Recent posts

#91
26.1 Series / Re: Need to select "Prefer to ...
Last post by trdeal - Today at 11:08:59 AM
Hi,
Run an Audit and selecting connectivity produces the following

***GOT REQUEST TO AUDIT CONNECTIVITY***
Currently running OPNsense 26.1.1 (amd64) at Thu Feb  5 09:46:54 GMT 2026
Checking connectivity for host: pkg.opnsense.org -> 89.149.222.99
PING 89.149.222.99 (89.149.222.99): 1500 data bytes

--- 89.149.222.99 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv4): https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching data.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 929 packages processed.
All repositories are up to date.
Checking connectivity for host: pkg.opnsense.org -> 2001:1af8:5300:a010:1::1
PING(1548=40+8+1500 bytes) 2a02:8010:d00d:1:8395:9cef:ffaa:d122 --> 2001:1af8:5300:a010:1::1

--- 2001:1af8:5300:a010:1::1 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv6): https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Updating OPNsense repository catalogue...
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
repository OPNsense has no meta file, using default settings
pkg: An error occurred while fetching package: No error

What is interesting is that in my WAN interface I have specified the MTU to be 1492 and initially left the MSS blank and was curious to see the size of IPv6 ping in bytes.

However, I subsequently editted the WAN interface and set the MSS to 1492 and re-ran the Run An Audit, selecting connectivity but the IPv6 ping size is too large.

***GOT REQUEST TO AUDIT CONNECTIVITY***
Currently running OPNsense 26.1.1 (amd64) at Thu Feb  5 09:57:55 GMT 2026
Checking connectivity for host: pkg.opnsense.org -> 89.149.222.99
PING 89.149.222.99 (89.149.222.99): 1500 data bytes

--- 89.149.222.99 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv4): https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching data.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 929 packages processed.
All repositories are up to date.
Checking connectivity for host: pkg.opnsense.org -> 2001:1af8:5300:a010:1::1
PING(1548=40+8+1500 bytes) 2a02:8010:d00d:1:8395:9cef:ffaa:d122 --> 2001:1af8:5300:a010:1::1

--- 2001:1af8:5300:a010:1::1 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv6): https://pkg.opnsense.org/FreeBSD:14:amd64/26.1
Updating OPNsense repository catalogue...
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
repository OPNsense has no meta file, using default settings
pkg: An error occurred while fetching package: No error

From the linux computers in the house I can ping IPv4 or IPv6 successfully through the Opnsense firewall but the firewall itself is not honouring the MTU/MSS settings on the WAN interface and is thus failing in its IPv6 connectivity.
#92
26.1 Series / Re: Missing plugin: os-lcdproc...
Last post by miketubby - Today at 10:58:58 AM
Okay, so:

   cd /tmp
   wget https://pkg.opnsense.org/FreeBSD:14:amd64/26.1/MINT/26.1.1/latest/All/os-lcdproc-sdeclcd-1.1_1.pkg
   pkg install os-lcdproc-sdeclcd-1.1_1.pkg

works, but System > Firmware > Plugins now shows:

   os-lcdproc-sdeclcd (installed)   1.1_1   982B   4   unknown-repository   LCDProc for SDEC LCD devices

Should I have done something different?

Mike
#93
25.7, 25.10 Series / Re: Continual issues updating
Last post by Matthew_Kent - Today at 10:53:29 AM
Apologies for reviving a slightly older thread, but I have just updated (to 26.1.1) using the 'curl' method without issue, after failed attempts through the GUI, and using 'fetch'.

Many thanks for your help fanco, and I hope this helps other in the future.

Matt
#94
26.1 Series / Re: Need to select "Prefer to ...
Last post by trdeal - Today at 10:46:26 AM
Hi,
Here is the Run an Audit selecting the Upgrade Log, unfortunately it does not show the multiple failed upgrades with "Prefer to use IPv4 even if IPv6 available" disabled. I have been checking the logs on the Firewall and the syslog server.

Updating OPNsense repository catalogue...
pkg-static: Repository OPNsense has a wrong packagesite, need to re-create database
Fetching meta.conf: . done
Fetching data.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 930 packages processed.
OPNsense is up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
OPNsense is up to date.
Checking for upgrades (207 candidates): .......... done
Processing candidates (207 candidates): .......... done
Checking integrity... done (1 conflicting)
- os-isc-dhcp-1.0_3 conflicts with opnsense-25.7.11_9 on /usr/local/etc/dhcpd.opnsense.d/README
Checking integrity... done (0 conflicting)
The following 207 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
dhcp6c: 20250513 -> 20260122
hostwatch: 1.0.6 -> 1.0.11
opnsense: 25.7.11_9 -> 26.1_4
opnsense-lang: 25.7.4 -> 26.1
opnsense-update: 25.7.11 -> 26.1
os-acme-client: 4.11 -> 4.12
os-isc-dhcp: 0.1 -> 1.0_3

