"Recent posts
#91
26.1 Series / Re: WiFi interface broken afte...
Last post by franco - February 05, 2026, 02:30:07 PMYes, make sure to only apply 4912a67 on 26.1.1 otherwise you'll get an apply failure because it undoes the other fix.
Cheers,
Franco
Cheers,
Franco
#92
26.1 Series / Re: WiFi interface broken afte...
Last post by lss4 - February 05, 2026, 02:29:11 PMAs of commit 4912a67 WLAN appears to work again.
On a freshly-updated 26.1, apply the following two patches in order.
# opnsense-patch 45597a9
# opnsense-patch 4912a67
After reboot WLAN interfaces should be configured.
Haven't checked other possible issues regarding WLAN yet, as right now I've a lot of other things to do for 26.1, like migrating old firewall rules.
On a freshly-updated 26.1, apply the following two patches in order.
# opnsense-patch 45597a9
# opnsense-patch 4912a67
After reboot WLAN interfaces should be configured.
Haven't checked other possible issues regarding WLAN yet, as right now I've a lot of other things to do for 26.1, like migrating old firewall rules.
#93
26.1 Series / Re: Upgrade success w/Zenarmor...
Last post by franco - February 05, 2026, 02:28:40 PMWell, the MVC/API makes it modern and scriptable and all future work will only be done here as the old firewall rules move out of support at some point like all similar legacy components do.
I'd say today both are the same and usable. That may change as new features and UX improvements are added to the new GUI but not the old in 26.7, 27.1, etc. That also includes new firewall and options as they become available in FreeBSD for example. When FreeBSD 15.1 hits in 26.7 that means the feature parity is going to drift for good reasons.
Cheers,
Franco
I'd say today both are the same and usable. That may change as new features and UX improvements are added to the new GUI but not the old in 26.7, 27.1, etc. That also includes new firewall and options as they become available in FreeBSD for example. When FreeBSD 15.1 hits in 26.7 that means the feature parity is going to drift for good reasons.
Cheers,
Franco
#94
General Discussion / Re: Yet another Shaper questio...
Last post by stanps - February 05, 2026, 02:28:07 PMQuote from: meyergru on February 05, 2026, 08:54:43 AMYou did not show the download rule. Maybe it is catching your upload traffic. Also, enable advanced mode and check "direction".
Sorry, I grabbed the screenshot of the rule without Advanced Mode showing. Direction is set to "out".
I've added some download rule pics below.
#95
26.1 Series / Re: Upgrade success w/Zenarmor...
Last post by rfox - February 05, 2026, 02:17:49 PMQuote from: franco on February 03, 2026, 05:17:39 PMFeel free to wait a bit. 26.1.1 brings a lot of immediate feedback improvement and a few fixes. It will get even better in later 26.1.x IMO.
Cheers,
Franco
Now I upgraded to 26.1.1 - looking fine . . . Before I migrate the rules, just one last question - Besides the presentation (GUI) changes on the new Rules interface - are there any other benefits (performance, logic, etc) to migrate from old rules ??
Thx and keep up the great work!
#96
General Discussion / Re: Native NAT64 support
Last post by Jackknife4782 - February 05, 2026, 01:32:33 PMIf I WiFi call out, I can't receive any calls back unless I wait a few minutes. Had a couple people call me and their calls failed if it was still within a few minutes of my WiFi call out. After a few minutes I can receive WiFi calls again.
Edit: Ok I found something odd...When I call my wifi phone from outside the network it connects. If I try to call the same wifi phone again right away it does not connect. However, if I call another number first with the outside phone and then call the wifi phone again, it connects. Seems this could be a carrier problem and not opnsense.
Edit: Ok I found something odd...When I call my wifi phone from outside the network it connects. If I try to call the same wifi phone again right away it does not connect. However, if I call another number first with the outside phone and then call the wifi phone again, it connects. Seems this could be a carrier problem and not opnsense.
