Recent posts

#91
German - Deutsch / Re: Umbau Netzwerk/Rules
Last post by kosta - December 08, 2025, 07:48:39 AM
delete
#92
German - Deutsch / Re: Umbau Netzwerk/Rules
Last post by kosta - December 08, 2025, 07:48:07 AM
delete
#93
German - Deutsch / Re: Umbau Netzwerk/Rules
Last post by kosta - December 08, 2025, 07:47:36 AM
Hallo, ich komme jetzt zu diesem Thema zurück. Vielen Dank für die ausführliche Beschreibung. Ich bin aktuell dabei die Firewall Rules zu erstellen.
Und eigentlich habe ich einen Sideeffect den ich nur so halb erwartet habe: mit einer Interface-Gruppe von allen lokalen Interfaces und entsprechenden Rules die lokale VLANs auf jeden Interface erstmal blocken, aber dafür in Floating Rules die Allow sitzen...

Jetzt werden scheinbar Ports im selben VLAN geblockt, was echt seltsam ist. Offensichtlich blockt OPNsense im gleichen Subnet, wenn solche Rules erstellt werden?!

Ich müsste demnach ein Rule für jeden VLAN haben, wo man einzelne Intf auswählt und nicht eine Gruppe hat, sodass man immer den jeweiligen Intf nicht auswählt.
#94
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by RobertoZ - December 08, 2025, 06:10:14 AM
Successful upgrade from an Intel i350 two port to a i226 two port. This is a Fenvi i226 two port card that I ordered from Aliexpress.   

Card was on a etrackid that didn't correspond to any of the firmware. It was on v2.23 but the etrackid showed 8000397.   

Tried flashing 80000425 from the 1MB.  No go.  Tried in Arch linux, then booted into windows.  Would not flash and kept giving a security error in the log file.

Finally tried the 2MB version and that worked. 

Renamed the igb0/igb1 to igc0/igc1 in the config.xml file and installed the card.  At first, was able to get into Opnsense via web, but gateway was not showing.

Rebooted modem and everything seems to be working as it should be.

Thank you!!!!!
#95
General Discussion / Re: TUI for viewing and analys...
Last post by patient0 - December 08, 2025, 06:06:19 AM
Quote from: allddd on December 07, 2025, 11:43:17 PMI've thought about this, and the main issue is sorting the entries since I can't load everything into memory. ... I need a reliable way to order them, and using file names/creation times isn't reliable because users can rename/move files.
Wouldn't it be enough to read the first and the last line(s) of a file, determine the time stamps of these entries and you'd know the order of the files?
#96
Zenarmor (Sensei) / Re: Zenarmor BF Sale
Last post by n0ahg - December 08, 2025, 05:31:02 AM
Quote from: sy on December 04, 2025, 12:57:00 PMHi,

As mentioned, this Black Friday campaign was designed specifically for new Home Tier users, and existing subscribers normally aren't eligible for this promotion.
 
Even though the Black Friday campaign wasn't intended for existing customers, we wanted to extend this discount (Black Friday) to you as a gesture. The discount can be applied to your renewal.

This is exactly why I didn't buy a subscription.  Your company seems to treat users differently depending on how you feel.  This is an example and so is the SASE Starter Tier.
#97
Virtual private networks / Applying Wireguard Peer Settin...
Last post by crlt - December 08, 2025, 04:36:17 AM
Modifying or adding wireguard peers with a modified allowed IPs field causes some static routes configured in the GUI (or obtained via BGP) to disappear? I've already checked the box to disable adding routes in the wireguard instance but that doesn't seem to change the behavior of the peer setting? Has anyone been able to get around this? It only seems to happen when modifying a peer that has a conflicting route.

I don't need wireguard to install this route but wireguard still needs it since the allowed ips is also a form of authentication for wireguard to allow traffic to pass over its own interface. Anyone have any experience or workarounds?

For example I have a remote site 10.20.0.0/16 which is routed via BGP over a peering network that goes over the Wireguard tunnel. If I modify the peer of that wireguard tunnel containing any overlapping subnet it will delete the routes learned via BGP or static routes... and wireguard needs to have the allowed IP set (for example to 10.20.0.0/16) to permit traffic over the interface even though the route is not required since thats learned through BGP and the wireguard tunnel interface is a gateway... I have to re-apply any static routes (like to the peering instance) and stop and restart FRR.
#98
General Discussion / Re: UPNP Broken
Last post by lmnsour - December 08, 2025, 02:50:33 AM
Here are my firewall and outbound rules.

I don't have "static" checked because I have multiple users playing at a time but if I click static, I can get "Moderate NAT" for most gaming services.

I added port 5353 (differs from the youtube tutorial) but that didn't work either.
#99
General Discussion / Re: UPNP Broken
Last post by lmnsour - December 08, 2025, 02:47:57 AM
Quote from: franco on December 05, 2025, 02:29:11 PMTry the plugin at 1.8 via 25.7.9.

Still not working.

Here are my UPNP settings (took out IP address).

Windows set to "Private Network" and discovery is turned on.  No AV installed.  Do I need to configure the Firewall rules?
#100
Hardware and Performance / Re: DEC750 Questions
Last post by Seimus - December 08, 2025, 01:29:59 AM
Quote from: Monviech (Cedrik) on December 07, 2025, 10:06:58 PMThe DEC740 is not older its the same as the DEC750 with 4GB/128GB instead of 8GB/256GB.

Oh yes you are right!

I always forget there are 2 versions of DEC per its class.

Regards,
S.