2 Issues after update to 25.1

[RayonRa]

Hi,
today i update from 24.7.12 to 25.1.
2 issues:

1. MTU
I have the primary WAN in DHCP (i have a public IP from ISP via DHCP) with 1492 MTU (if i set 1500 i have some trouble, and device behind firewall can't reach some sites).
On 24.7.12 everything works.
On 25.1 seems that this parameter doesn't work.
I have issue reaching some site like i have with 1500 MTU.
I also tried decrease in some steps until i reach 1460, but nothing works.
Restore to 24.7.12 snapshot and everything works again.

Issue opened: https://github.com/opnsense/core/issues/8270

2. CrowdSec
With 25.1 seems that nothing is blocked.
I have't time for more investigation about this issue.
Without MTU working i'm unable to test other features.

Thanks.

[Eisai]

CrowdSec had problems with Appsec enabled since 24.7.12
Can workaround by reverting or removing appsec collections. But I didn't find a solution to fix the root cause.

[RayonRa]

CrowdSec had problems with Appsec enabled since 24.7.12
Can workaround by reverting or removing appsec collections. But I didn't find a solution to fix the root cause.

Hi, in my case, i don't have AppSec collections.

[julsssark]

Crowdsec blocks haven't appeared in my logs since I upgraded to 25.1 from 24.7.12. I also watched the live view for a few minutes and didn't see a block. I am not using Appsec (don't even know what it is).

[RayonRa]

Crowdsec blocks haven't appeared in my logs since I upgraded to 25.1 from 24.7.12. I also watched the live view for a few minutes and didn't see a block. I am not using Appsec (don't even know what it is).

Yes exactly!

[julsssark]

I opened an issue on Github for Crowdsec:

https://github.com/opnsense/plugins/issues/4511

I just saw an alert for a banned IP, so it may be that the blocks are still happening, but the logging is broken. I'm not familiar enough with how CrowdSec works to know.

[jonny5]

It would appear that the blocks are not happening by the 'extra auto rule'

Test:
I created my own Crowdsec block rules and it is now showing Incoming Blocks on my New Rule

If I understand that right since it matched my new rule and not the 'extra auto rule' that is still listed above (but does not appear to work), then my rule blocked it, not the 'auto' rule.

I have for some time had an 'outgoing' block on the Crowdsec lists, now I also have incoming manual rules - does anyone know where we should submit/escalate the issue/bug?

[julsssark]

See my post directly above yours :)

[notspam]

My issue is gone by patching 83975b5.
The opnsense team should build a 25.1_1 release with this patch for avoiding others have the issue after the upgrade to 25.1.

https://github.com/opnsense/src/issues/235

# opnsense-patch 83975b5
# /usr/local/etc/rc.filter_configure

[RayonRa]

My issue is gone by patching 83975b5.
The opnsense team should build a 25.1_1 release with this patch for avoiding others have the issue after the upgrade to 25.1.

https://github.com/opnsense/src/issues/235

# opnsense-patch 83975b5
# /usr/local/etc/rc.filter_configure

Thanks @notspam for your feedback,
as i wrote on GitHub (l0rdg3x), i'll test this this patch tomorrow and report back to Franco.
i'm pretty sure that patch will fix the issue also on my firewall.

[bucker00]

The patch has worked for me.
Thanks all.

[RayonRa]

Hi,
i just tested the patch.
Initially it doesn't work.
But after a reboot everything start working.

https://github.com/opnsense/src/issues/235#issuecomment-2629176435

Well now must wait for CrowdSec fix for this issue: https://github.com/opnsense/plugins/issues/4511