#97
26.1 Series / Re: WiFi interface broken afte...
Last post by binaryx - February 05, 2026, 01:29:35 PMPatched yesterday opensense with as bundle so with router restart, when the interface is configured with mode it will fail as mode is non-empty:
in the log you can see
/usr/local/etc/rc.linkup: The command </sbin/ifconfig wlan create wlandev 'ath0' 'wlanmode hostap' bssid name 'ath0_wlan1'> returned exit code 1 and the output was "ifconfig: SIOCIFCREATE2 (wlan): Input/output error"
the issue is that escapeshellarg() convert "wlanmode hostap" into "'wlanmode hostap'" which isn't valid param as there must not be any ''
correct cmd:
/sbin/ifconfig wlan create wlandev 'ath0' wlanmode hostap bssid name 'ath0_wlan1'
what we get from escape ..
/sbin/ifconfig wlan create wlandev 'ath0' 'wlanmode hostap' bssid name 'ath0_wlan1'
this also makes the new fix/commit not requried, but no overwiew on whole code so just statement base on the troubleshooting
in the log you can see
/usr/local/etc/rc.linkup: The command </sbin/ifconfig wlan create wlandev 'ath0' 'wlanmode hostap' bssid name 'ath0_wlan1'> returned exit code 1 and the output was "ifconfig: SIOCIFCREATE2 (wlan): Input/output error"
the issue is that escapeshellarg() convert "wlanmode hostap" into "'wlanmode hostap'" which isn't valid param as there must not be any ''
correct cmd:
/sbin/ifconfig wlan create wlandev 'ath0' wlanmode hostap bssid name 'ath0_wlan1'
what we get from escape ..
/sbin/ifconfig wlan create wlandev 'ath0' 'wlanmode hostap' bssid name 'ath0_wlan1'
this also makes the new fix/commit not requried, but no overwiew on whole code so just statement base on the troubleshooting
#98
26.1 Series / Re: Firewall rules are sticky
Last post by eck - February 05, 2026, 01:22:18 PMThank you for the answer.
Still it is a strange behavior.
Better was a question to leave the states active or reset them right away.
Still it is a strange behavior.
Better was a question to leave the states active or reset them right away.
#99
26.1 Series / Re: Prefix delegations when PD...
Last post by staticznld - February 05, 2026, 12:50:24 PMAccording to the documentation, "Identity Association" allows manual configuration. I will try that later.
QuoteIdentity Association offers similar functionality like Track Interface (legacy), but without automatic ISC-DHCPv6 and Radvd configuration. It is intended for pure RA and DHCPv6 configuration using Dnsmasq or Kea/Radvd.
#100
26.1 Series / Re: Need to select "Prefer to ...
Last post by trdeal - February 05, 2026, 12:48:00 PMHi
My ISP has an MTU of 1492 bytes with the IPv6 standard specifying a minimum of 1280 bytes. For an IPv6 communication to take place the PMTU (Path Maximum Transmission Unit) needs to be discovered or configured as any packets that exceed the PMTU are dropped as IPv6 does not fragment packets the way that IPv4 does. So the PMTU must be determined for successful IPv6 communication to occur between hosts.
So while I have configured the MTU which works fine for IPv4 traffic from the opnsense and for IPv4/IPv6 tranffic traversing opnsense, however when opnsense attempts to make an IPv6 connection itself it is not honouring the MTU from which the PMTU should be defined. This appears to be a bug in opnsense not honouring the MTU (PMTU) value itself and generating too large a packet which will be dropped.
My ISP has an MTU of 1492 bytes with the IPv6 standard specifying a minimum of 1280 bytes. For an IPv6 communication to take place the PMTU (Path Maximum Transmission Unit) needs to be discovered or configured as any packets that exceed the PMTU are dropped as IPv6 does not fragment packets the way that IPv4 does. So the PMTU must be determined for successful IPv6 communication to occur between hosts.
So while I have configured the MTU which works fine for IPv4 traffic from the opnsense and for IPv4/IPv6 tranffic traversing opnsense, however when opnsense attempts to make an IPv6 connection itself it is not honouring the MTU from which the PMTU should be defined. This appears to be a bug in opnsense not honouring the MTU (PMTU) value itself and generating too large a packet which will be dropped.
