21.7.5 up to 21.7.6 The previously stable system was completely broken.

Started by wuwzy, December 06, 2021, 06:47:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 06, 2021, 06:47:37 AM
The previously stable system was completely broken.
Irregularly, the WEN port will be displayed as offline, with a red warning.
This is really a life-threatening upgrade.
How do I return to 21.7.5? :'(
December 06, 2021, 08:35:45 AM #1
Can you be more specific please.


Thanks,
Franco
December 06, 2021, 10:44:42 AM #2
If you use suricata IPS I would try

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

first...
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
December 08, 2021, 05:51:32 AM #3
Thanks for replying, I read your other related content, our question should be the same. I am summing up your experience and try another round. If there are results, I will report to you.

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258
December 08, 2021, 05:52:13 AM #4
December 08, 2021, 08:54:33 AM #5
For anyone else wondering: no, this is not how to report an issue. It's impossible to support.


Cheers,
Franco
December 13, 2021, 06:39:41 AM #6
After several days of testing, so far, it is still normal.
The problem is that there is no prompt for this crash, and I don't know how to describe it. The symptom is that the WAN port will go offline after a while. After restarting, it will be offline again after a period of time (the length of time may not be).
I refer to the reply from the enthusiastic chemlud above. I made a little change because I need IPS and cannot make IPS not work.
My approach is to remove the WAN from the IPS monitoring network card and only monitor other network cards. So far, everything looks normal.
I hope that friends who have the same problem can help you. Thanks again.
December 14, 2021, 09:17:15 AM #7
Quote from: franco on December 06, 2021, 08:35:45 AM
Can you be more specific please.


Thanks,
Franco

thanks Franco.. look here.

https://forum.opnsense.org/index.php?topic=25968.0

Thanks.  ;D
December 14, 2021, 09:53:25 AM #8
Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to. ;)


Cheers,
Franco
December 14, 2021, 10:35:55 AM #9
Just for the record: IDS/Alert only works fine with VLANs.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 14, 2021, 10:47:11 AM #10
True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco
December 15, 2021, 09:58:10 AM #11
Quote from: franco on December 14, 2021, 09:53:25 AM
Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to. ;)


Cheers,
Franco

BOOS, i no have setup VLAN.  only use IPS to WEB LAN.
December 16, 2021, 07:24:10 AM #12
Quote from: franco on December 14, 2021, 10:47:11 AM
True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco

Report to the boss again. Remove the WAN port from the IPS list. The WAN port is no longer offline. It has been 5 days now. Everything returned to calm.
Print
Go Up Pages1
User actions