Installed packages to be REINSTALLED:
abseil-20250127.1
acme.sh-3.1.2
bash-5.3.9
beep-1.0_2
bind-tools-9.20.16
boost-libs-1.89.0_1
brotli-1.2.0,1
ca_root_nss-3.117_2
choparp-20150613_1
cpdup-1.22_1
cpustats-0.1
curl-8.17.0
cyrus-sasl-2.1.28_5
cyrus-sasl-gssapi-2.1.28
dhcrelay-1.0
dmidecode-3.6
dnsmasq-2.91_1,1
dpinger-3.4
easy-rsa-3.2.4,1
expat-2.7.3
filterlog-0.7_2
flock-2.37.2_1
flowd-0.9.1_5
fstrm-0.6.1_1
gettext-runtime-0.26
glib-2.84.4,2
gmp-6.3.0
hostapd-2.11_3
hyperscan-5.4.2
icu-76.1,1
ifinfo-13.0_1
iftop-1.0.p4_1
indexinfo-0.3.1_1
isc-dhcp44-server-4.4.3P1_2
ivykis-0.43.2_1
jansson-2.14.1
jq-1.8.1
json-c-0.18
jsoncpp-1.9.6_1
kea-3.0.2
krb5-1.22.1
ldns-1.8.4
libargon2-20190702_1
libcbor-0.13.0
libedit-3.1.20251016_1,1
libevent-2.1.12
libffi-3.5.1
libfido2-1.16.0
libgcrypt-1.11.2
libgpg-error-1.58
libiconv-1.18_1
libidn2-2.3.8
libinotify-20240724_3
libltdl-2.5.4
liblz4-1.10.0_2,1
libmcrypt-2.5.8_4
libnet-1.3,1
libnghttp2-1.68.0
libpfctl-0.17
libpsl-0.21.5_2
libsodium-1.0.21
libucl-0.9.3
libunistring-1.4.1
liburcu-0.15.3
libuuid-2.41.1_1
libuv-1.51.0
libxml2-2.14.6
libxslt-1.1.43_1
libyaml-0.2.5
lighttpd-1.4.82
log4cplus-2.1.2
lua54-5.4.8
lzo2-2.10_1
monit-5.35.2
mpd5-5.9_19
mpdecimal-4.0.1
netdata-2.8.1_1
nettle-3.10.2
nspr-4.38.2
nss-3.119.1
ntp-4.2.8p18_5
oniguruma-6.9.10
openldap26-client-2.6.10
openssh-portable-10.2.p1_1,1
openssl-3.0.18,1
openvpn-2.6.17
opnsense-installer-25.1
os-dmidecode-1.2
os-netdata-1.2_1
os-smart-2.4
os-vnstat-1.3_1
pam_opnsense-24.1
pcre2-10.47_1
perl5-5.42.0_1
pftop-0.13
php83-8.3.28
php83-ctype-8.3.28
php83-curl-8.3.28
php83-dom-8.3.28
php83-filter-8.3.28
php83-gettext-8.3.28
php83-ldap-8.3.28
php83-mbstring-8.3.28
php83-pcntl-8.3.28
php83-pdo-8.3.28
php83-pear-1.10.16
php83-pear-Crypt_CHAP-1.5.0_1
php83-pecl-mcrypt-1.0.7
php83-pecl-radius-1.4.0b1_3
php83-phalcon-5.9.3
php83-phpseclib-3.0.48
php83-session-8.3.28
php83-simplexml-8.3.28
php83-sockets-8.3.28
php83-sqlite3-8.3.28
php83-xml-8.3.28
php83-zlib-8.3.28
pkcs11-helper-1.31.0
pkg-2.3.1_1
pkgconf-2.4.3,1
protobuf-29.5,1
protobuf-c-1.5.1_3
py311-Babel-2.17.0_1
py311-Jinja2-3.1.6
py311-aioquic-1.3.0_1
py311-anyio-4.12.0
py311-async_generator-1.10_1
py311-attrs-25.4.0
py311-beautifulsoup-4.13.4_2
py311-bottleneck-1.3.8_1
py311-certifi-2025.11.12
py311-cffi-1.17.1
py311-charset-normalizer-3.4.4
py311-cryptography-45.0.7_1,1
py311-dns-lexicon-3.23.2
py311-dnspython-2.8.0_1,1
py311-duckdb-1.3.2
py311-filelock-3.19.1
py311-h11-0.16.0
py311-h2-4.1.0_1
py311-hpack-4.0.0_1
py311-html5lib-1.1_1
py311-httpcore-1.0.9
py311-httpx-0.28.1_1
py311-hyperframe-6.0.0_1
py311-idna-3.11
py311-jq-1.10.0
py311-ldap3-2.9.1_1
py311-lxml-6.0.1
py311-markupsafe-3.0.3
py311-numexpr-2.14.1
py311-numpy-1.26.4_11,1
py311-outcome-1.3.0_2
py311-packaging-25.0
py311-pandas-2.3.3,1
py311-pyasn1-0.6.0
py311-pyasn1-modules-0.4.1
py311-pycparser-2.23
py311-pylsqpack-0.3.23
py311-pyopenssl-25.3.0_1,1
py311-pyotp-2.9.0_1
py311-pysocks-1.7.1_1
py311-python-dateutil-2.9.0
py311-pytz-2025.2_1,1
py311-pyyaml-6.0.3
py311-requests-2.32.5
py311-requests-file-2.0.0
py311-service-identity-24.2.0
py311-six-1.17.0
py311-sniffio-1.3.1
py311-socksio-1.0.0_1
py311-sortedcontainers-2.4.0_1
py311-soupsieve-2.8
py311-sqlite3-3.11.14_11
py311-tldextract-5.3.0
py311-trio-0.32.0
py311-truststore-0.10.4
py311-typing-extensions-4.15.0
py311-tzdata-2025.3
py311-ujson-5.11.0
py311-urllib3-2.6.0,1
py311-vici-6.0.3
py311-webencodings-0.5.1_1
python311-3.11.14
radvd-2.20
readline-8.3.1
rrdtool-1.9.0_1
samplicator-1.3.8.r1_1
smartmontools-7.5_1
socat-1.8.1.0
sqlite3-3.50.4_2,1
strongswan-6.0.3_1
sudo-1.9.17p2_2
suricata-8.0.3
syslog-ng-4.10.2
unbound-1.24.2
vnstat-2.13
wpa_supplicant-2.11_7
zip-3.0_4
zstd-1.5.7_1

