Multiple services don't work after update to 22.7

Started by evanrich, August 01, 2022, 08:08:25 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 01, 2022, 08:08:25 PM Last Edit: August 01, 2022, 08:10:46 PM by evanrich
I ended up having to roll back (fresh install) 22.1.10_4 after experiencing numerous issues with some services.   

After updating, Whatsapp, facebook messanger, facebook (web), youtube, and a few other services woudl not load, both on my desktops and mobile devices.   Nothing between 22.1.10 and 22.7 changed, but as a test, I disabled (completely shut off, and in some cases uninstalled)  the following:

Suricata
Zenarmor
c-icap/clamav
any firewall rule/nat rule for the above
disabling any custom tuning parameters

I see traffic going outbound to say, whatsapp via the live log, but for whatever reason, they never work.  I also attempted multiple restarts of the firewall but that didnt' help.   I also tried to use external DNS thinking it might be an issue with unbound (after seeing another post about unbound restarting) but this didn't help either.

As soon as I rolled back to 22.1.10_4, re-importing the exact same config I had (with all those services enabled)   facebook/youtube/whatsapp etc started working again.

Also of note, is that the zenarmor dashboard graphs would not render either, they just showed some error (forget what it said).  22.1.10 worked, so my guess is maybe zenarmor doesn't play nicely with php8?

At some point i might try a fresh install of 22.7 again, but based on this and other issues present I'll probably wait for 22.7.1 or what not to come out.   Open to thoughts on what it could be though.  For what it's worth, switching between OpenSSL and LibreSSL didnt change anything either (yes I read the upgrade guide and had switched back to OpenSSL prior to upgrading to 22.7)
August 02, 2022, 09:54:32 AM #1
I am facing the same Issue with WhatsApp after updating opnsense  to latest Version.
August 02, 2022, 04:27:39 PM #2
i turned off the "DDOS protection" - syncookies.
Now whats app web is working again :)
When i turn it on again the page will not load.
August 02, 2022, 09:17:38 PM #3
what settings do you use? Enable syncookies : always ?

I have it set to "adaptive"  start 60, end 30, and whatsapp, facebook etc all is working fine.
Deciso DEC850v2
August 03, 2022, 06:53:23 AM #4
interesting, i had it turned on to always.
August 03, 2022, 06:55:48 AM #5 Last Edit: August 03, 2022, 08:22:20 AM by evanrich
Quote from: RamSense on August 02, 2022, 09:17:38 PM
what settings do you use? Enable syncookies : always ?

I have it set to "adaptive"  start 60, end 30, and whatsapp, facebook etc all is working fine.

do you have any issues with zenarmor dashboard graphs by chance? mine weren't showing either.

Edit: nvm i tried it and zenarmor works too.  You're a life saver.
August 03, 2022, 08:32:34 AM #6
:-) indeed. Zenarmor working fine also.

What is an interesting part what is left from this is, what happens when syncookies are triggered above the start threshold. Will it break things like with the status "always" or wil it still work....
@Franco?
Maybe there is some sort of problem with syncookies, Is there a way to test syncookies?
Deciso DEC850v2
August 03, 2022, 09:29:51 AM #7
Quote from: RamSense on August 02, 2022, 09:17:38 PM
what settings do you use? Enable syncookies : always ?

I have it set to "adaptive"  start 60, end 30, and whatsapp, facebook etc all is working fine.

I used always, which caused problems.
Now i use 50/25 which works fine
Print
Go Up Pages1
User actions