"Recent posts
#81
25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...
Last post by myg63 - Today at 12:30:04 PMI think I could solve it.
1. NO, I don't need hostwatch.
2. I checked the reason and this thread.
In the end, I installed the 1.0.9 version and removed watching WAN interfaces, only LAN
PROBLEM SOLVED!
Fun fact: when I switch into the shell and enter "hostwatch --version" it shows 1.0.2 even 1.0.9 packet is installed. May be there is some little work needed to remove this chance of misunderstanding when trying to check if correct version is installed.
1. NO, I don't need hostwatch.
2. I checked the reason and this thread.
In the end, I installed the 1.0.9 version and removed watching WAN interfaces, only LAN
PROBLEM SOLVED!
Fun fact: when I switch into the shell and enter "hostwatch --version" it shows 1.0.2 even 1.0.9 packet is installed. May be there is some little work needed to remove this chance of misunderstanding when trying to check if correct version is installed.
Quote from: myg63 on Today at 10:35:17 AMHello guys,
I had this problem with lot of Disk IO writes because of hostwatch checking whatever I don't know.
I updated to 26.1 yesterday and it became worse!!!
hostwatch --version: 1.0.2
hostwatch fills the disk completely in a few minutes with files in /var/db/hostwatch
After stopping hostwatch and deleting the files and restarting hostwatch it fills the disk again.
-rw-r--r-- 1 hostd hostd 4272128 Jan 30 10:17 hosts.db
-rw-r--r-- 1 hostd hostd 23396352 Jan 30 10:21 hosts.db-shm
-rw-r--r-- 1 hostd hostd 35686871496 Jan 30 10:00 hosts.db-wal
My environment:
proxmox host with wan coming thru a vlan (tagging is done in the proxmox host) and a virtual opnsense
with
2 physical adapters: LAN and WAN running on a proxmox network bridge connected to physical adapters on the host.
And there is a wireguard network with about 20 hosts connecting thru the WAN into a virtual net which is routed to the LAN.
I stopped the daemon
hopefully there will be a solution soon or any advice here?
#82
26.1 Series / Re: Old rules deprecation
Last post by OPNenthu - Today at 12:26:44 PMOne more thing: the hyperlinks in Firewall->Groups continue to point to the legacy Rules UI which is now empty. I'm guessing that's the case in more places wherever links exist to 'firewall_rules.php' or 'firewall_rules.php?if=<name>'.
Since the legacy rules UI is going to be around for a long while still, could we have an option to update all the links in OPNsense to point to the new UI? Or is that not really in the cards because the links are static?
Since the legacy rules UI is going to be around for a long while still, could we have an option to update all the links in OPNsense to point to the new UI? Or is that not really in the cards because the links are static?
#83
26.1 Series / ISC-DHCP not starting after up...
Last post by skazi - Today at 12:22:07 PMAfter upgrade to 26.1 I can't start ISC DHCP service anymore.
The log says:
The log says:
Code Select
Internet Systems Consortium DHCP Server 4.4.3-P1
Copyright 2004-2022 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /etc/dhcpd.conf
Database file: /var/db/dhcpd.leases
PID file: /var/run/dhcpd.pid
Internet Systems Consortium DHCP Server 4.4.3-P1
Copyright 2004-2022 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 78 leases to leases file.
No bpf devices. Please read the README section for your operating system.
If you think you have received this message due to a bug rather
than a configuration issue please read the section on submitting
bugs on either our web page at www.isc.org or in the README file
before submitting a bug. These pages explain the proper
process and the information we find helpful for debugging.
exiting.
#84
26.1 Series / Re: Old rules deprecation
Last post by OPNenthu - Today at 12:19:44 PMQuote from: Monviech (Cedrik) on January 29, 2026, 02:35:45 PMYou don't need any manual edits. Just import them, see the result, change things in the GUI as needed and then apply.
Just reporting back to say that the import went without hitch. :)
I did it yesterday and haven't seen any issues so far. The single-interface Floating rules got converted to interface rules automatically.
The only negative is that it split up my related floating rules which were previously together. I had two similar rules for the same purpose, but one was for IPv4 and one for IPv6. The IPv4 rule was for WAN only and the IPv6 rule was for WAN + an interface group. I had given them similar descriptions and everything. Post migration the IPv4 rule became a WAN interface rule and the IPv6 rule stayed as Floating. Same end result, but difference in organization and view.
I should probably take time to re-think my rules in light of the new way.
#85
26.1 Series / Re: Let's talk firewall rule o...
Last post by Seimus - Today at 12:18:06 PMHappens, but I will be honest it was bit weird why its nowhere properly stated :D
Regards,
S.
Regards,
S.
#86
26.1 Series / Re: Identity Association IPv6 ...
Last post by flushell - Today at 12:15:11 PMThis is probably the bug: https://github.com/opnsense/core/issues/8838
Edit:
To tackle this:
You must Tick "Allow manual adjustment of DHCPv6 and Router Advertisements ", then Disable ISC DHCP6 for the interface. After that, you can enable Identity association.
Edit:
To tackle this:
You must Tick "Allow manual adjustment of DHCPv6 and Router Advertisements ", then Disable ISC DHCP6 for the interface. After that, you can enable Identity association.
#87
Hardware and Performance / Re: Latest BIOS update bricked...
Last post by ab - Today at 12:13:51 PMQuote from: patient0 on Today at 10:43:56 AMI assume you disconnected the power for a minute or so? And you don't see anything on the serial console, even when trying to boot from e.g. OPNsense USB?
You're right. After physically disconnecting the power and plugging it back in, the system is functional and I again have serial output. Previously I had just turned the system on and off with the pinhole power button.
Sorry for the false alarm, but perhaps this ought to be part of the installation instructions. Currently they just say "Reboot the machine" which I thought I had accomplished with the power button.
#88
26.1 Series / Re: Let's talk firewall rule o...
Last post by Monviech (Cedrik) - Today at 12:11:00 PMI've already written a section about the sort order but forgot to add it.
https://github.com/opnsense/docs/pull/843
This should clear things up I hope.
https://github.com/opnsense/docs/pull/843
This should clear things up I hope.
#89
26.1 Series / Re: internet stops! pf_test: ...
Last post by d0shie - Today at 12:09:10 PMApplied the patches and got the same expected outputs: Migration reported as complete with no errors, interfaces settings shown.
We'll see how it goes from here. Thanks for the hard work, Franco!
We'll see how it goes from here. Thanks for the hard work, Franco!
#90
26.1 Series / Re: internet stops! pf_test: ...
Last post by RamSense - Today at 12:08:53 PMok. rebooted and enabled suricata. so far so good.
thanks!
thanks!