Number of packages to be upgraded: 7
Number of packages to be reinstalled: 200
[1/207] Reinstalling abseil-20250127.1...
[1/207] Extracting abseil-20250127.1: .......... done
[2/207] Reinstalling beep-1.0_2...
[2/207] Extracting beep-1.0_2: ..... done
[3/207] Reinstalling brotli-1.2.0,1...
[3/207] Extracting brotli-1.2.0,1: .......... done
[4/207] Reinstalling ca_root_nss-3.117_2...
[4/207] Extracting ca_root_nss-3.117_2: ..... done
[5/207] Reinstalling choparp-20150613_1...
[5/207] Extracting choparp-20150613_1: ...... done
[6/207] Reinstalling cpustats-0.1...
[6/207] Extracting cpustats-0.1: . done
[7/207] Upgrading dhcp6c from 20250513 to 20260122...
[7/207] Extracting dhcp6c-20260122: ........ done
[8/207] Reinstalling dhcrelay-1.0...
[8/207] Extracting dhcrelay-1.0: ....... done
[9/207] Reinstalling dmidecode-3.6...
[9/207] Extracting dmidecode-3.6: .......... done
[10/207] Reinstalling dpinger-3.4...
[10/207] Extracting dpinger-3.4: .... done
[11/207] Reinstalling easy-rsa-3.2.4,1...
[11/207] Extracting easy-rsa-3.2.4,1: .......... done
[12/207] Reinstalling expat-2.7.3...
[12/207] Extracting expat-2.7.3: .......... done
[13/207] Reinstalling filterlog-0.7_2...
[13/207] Extracting filterlog-0.7_2: .... done
[14/207] Reinstalling flock-2.37.2_1...
[14/207] Extracting flock-2.37.2_1: ...... done
[15/207] Reinstalling flowd-0.9.1_5...
===> Creating groups
Using existing group '_flowd'
===> Creating users
Using existing user '_flowd'
[15/207] Extracting flowd-0.9.1_5: .......... done
[16/207] Upgrading hostwatch from 1.0.6 to 1.0.11...
===> Creating groups
Using existing group 'hostd'
===> Creating users
Using existing user 'hostd'
[16/207] Extracting hostwatch-1.0.11: ..... done
[17/207] Reinstalling hyperscan-5.4.2...
[17/207] Extracting hyperscan-5.4.2: .......... done
[18/207] Reinstalling icu-76.1,1...
[18/207] Extracting icu-76.1,1: .......... done
[19/207] Reinstalling ifinfo-13.0_1...
[19/207] Extracting ifinfo-13.0_1: .... done
[20/207] Reinstalling iftop-1.0.p4_1...
[20/207] Extracting iftop-1.0.p4_1: ..... done
[21/207] Reinstalling indexinfo-0.3.1_1...
[21/207] Extracting indexinfo-0.3.1_1: .... done
[22/207] Reinstalling bash-5.3.9...
[22/207] Extracting bash-5.3.9: .......... done
[23/207] Reinstalling gettext-runtime-0.26...
[23/207] Extracting gettext-runtime-0.26: .......... done
[24/207] Reinstalling gmp-6.3.0...
[24/207] Extracting gmp-6.3.0: .......... done
[25/207] Reinstalling ivykis-0.43.2_1...
[25/207] Extracting ivykis-0.43.2_1: .......... done
[26/207] Reinstalling jansson-2.14.1...
[26/207] Extracting jansson-2.14.1: .......... done
[27/207] Reinstalling json-c-0.18...
[27/207] Extracting json-c-0.18: .......... done
[28/207] Reinstalling jsoncpp-1.9.6_1...
[28/207] Extracting jsoncpp-1.9.6_1: .......... done
[29/207] Reinstalling libargon2-20190702_1...
[29/207] Extracting libargon2-20190702_1: .......... done
[30/207] Reinstalling libcbor-0.13.0...
[30/207] Extracting libcbor-0.13.0: .......... done
[31/207] Reinstalling libedit-3.1.20251016_1,1...
[31/207] Extracting libedit-3.1.20251016_1,1: .......... done
[32/207] Reinstalling libffi-3.5.1...
[32/207] Extracting libffi-3.5.1: .......... done
[33/207] Reinstalling libgpg-error-1.58...
[33/207] Extracting libgpg-error-1.58: .......... done
[34/207] Reinstalling libgcrypt-1.11.2...
[34/207] Extracting libgcrypt-1.11.2: .......... done
[35/207] Reinstalling libiconv-1.18_1...
[35/207] Extracting libiconv-1.18_1: .......... done
[36/207] Reinstalling libinotify-20240724_3...
[36/207] Extracting libinotify-20240724_3: .......... done
[37/207] Reinstalling libltdl-2.5.4...
[37/207] Extracting libltdl-2.5.4: .......... done
[38/207] Reinstalling liblz4-1.10.0_2,1...
[38/207] Extracting liblz4-1.10.0_2,1: .......... done
[39/207] Reinstalling libmcrypt-2.5.8_4...
[39/207] Extracting libmcrypt-2.5.8_4: .......... done
[40/207] Reinstalling libnet-1.3,1...
[40/207] Extracting libnet-1.3,1: .......... done
[41/207] Reinstalling libnghttp2-1.68.0...
[41/207] Extracting libnghttp2-1.68.0: .......... done
[42/207] Reinstalling libpfctl-0.17...
[42/207] Extracting libpfctl-0.17: ...... done
[43/207] Reinstalling libsodium-1.0.21...
[43/207] Extracting libsodium-1.0.21: .......... done
[44/207] Reinstalling libunistring-1.4.1...
[44/207] Extracting libunistring-1.4.1: .......... done
[45/207] Reinstalling libidn2-2.3.8...
[45/207] Extracting libidn2-2.3.8: .......... done
[46/207] Reinstalling libpsl-0.21.5_2...
[46/207] Extracting libpsl-0.21.5_2: .......... done
[47/207] Reinstalling liburcu-0.15.3...
[47/207] Extracting liburcu-0.15.3: .......... done
