"Recent posts
#91
25.7, 25.10 Series / Re: 25.7.8 Unbound blocklist s...
Last post by meyergru - December 03, 2025, 10:26:16 AM...or else they'll fix that problem! ;-)
#92
General Discussion / Re: Where should I put the mai...
Last post by meyergru - December 03, 2025, 10:25:01 AMIs that possible with a transparent bridge setup? I frankly do not know...
And BTW: Does Home Network Guy not specifically cover that basic question, which should come up all the time with such setups, I imagine?
Oh, yes, he does. By creating a MGMT interface and bridging that to WAN. How elegant and intuitive.
I still do not get how people think that a transparent bridge would be easier than a routed setup.
And BTW: Does Home Network Guy not specifically cover that basic question, which should come up all the time with such setups, I imagine?
Oh, yes, he does. By creating a MGMT interface and bridging that to WAN. How elegant and intuitive.
I still do not get how people think that a transparent bridge would be easier than a routed setup.
#93
General Discussion / Re: Access HTTPs and SSH from ...
Last post by Albertk - December 03, 2025, 10:24:14 AMQuote from: Patrick M. Hausen on December 03, 2025, 09:49:56 AMIs the host "on the Internet" from which you are testing actually connected to the same network as the WAN interface of OPNsense? I.e. is there an Ethernet instead of a point to point connection between OPNsense and the uplink router? And you are testing from that network?
In that case: Firewall > Settings > Advanced > Disable reply-to.
That fix it. Thanks.
#94
Development and Code Review / Re: Delete one firewall rule o...
Last post by patient0 - December 03, 2025, 10:23:12 AMQuote from: Monviech (Cedrik) on December 03, 2025, 10:11:30 AMDo you already have "Destination NAT" instead of "Port Forward" under NAT?No, it is still called 'Port Forward', of which I have two + an Outbound NAT for IPv6.
Addition: Deleting one of the port forward rules make them all (two) disappear). In that use case there is again a <rule>...</rule> added. <rule> after </outbound> and </rule> before </nat>. Removing them resolves it.
#95
25.7, 25.10 Series / Re: 25.7.8 Unbound blocklist s...
Last post by Monviech (Cedrik) - December 03, 2025, 10:13:37 AMBetter do not call them and do not wake sleeping dogs. :)
#96
25.7, 25.10 Series / Re: 25.7.8 Unbound blocklist s...
Last post by OPNenthu - December 03, 2025, 10:12:28 AMWell that's... a solution. I'd like to evolve from monkey someday soon, though :)
I might need to get on the phone with my ISP and inquire about this. I noticed my prefix hasn't changed in quite some time, so I wonder if they've changed a policy and now make the prefixes sticky.
I might need to get on the phone with my ISP and inquire about this. I noticed my prefix hasn't changed in quite some time, so I wonder if they've changed a policy and now make the prefixes sticky.
#97
Development and Code Review / Re: Delete one firewall rule o...
Last post by Monviech (Cedrik) - December 03, 2025, 10:11:30 AMDo you already have "Destination NAT" instead of "Port Forward" under NAT?
Thats a thing that changed recently, maybe there's something unexpected going on?
https://github.com/opnsense/core/commit/da976d77fb46117b3837693b43b4b34472fd19f8
Thats a thing that changed recently, maybe there's something unexpected going on?
https://github.com/opnsense/core/commit/da976d77fb46117b3837693b43b4b34472fd19f8
#98
Hardware and Performance / Re: Suggestion for Bufferbloat...
Last post by Seimus - December 03, 2025, 10:08:10 AMQuote from: RamSense on December 03, 2025, 07:37:11 AMI will call this used guide guide "Dirty but effective"
The creator of this article looks like doesn't know what their are doing.
There are several miss statements about Pipes and Queues.
There are several miss-configurations in the Pipe > BW, Queues, Quantum
There are several miss-configurations in the Queue > MASK, ECN, Enabled Codel
And so on.
Some of the configured features don't do anything and some of them have impact. Like MASK, Quantum & BW and overlapping FQ_C in scheduler and CoDel in the Queue, causes overall that there is twice running the CoDel algorithm, fighting each other.
In layman terms Quantum basically handles how much bytes at once can from a Flow queue leave (FQ_C internal one). The reason why you want to use Quantum at your MTU size when your BW is above 100Mbit is to serve 1 packet per flow (there can be thousands flows, 1 flow = 1 internal FQ_Codel queue). Higher Quantum sizes could starve smaller packets. And too small Quantum sizes could starve bigger packet sizes. Both related to the configured Interface MTU.
Regards,
S.
#99
Zenarmor (Sensei) / Re: Remote Elasticsearch Datab...
Last post by sorano - December 03, 2025, 10:06:58 AMI think Zenarmor is one of the worst examples of reverse feature creep I've ever seen in an application.
At the time, Sensei was actually one of the reasons that made me decide to switch from pf to OPN. Paid for home license for two years but after losing features year after year it was not worth it in the end. Looks like they are still trying to find ways to limit their application.
At the time, Sensei was actually one of the reasons that made me decide to switch from pf to OPN. Paid for home license for two years but after losing features year after year it was not worth it in the end. Looks like they are still trying to find ways to limit their application.
#100
25.7, 25.10 Series / OPNsense 25.7.8 (amd64) *** Da...
Last post by dstr - December 03, 2025, 09:57:43 AMssh works however and interface config is also available.
I tried to reload all services, but did not help.
