Call for testing: netmap on 20.7

Started by mb, May 23, 2020, 02:32:10 AM

Previous topic - Next topic
Print
Go Down Pages1 2 3 ... 14
User actions
May 23, 2020, 02:32:10 AM Last Edit: May 30, 2020, 02:52:01 AM by mb
Dear OPNsense community,

As promised, we've[1] kicked off another project which focuses on killing remaining netmap bugs on HardenedBSD 12 (FreeBSD 12).

Any help in testing the upcoming OPNsense 20.7 with Suricata (IPS mode) and/or Sensei and providing bug reports would be much appreciated.

We'll get them prioritized, fixed, and committed to the upstream Operating System as soon as possible. 

We hope to help provide a release quality netmap implementation for the upcoming OPNsense 20.7 release.

Make sure you update to the latest 20.7 beta after the ISO installation, since latest 20.7 includes some important patches with regard to interface drivers. Kernel should read 12.1-RELEASE-p5 or later:

12.1-RELEASE-p5-HBSD FreeBSD 12.1-RELEASE-p5-HBSD #0  d8b850736ba(master)-dirty


[1] Sunny Valley Networks
May 23, 2020, 07:07:31 AM #1
You mean taking latest beta image, install on hardware and run IPS mode is sufficient?
May 23, 2020, 10:02:12 AM #2
How could we join this testing?

May i just use the beta update from the GUI (20.1.7 with Sensei here)?
May 23, 2020, 02:15:51 PM #3 Last Edit: May 23, 2020, 02:18:10 PM by binaryanomaly
Hmms, I can only use my sensei license on one device that is somehow unfortunate... :-/

Edit:

20.7 is still 11.2 isn't it?

Code Select

OPNsense 20.7.b_157-amd64
FreeBSD 11.2-RELEASE-p20-HBSD
OpenSSL 1.1.1g 21 Apr 2020
May 23, 2020, 02:21:22 PM #4
The development branch doesnt upgrade OS yet. You have to install via ISO or IMG
May 23, 2020, 02:26:43 PM #5 Last Edit: May 23, 2020, 02:39:01 PM by binaryanomaly
Quote from: mimugmail on May 23, 2020, 02:21:22 PM
The development branch doesnt upgrade OS yet. You have to install via ISO or IMG

Ah bummer, thx.

Edit:
Where can I find a development ISO of OPNsense with FreeBSD 12. Seems not that easy to find?
May 23, 2020, 03:26:07 PM #6
May 23, 2020, 03:28:15 PM #7
Quote from: mimugmail on May 23, 2020, 07:07:31 AM
You mean taking latest beta image, install on hardware and run IPS mode is sufficient?

Yes, install 20.7 beta ISO, and run Suricata in IPS mode (IDS won't help since it uses pcap interface) and/or Sensei
May 23, 2020, 03:35:01 PM #8
@mb

Thx for the link to the isos.

Are there any sensei dev licenses available? Can't re-use my prod one... and in the end I will route prod traffic over the test-instance as well so I may want to have the full capabilities.
May 23, 2020, 03:37:54 PM #9
Hi @binaryanomaly,

You're all welcome. Please reach out to us via Sensei UI -> Contact Team. Let's see what we can do about this.
May 23, 2020, 03:40:30 PM #10
Cool, will do, thanks.
May 23, 2020, 04:07:50 PM #11
Stuck at installing it...

Can't get past "Firmware status check was aborted internally. Please try again." after adding os-sunnyvalley-devel.
May 23, 2020, 07:02:19 PM #12
Hmm, that could be something we need to discuss with OPNsense team.

You can still install Sensei from the command line

Code Select
pkg install os-sensei

May 23, 2020, 07:37:11 PM #13
Unfortunately not.

It doesn't find the prod packages:
Code Select

root@OPNsense-DEV:~ # pkg install os-sensei
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'os-sensei' have been found in the repositories
root@OPNsense-DEV:~ # pkg install os-sunnyvalley
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'os-sunnyvalley' have been found in the repositories



And can't install the dev packages:
Code Select

root@OPNsense-DEV:~ # pkg install os-sunnyvalley-devel
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
os-sunnyvalley-devel: 1.2

Number of packages to be installed: 1

Proceed with this action? [y/N]: y
[1/1] Installing os-sunnyvalley-devel-1.2...
[1/1] Extracting os-sunnyvalley-devel-1.2: 100%
root@OPNsense-DEV:~ # pkg update
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating SunnyValley repository catalogue...
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:12:amd64/20.7/OpenSSL/latest/meta.txz: Not Found
repository SunnyValley has no meta file, using default settings
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:12:amd64/20.7/OpenSSL/latest/packagesite.txz: Not Found
Unable to update repository SunnyValley
Error updating repositories!


May 24, 2020, 10:54:08 AM #14
By design 20.7-BETA does not include anything but development packages.


Cheers,
Franco
Print
Go Up Pages1 2 3 ... 14
User actions