[48/207] Reinstalling libuuid-2.41.1_1...
[48/207] Extracting libuuid-2.41.1_1: .......... done
[49/207] Reinstalling libuv-1.51.0...
[49/207] Extracting libuv-1.51.0: .......... done
[50/207] Reinstalling libyaml-0.2.5...
[50/207] Extracting libyaml-0.2.5: ......... done
[51/207] Reinstalling log4cplus-2.1.2...
[51/207] Extracting log4cplus-2.1.2: .......... done
[52/207] Reinstalling lua54-5.4.8...
[52/207] Extracting lua54-5.4.8: ......... done
[53/207] Reinstalling libucl-0.9.3...
[53/207] Extracting libucl-0.9.3: .......... done
[54/207] Reinstalling lzo2-2.10_1...
[54/207] Extracting lzo2-2.10_1: .......... done
[55/207] Reinstalling mpd5-5.9_19...
[55/207] Extracting mpd5-5.9_19: .......... done
[56/207] Reinstalling mpdecimal-4.0.1...
[56/207] Extracting mpdecimal-4.0.1: .......... done
[57/207] Reinstalling nettle-3.10.2...
[57/207] Extracting nettle-3.10.2: .......... done
[58/207] Reinstalling dnsmasq-2.91_1,1...
[58/207] Extracting dnsmasq-2.91_1,1: .......... done
[59/207] Reinstalling nspr-4.38.2...
[59/207] Extracting nspr-4.38.2: .......... done
[60/207] Reinstalling oniguruma-6.9.10...
[60/207] Extracting oniguruma-6.9.10: .......... done
[61/207] Reinstalling jq-1.8.1...
[61/207] Extracting jq-1.8.1: .......... done
[62/207] Reinstalling openssl-3.0.18,1...
[62/207] Extracting openssl-3.0.18,1: .......... done
[63/207] Reinstalling cpdup-1.22_1...
[63/207] Extracting cpdup-1.22_1: ..... done
[64/207] Reinstalling cyrus-sasl-2.1.28_5...
*** Updated user `cyrus'.
[64/207] Extracting cyrus-sasl-2.1.28_5: .......... done
[65/207] Reinstalling hostapd-2.11_3...
[65/207] Extracting hostapd-2.11_3: ....... done
[66/207] Reinstalling ldns-1.8.4...
[66/207] Extracting ldns-1.8.4: .......... done
[67/207] Reinstalling libevent-2.1.12...
[67/207] Extracting libevent-2.1.12: .......... done
[68/207] Reinstalling fstrm-0.6.1_1...
[68/207] Extracting fstrm-0.6.1_1: .......... done
[69/207] Reinstalling libfido2-1.16.0...
[69/207] Extracting libfido2-1.16.0: .......... done
[70/207] Reinstalling monit-5.35.2...
[70/207] Extracting monit-5.35.2: ....... done
[71/207] Reinstalling openssh-portable-10.2.p1_1,1...
[71/207] Extracting openssh-portable-10.2.p1_1,1: .......... done
[72/207] Reinstalling opnsense-installer-25.1...
[72/207] Extracting opnsense-installer-25.1: .......... done
[73/207] Upgrading opnsense-lang from 25.7.4 to 26.1...
[73/207] Extracting opnsense-lang-26.1: .......... done
[74/207] Upgrading opnsense-update from 25.7.11 to 26.1...
[74/207] Extracting opnsense-update-26.1: .......... done
[75/207] Reinstalling os-dmidecode-1.2...
[75/207] Extracting os-dmidecode-1.2: ...... done
configd not running? (check /var/run/configd.pid).
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
[76/207] Reinstalling pam_opnsense-24.1...
[76/207] Extracting pam_opnsense-24.1: ........ done
[77/207] Reinstalling pcre2-10.47_1...
[77/207] Extracting pcre2-10.47_1: .......... done
[78/207] Reinstalling lighttpd-1.4.82...
===> Creating groups
Using existing group 'www'
===> Creating users
Using existing user 'www'
[78/207] Extracting lighttpd-1.4.82: .......... done
[79/207] Reinstalling perl5-5.42.0_1...
[79/207] Extracting perl5-5.42.0_1: .......... done
[80/207] Reinstalling ntp-4.2.8p18_5...
[80/207] Extracting ntp-4.2.8p18_5: .......... done
[81/207] Reinstalling pftop-0.13...
[81/207] Extracting pftop-0.13: ..... done
[82/207] Reinstalling pkcs11-helper-1.31.0...
[82/207] Extracting pkcs11-helper-1.31.0: .......... done
[83/207] Reinstalling openvpn-2.6.17...
===> Creating groups
Using existing group 'openvpn'
===> Creating users
Using existing user 'openvpn'
[83/207] Extracting openvpn-2.6.17: .......... done
[84/207] Reinstalling pkg-2.3.1_1...
[84/207] Extracting pkg-2.3.1_1: .......... done
[85/207] Reinstalling pkgconf-2.4.3,1...
[85/207] Extracting pkgconf-2.4.3,1: .......... done
[86/207] Reinstalling protobuf-29.5,1...
[86/207] Extracting protobuf-29.5,1: .......... done
[87/207] Reinstalling protobuf-c-1.5.1_3...
[87/207] Extracting protobuf-c-1.5.1_3: .......... done
[88/207] Reinstalling bind-tools-9.20.16...
[88/207] Extracting bind-tools-9.20.16: .......... done
[89/207] Reinstalling radvd-2.20...
[89/207] Extracting radvd-2.20: .......... done
[90/207] Reinstalling readline-8.3.1...
[90/207] Extracting readline-8.3.1: .......... done
[91/207] Reinstalling krb5-1.22.1...
[91/207] Extracting krb5-1.22.1: .......... done
[92/207] Reinstalling cyrus-sasl-gssapi-2.1.28...
[92/207] Extracting cyrus-sasl-gssapi-2.1.28: .......... done
[93/207] Reinstalling libxml2-2.14.6...
[93/207] Extracting libxml2-2.14.6: .......... done
