://community.ipinfo.io/
Opnsense is a major supporter of our IPinfo Lite service, so we owe it to the Opnsense community to handle data issues related to us in our community.
— Abdullah | DevRel, IPinfo
- The engineering team performed the rollback, and we are now aware of the issue.
- @Kayakero's review helped us to pinpoint the issue.
- This was not related to rate limits. Due to multiple retries to the API endpoint we returned 429 rate limit error.
- We will proceed with the migration to the new cloud storage system; however, at this moment, we do not think Opnsense needs to patch anything. We will make the adjustments on our end.
If there is any issue, please reach out to us on our community: https://community.ipinfo.io/
Opnsense is a major supporter of our IPinfo Lite service, so we owe it to the Opnsense community to handle data issues related to us in our community.
— Abdullah | DevRel, IPinfo
#85
25.7, 25.10 Series / Re: GeoIP with ipinfo stopped ...
Last post by Netlearn - December 07, 2025, 05:38:10 AMThanks for the fast response.
Updates work on the five units.
Updates work on the five units.
#86
General Discussion / Re: Seeking advice for first G...
Last post by Seldon - December 07, 2025, 03:07:53 AMThanks so much for your help, in advance. Firewall rules are quite daunting to me, but I believe (and hope!) that my understanding is getting a bit better.
Here's my Guest VLAN, along with the added Floating Rules.
You cannot view this attachment.
Here's the Admin VLAN, with a few restrictive rules:
You cannot view this attachment.
Here's my Home VLAN:
You cannot view this attachment.
I have to access the WAN net because I'm behind another NAT unfortunately. Should The Admin Aliases to Firewall be placed in the Floating, or are they best left specifically for the Admin VLAN rules?
Here's my Guest VLAN, along with the added Floating Rules.
You cannot view this attachment.
Here's the Admin VLAN, with a few restrictive rules:
You cannot view this attachment.
Here's my Home VLAN:
You cannot view this attachment.
I have to access the WAN net because I'm behind another NAT unfortunately. Should The Admin Aliases to Firewall be placed in the Floating, or are they best left specifically for the Admin VLAN rules?
#87
25.7, 25.10 Series / Re: Unwanted route that keeps ...
Last post by Patrick M. Hausen - December 07, 2025, 12:54:23 AMInterfaces > LAN - is there a gateway set?
#88
Tutorials and FAQs / Re: OPNsense aarch64 firmware ...
Last post by Maurice - December 07, 2025, 12:32:25 AM@neel I had a look: You currently can't build USB installer images (make serial / make vga) on aarch64. The build script wants to add a protective MBR to the image, but this only exists on amd64.
But building an iso image (make dvd) is possible, this has explicitly been enabled for aarch64.
But building an iso image (make dvd) is possible, this has explicitly been enabled for aarch64.
#89
Tutorials and FAQs / Re: OPNsense aarch64 firmware ...
Last post by Maurice - December 06, 2025, 11:38:42 PMOPNsense 25.7.9 aarch64 packages and sets released. Includes ndp-proxy-go 0.3.0.
#90
25.7, 25.10 Series / Re: KEA, PiHole and IPv6
Last post by NudgeyNMR - December 06, 2025, 11:23:05 PMA tutorial would be most welcome.