[94/207] Reinstalling libxslt-1.1.43_1...
[94/207] Extracting libxslt-1.1.43_1: .......... done
[95/207] Reinstalling openldap26-client-2.6.10...
[95/207] Extracting openldap26-client-2.6.10: .......... done
[96/207] Reinstalling php83-8.3.28...
[96/207] Extracting php83-8.3.28: .......... done
[97/207] Reinstalling php83-ctype-8.3.28...
[97/207] Extracting php83-ctype-8.3.28: ........ done
[98/207] Reinstalling php83-dom-8.3.28...
[98/207] Extracting php83-dom-8.3.28: .......... done
[99/207] Reinstalling php83-filter-8.3.28...
[99/207] Extracting php83-filter-8.3.28: ......... done
[100/207] Reinstalling php83-gettext-8.3.28...
[100/207] Extracting php83-gettext-8.3.28: ........ done
[101/207] Reinstalling php83-ldap-8.3.28...
[101/207] Extracting php83-ldap-8.3.28: ........ done
[102/207] Reinstalling php83-mbstring-8.3.28...
[102/207] Extracting php83-mbstring-8.3.28: .......... done
[103/207] Reinstalling php83-pcntl-8.3.28...
[103/207] Extracting php83-pcntl-8.3.28: ......... done
[104/207] Reinstalling php83-pdo-8.3.28...
[104/207] Extracting php83-pdo-8.3.28: .......... done
[105/207] Reinstalling php83-pecl-mcrypt-1.0.7...
[105/207] Extracting php83-pecl-mcrypt-1.0.7: ........ done
[106/207] Reinstalling php83-pecl-radius-1.4.0b1_3...
[106/207] Extracting php83-pecl-radius-1.4.0b1_3: .......... done
[107/207] Reinstalling php83-phpseclib-3.0.48...
[107/207] Extracting php83-phpseclib-3.0.48: ......... done
[108/207] Reinstalling php83-session-8.3.28...
[108/207] Extracting php83-session-8.3.28: .......... done
[109/207] Reinstalling php83-phalcon-5.9.3...
[109/207] Extracting php83-phalcon-5.9.3: ........ done
[110/207] Reinstalling php83-simplexml-8.3.28...
[110/207] Extracting php83-simplexml-8.3.28: ......... done
[111/207] Reinstalling php83-sockets-8.3.28...
[111/207] Extracting php83-sockets-8.3.28: .......... done
[112/207] Reinstalling php83-xml-8.3.28...
[112/207] Extracting php83-xml-8.3.28: ......... done
[113/207] Reinstalling php83-zlib-8.3.28...
[113/207] Extracting php83-zlib-8.3.28: ........ done
[114/207] Reinstalling php83-pear-1.10.16...
[114/207] Extracting php83-pear-1.10.16: .......... done
[115/207] Reinstalling php83-pear-Crypt_CHAP-1.5.0_1...
[115/207] Extracting php83-pear-Crypt_CHAP-1.5.0_1: ...... done
uninstall ok: channel://pear.php.net/Crypt_CHAP-1.5.0
install ok: channel://pear.php.net/Crypt_CHAP-1.5.0
[116/207] Reinstalling python311-3.11.14...
[116/207] Extracting python311-3.11.14: .......... done
[117/207] Reinstalling py311-Babel-2.17.0_1...
[117/207] Extracting py311-Babel-2.17.0_1: .......... done
[118/207] Reinstalling py311-async_generator-1.10_1...
[118/207] Extracting py311-async_generator-1.10_1: .......... done
[119/207] Reinstalling py311-attrs-25.4.0...
[119/207] Extracting py311-attrs-25.4.0: .......... done
[120/207] Reinstalling py311-certifi-2025.11.12...
[120/207] Extracting py311-certifi-2025.11.12: .......... done
[121/207] Reinstalling py311-charset-normalizer-3.4.4...
[121/207] Extracting py311-charset-normalizer-3.4.4: .......... done
[122/207] Reinstalling py311-filelock-3.19.1...
[122/207] Extracting py311-filelock-3.19.1: .......... done
[123/207] Reinstalling py311-h11-0.16.0...
[123/207] Extracting py311-h11-0.16.0: .......... done
[124/207] Reinstalling py311-hpack-4.0.0_1...
[124/207] Extracting py311-hpack-4.0.0_1: .......... done
[125/207] Reinstalling py311-hyperframe-6.0.0_1...
[125/207] Extracting py311-hyperframe-6.0.0_1: .......... done
[126/207] Reinstalling py311-h2-4.1.0_1...
[126/207] Extracting py311-h2-4.1.0_1: .......... done
[127/207] Reinstalling py311-idna-3.11...
[127/207] Extracting py311-idna-3.11: .......... done
[128/207] Reinstalling py311-lxml-6.0.1...
[128/207] Extracting py311-lxml-6.0.1: .......... done
[129/207] Reinstalling py311-markupsafe-3.0.3...
[129/207] Extracting py311-markupsafe-3.0.3: .......... done
[130/207] Reinstalling py311-Jinja2-3.1.6...
[130/207] Extracting py311-Jinja2-3.1.6: .......... done
[131/207] Reinstalling py311-numpy-1.26.4_11,1...
[131/207] Extracting py311-numpy-1.26.4_11,1: .......... done
[132/207] Reinstalling py311-bottleneck-1.3.8_1...
[132/207] Extracting py311-bottleneck-1.3.8_1: .......... done
[133/207] Reinstalling py311-numexpr-2.14.1...
[133/207] Extracting py311-numexpr-2.14.1: .......... done
[134/207] Reinstalling py311-outcome-1.3.0_2...
[134/207] Extracting py311-outcome-1.3.0_2: .......... done
[135/207] Reinstalling py311-packaging-25.0...
[135/207] Extracting py311-packaging-25.0: .......... done
[136/207] Reinstalling glib-2.84.4,2...
[136/207] Extracting glib-2.84.4,2: .......... done
[137/207] Reinstalling py311-pyasn1-0.6.0...
[137/207] Extracting py311-pyasn1-0.6.0: .......... done
[138/207] Reinstalling py311-ldap3-2.9.1_1...
[138/207] Extracting py311-ldap3-2.9.1_1: .......... done
[139/207] Reinstalling py311-pyasn1-modules-0.4.1...
[139/207] Extracting py311-pyasn1-modules-0.4.1: .......... done
[140/207] Reinstalling py311-pycparser-2.23...
[140/207] Extracting py311-pycparser-2.23: .......... done
[141/207] Reinstalling py311-cffi-1.17.1...
[141/207] Extracting py311-cffi-1.17.1: .......... done
[142/207] Reinstalling py311-cryptography-45.0.7_1,1...
[142/207] Extracting py311-cryptography-45.0.7_1,1: .......... done
[143/207] Reinstalling py311-pylsqpack-0.3.23...
[143/207] Extracting py311-pylsqpack-0.3.23: .......... done
[144/207] Reinstalling py311-pyotp-2.9.0_1...
[144/207] Extracting py311-pyotp-2.9.0_1: .......... done
[145/207] Reinstalling py311-pysocks-1.7.1_1...
[145/207] Extracting py311-pysocks-1.7.1_1: .......... done
[146/207] Reinstalling py311-pytz-2025.2_1,1...
[146/207] Extracting py311-pytz-2025.2_1,1: .......... done
[147/207] Reinstalling py311-pyyaml-6.0.3...
[147/207] Extracting py311-pyyaml-6.0.3: .......... done
[148/207] Reinstalling py311-service-identity-24.2.0...
[148/207] Extracting py311-service-identity-24.2.0: .......... done
[149/207] Reinstalling py311-six-1.17.0...
[149/207] Extracting py311-six-1.17.0: .......... done
[150/207] Reinstalling py311-python-dateutil-2.9.0...
[150/207] Extracting py311-python-dateutil-2.9.0: .......... done
[151/207] Reinstalling py311-sniffio-1.3.1...
[151/207] Extracting py311-sniffio-1.3.1: .......... done
[152/207] Reinstalling py311-socksio-1.0.0_1...
[152/207] Extracting py311-socksio-1.0.0_1: .......... done
[153/207] Reinstalling py311-sortedcontainers-2.4.0_1...
[153/207] Extracting py311-sortedcontainers-2.4.0_1: .......... done
[154/207] Reinstalling py311-soupsieve-2.8...
[154/207] Extracting py311-soupsieve-2.8: .......... done
[155/207] Reinstalling py311-trio-0.32.0...
[155/207] Extracting py311-trio-0.32.0: .......... done
[156/207] Reinstalling py311-truststore-0.10.4...
[156/207] Extracting py311-truststore-0.10.4: .......... done
[157/207] Reinstalling py311-typing-extensions-4.15.0...
[157/207] Extracting py311-typing-extensions-4.15.0: .......... done
[158/207] Reinstalling py311-anyio-4.12.0...
[158/207] Extracting py311-anyio-4.12.0: .......... done
[159/207] Reinstalling py311-httpcore-1.0.9...
[159/207] Extracting py311-httpcore-1.0.9: .......... done
[160/207] Reinstalling py311-httpx-0.28.1_1...
[160/207] Extracting py311-httpx-0.28.1_1: .......... done
[161/207] Reinstalling py311-pyopenssl-25.3.0_1,1...
[161/207] Extracting py311-pyopenssl-25.3.0_1,1: .......... done
[162/207] Reinstalling py311-aioquic-1.3.0_1...
[162/207] Extracting py311-aioquic-1.3.0_1: .......... done
[163/207] Reinstalling py311-dnspython-2.8.0_1,1...
[163/207] Extracting py311-dnspython-2.8.0_1,1: .......... done
[164/207] Reinstalling py311-tzdata-2025.3...
[164/207] Extracting py311-tzdata-2025.3: .......... done
[165/207] Reinstalling py311-ujson-5.11.0...
[165/207] Extracting py311-ujson-5.11.0: .......... done
[166/207] Reinstalling py311-urllib3-2.6.0,1...
[166/207] Extracting py311-urllib3-2.6.0,1: .......... done
[167/207] Reinstalling py311-requests-2.32.5...
[167/207] Extracting py311-requests-2.32.5: .......... done
[168/207] Reinstalling py311-jq-1.10.0...
[168/207] Extracting py311-jq-1.10.0: ........ done
[169/207] Reinstalling py311-requests-file-2.0.0...
[169/207] Extracting py311-requests-file-2.0.0: .......... done
[170/207] Reinstalling py311-tldextract-5.3.0...
[170/207] Extracting py311-tldextract-5.3.0: .......... done
[171/207] Reinstalling py311-vici-6.0.3...
[171/207] Extracting py311-vici-6.0.3: .......... done
[172/207] Reinstalling py311-webencodings-0.5.1_1...
[172/207] Extracting py311-webencodings-0.5.1_1: .......... done
[173/207] Reinstalling py311-html5lib-1.1_1...
[173/207] Extracting py311-html5lib-1.1_1: .......... done
[174/207] Reinstalling py311-beautifulsoup-4.13.4_2...
[174/207] Extracting py311-beautifulsoup-4.13.4_2: .......... done
[175/207] Reinstalling py311-dns-lexicon-3.23.2...
[175/207] Extracting py311-dns-lexicon-3.23.2: .......... done
[176/207] Reinstalling rrdtool-1.9.0_1...
[176/207] Extracting rrdtool-1.9.0_1: .......... done
[177/207] Reinstalling samplicator-1.3.8.r1_1...
[177/207] Extracting samplicator-1.3.8.r1_1: ..... done
[178/207] Reinstalling smartmontools-7.5_1...
[178/207] Extracting smartmontools-7.5_1: .......... done
[179/207] Reinstalling os-smart-2.4...
[179/207] Extracting os-smart-2.4: .......... done
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
[180/207] Reinstalling socat-1.8.1.0...
[180/207] Extracting socat-1.8.1.0: ......... done
[181/207] Reinstalling sqlite3-3.50.4_2,1...
[181/207] Extracting sqlite3-3.50.4_2,1: .......... done
[182/207] Reinstalling nss-3.119.1...
[182/207] Extracting nss-3.119.1: .......... done
[183/207] Reinstalling php83-sqlite3-8.3.28...
[183/207] Extracting php83-sqlite3-8.3.28: ......... done
[184/207] Reinstalling py311-sqlite3-3.11.14_11...
[184/207] Extracting py311-sqlite3-3.11.14_11: ......... done
[185/207] Reinstalling py311-pandas-2.3.3,1...
[185/207] Extracting py311-pandas-2.3.3,1: .......... done
[186/207] Reinstalling py311-duckdb-1.3.2...
[186/207] Extracting py311-duckdb-1.3.2: .......... done
[187/207] Reinstalling sudo-1.9.17p2_2...
[187/207] Extracting sudo-1.9.17p2_2: .......... done
[188/207] Reinstalling suricata-8.0.3...
[188/207] Extracting suricata-8.0.3: .......... done
[189/207] Reinstalling unbound-1.24.2...
===> Creating groups
Using existing group 'unbound'
===> Creating users
Using existing user 'unbound'
[189/207] Extracting unbound-1.24.2: .......... done
[190/207] Reinstalling vnstat-2.13...
===> Creating groups
Using existing group 'vnstat'
===> Creating users
Using existing user 'vnstat'
[190/207] Extracting vnstat-2.13: .......... done
[191/207] Reinstalling os-vnstat-1.3_1...
[191/207] Extracting os-vnstat-1.3_1: .......... done
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/Vnstat: OK
[192/207] Reinstalling wpa_supplicant-2.11_7...
[192/207] Extracting wpa_supplicant-2.11_7: .......... done
[193/207] Reinstalling zip-3.0_4...
[193/207] Extracting zip-3.0_4: .......... done
[194/207] Reinstalling zstd-1.5.7_1...
[194/207] Extracting zstd-1.5.7_1: .......... done
[195/207] Reinstalling boost-libs-1.89.0_1...
[195/207] Extracting boost-libs-1.89.0_1: .......... done
[196/207] Reinstalling curl-8.17.0...
[196/207] Extracting curl-8.17.0: .......... done
[197/207] Reinstalling acme.sh-3.1.2...
===> Creating groups
Using existing group 'acme'
===> Creating users
Using existing user 'acme'
===> Creating homedir(s)
[197/207] Extracting acme.sh-3.1.2: .......... done
[198/207] Reinstalling kea-3.0.2...
[198/207] Extracting kea-3.0.2: .......... done
[199/207] Reinstalling netdata-2.8.1_1...
===> Creating groups
Using existing group 'netdata'
===> Creating users
Using existing user 'netdata'
===> Creating homedir(s)
[199/207] Extracting netdata-2.8.1_1: .......... done
[200/207] Upgrading os-acme-client from 4.11 to 4.12...
[200/207] Extracting os-acme-client-4.12: .......... done
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/AcmeClient: OK
[201/207] Reinstalling os-netdata-1.2_1...
[201/207] Extracting os-netdata-1.2_1: .......... done
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/Netdata: OK
[202/207] Reinstalling php83-curl-8.3.28...
[202/207] Extracting php83-curl-8.3.28: .......... done
[203/207] Reinstalling strongswan-6.0.3_1...
[203/207] Extracting strongswan-6.0.3_1: .......... done
[204/207] Reinstalling syslog-ng-4.10.2...
[204/207] Extracting syslog-ng-4.10.2: .......... done
[205/207] Upgrading opnsense from 25.7.11_9 to 26.1_4...
[205/207] Extracting opnsense-26.1_4: .......... done
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
>>> Invoking update script 'refresh.sh'
Migrated OPNsense\Radvd\Radvd from 0.0.0 to 1.0.0
Migrated OPNsense\IDS\IDS from 1.1.1 to 1.1.2
Migrated OPNsense\Interfaces\Settings from 0.0.0 to 1.0.0
Migrated OPNsense\Firewall\DNat
Flushing all caches...done.
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: Modified 192 trust store links.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring cron...done.
Configuring system logging...done.
[206/207] Reinstalling isc-dhcp44-server-4.4.3P1_2...
===> Creating groups
Using existing group 'dhcpd'
===> Creating users
Using existing user 'dhcpd'
[206/207] Extracting isc-dhcp44-server-4.4.3P1_2: .......... done
[207/207] Upgrading os-isc-dhcp from 0.1 to 1.0_3...
[207/207] Extracting os-isc-dhcp-1.0_3: .......... done
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/Syslog: OK
==> Running trigger: gio-modules.ucl
Generating GIO modules cache
==> Running trigger: glib-schemas.ucl
Compiling glib schemas
No schema files found: doing nothing.
You may need to manually remove /usr/local/etc/ssl/cert.pem if it is no longer needed.
You may need to manually remove /usr/local/etc/dnsmasq.conf if it is no longer needed.
=====
Message from dnsmasq-2.91_1,1:

--
To enable dnsmasq, edit /usr/local/etc/dnsmasq.conf and
set dnsmasq_enable="YES" in /etc/rc.conf[.local]

Further options and actions are documented inside
/usr/local/etc/rc.d/dnsmasq


NOTE: when using dnssec, inaccurate system clocks
can cause DNS resolution to fail
because DNSSEC signatures may then not validate.


SECURITY RECOMMENDATION
~~~~~~~~~~~~~~~~~~~~~~~
It is recommended to enable the wpad-related options
at the end of the configuration file (you may need to
copy them from the example file to yours) to fix
CERT Vulnerability VU#598349.
=====
Message from oniguruma-6.9.10:

--
===> NOTICE:

This port is deprecated; you may wish to reconsider installing it:

Project archived upstream.

It is scheduled to be removed on or after 2026-12-01.
You may need to manually remove /usr/local/openssl/openssl.cnf if it is no longer needed.
You may need to manually remove /usr/local/etc/ssh/sshd_config if it is no longer needed.
=====
Message from openvpn-2.6.17:

--
Note that OpenVPN now configures a separate user and group "openvpn",
which should be used instead of the NFS user "nobody"
when an unprivileged user account is desired.

It is advisable to review existing configuration files and
to consider adding/changing user openvpn and group openvpn.
=====
Message from py311-urllib3-2.6.0,1:

--
Since version 1.25 HTTPS connections are now verified by default which is done
via "cert_reqs = 'CERT_REQUIRED'". While certificate verification can be
disabled via "cert_reqs = 'CERT_NONE'", it's highly recommended to leave it on.

Various consumers of net/py-urllib3 already have implemented routines that
either explicitly enable or disable HTTPS certificate verification (e.g. via
configuration settings, CLI arguments, etc.).

Yet it may happen that there are still some consumers which don't explicitly
enable/disable certificate verification for HTTPS connections which could then
lead to errors (as is often the case with self-signed certificates).

In case of an error one should try first to temporarily disable certificate
verification of the problematic urllib3 consumer to see if that approach will
remedy the issue.
You may need to manually remove /usr/local/etc/suricata/classification.config if it is no longer needed.
You may need to manually remove /usr/local/etc/suricata/reference.config if it is no longer needed.
You may need to manually remove /usr/local/etc/suricata/suricata.yaml if it is no longer needed.
You may need to manually remove /usr/local/etc/vnstat.conf if it is no longer needed.
=====
Message from acme.sh-3.1.2:

--
In versions < 3.0.5_1, sample newsyslog files were installed to

/usr/local/etc/newsyslog.d/acme.sh

Now they are installed to:

/usr/local/etc/newsyslog.conf.d/acme.sh.conf

You may wish to delete the old files/directory and edit the new files to
enable the log rotation. Instructions contained within.
You may need to manually remove /usr/local/etc/kea/kea-ctrl-agent.conf if it is no longer needed.
You may need to manually remove /usr/local/etc/kea/kea-dhcp4.conf if it is no longer needed.
You may need to manually remove /usr/local/etc/kea/kea-dhcp6.conf if it is no longer needed.
You may need to manually remove /usr/local/etc/kea/keactrl.conf if it is no longer needed.
You may need to manually remove /usr/local/etc/netdata/netdata.conf if it is no longer needed.
=====
Message from strongswan-6.0.3_1:

--
The default strongSwan configuration interface have been updated to vici.
To use the stroke interface by default either compile the port without the vici option or
set 'strongswan_interface="stroke"' in your rc.conf file.
You may need to manually remove /usr/local/etc/syslog-ng.conf if it is no longer needed.
=====
Message from opnsense-26.1_4:

--
One step ahead, one step behind it, now you gotta run to get even
Checking all packages: .......... done
#95
26.1 Series / [Solved] Prefix delegations wh...
Last post by staticznld - Today at 10:46:14 AM
When looking in "Services - ISC DHCPv6 - Leases - Delegated Prefixes", I noticed that a prefix had been delegated.
My LAN interface is tracking the WAN interface with prefix ID "AAAA", with manual configuration turned off.

When checking /var/log/dhcpd/latest.log, I saw the delegated prefix as shown below:

<190>1 2026-02-05T05:37:11+01:00 firewall.redacted.com dhcpd 71898 - [meta sequenceId="2"] Reply NA: address 2a02:REDA:CTED:aaaa::1245 to client with duid 00:02:00:00:ab:11:1c:2f:ae:81:d3:02:e2:c3 iaid= 146797512 valid for 7200 seconds
<190>1 2026-02-05T05:37:11+01:00 firewall.redacted.com dhcpd 71898 - [meta sequenceId="3"] Reply PD: address 2a02:REDA:CTED:ff00::/60 to client with duid 00:02:00:00:ab:11:1c:2f:ae:81:d3:02:e2:c3 iaid = 146797512 valid for 7200 seconds

How is it possible that a prefix is delegated when all related options are turned off?
The device requesting the prefix is a hardware Globalping probe.
#96
26.1 Series / Re: wrong interface after upgr...
Last post by manustar - Today at 10:42:47 AM
The problem was that it reversed the assignments of the physical interfaces, my configuration is igb0 WAN and igb1 LAN and all the vlans are parents of igb1. The strange thing is that I reassigned the interfaces, reset the vlans (it didn't delete them but only unassigned them) and when I rebooted I found igb0 LAN igb1 WAN
#97
Hardware and Performance / Re: Starting homelab network -...
Last post by bimbar - Today at 10:35:12 AM
Quote from: nero355 on February 04, 2026, 06:07:40 PM
Quote from: bimbar on February 02, 2026, 10:50:53 AMWe've had terrible experiences with professional Netgear switches regarding port speeds and compatibilities.

Even if it works, for the homeuser Netgear switches the interface is terrible.
Any chance you remember the exact models ?


That was some 24 Port I believe 10G model.
#98
26.1 Series / Unbound DNS issue
Last post by choopyat25 - Today at 10:01:04 AM
Dear Team ,
Could you please advise on how to resolve this issue. After upgrading to version 26.1.xxx, this error occurs and the services fail to start.

2026-02-05T11:51:48ErrorunboundUnable to open pipe. This is likely because Unbound isn't running.
2026-02-05T11:51:15Errorunbound[70728:9] error: ssl handshake cert error: hostname mismatch
2026-02-05T11:51:15Errorunbound[70728:9] error: ssl handshake failed crypto error:0A000086:SSL routines::certificate verify failed
2026-02-05T11:51:15Errorunbound[70728:9] error: ssl handshake cert error: hostname mismatch
2026-02-05T11:51:15Errorunbound[70728:9] error: ssl handshake failed crypto error:0A000086:SSL routines::certificate verify failed
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake cert error: hostname mismatch
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake failed crypto error:0A000086:SSL routines::certificate verify failed
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake cert error: hostname mismatch
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake failed crypto error:0A000086:SSL routines::certificate verify failed
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake cert error: hostname mismatch
2026-02-05T11:51:05Errorunbound[83073:1] error: ssl handshake failed crypto error:0A000086:SSL routines::certificate verify failed

Thank you for your support,
Opyat'
#99
26.1 Series / Re: WiFi interface broken afte...
Last post by franco - Today at 09:57:49 AM
How about confirming the patch instead?


Thanks,
Franco
#100
26.1 Series / Re: WiFi interface broken afte...
Last post by cercle - Today at 09:56:56 AM
I confirm that in the current state it still does not work with APU2 and wle200nx in version 26.1.1