Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Avahi - OpenVPN missing from deny interfaces

    Scheduled Pinned Locked Moved
    pfSense Packages
    3
    7
    717
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      j-marz
      last edited by j-marz

      There is no option to deny OpenVPN interfaces from the Avahi service GUI. All other pfSense interfaces are listed (except WAN, which is expected.)

      The following logs show the avahi service using my OpenVPN interface:

      Oct 29 15:46:01 pfsense1 avahi-daemon[869]: Joining mDNS multicast group on interface ovpns1.IPv4 with address 10.1.100.1.
Oct 29 15:46:01 pfsense1 avahi-daemon[869]: New relevant interface ovpns1.IPv4 for mDNS.
Oct 29 15:46:01 pfsense1 avahi-daemon[869]: Registering new address record for fe80::20c:29ff:fefd:bd87 on ovpns1.*.
Oct 29 15:46:01 pfsense1 avahi-daemon[869]: Registering new address record for 10.1.100.1 on ovpns1.IPv4.

      Is this a bug or is there a reason why you can't deny OpenVPN interfaces?

      1 Reply Last reply Reply Quote 0
      • J
        j-marz
        last edited by

        Seems like this is already reported in pfSense packages bug tracker.
        https://redmine.pfsense.org/issues/8067
        https://redmine.pfsense.org/issues/7755

        1 Reply Last reply Reply Quote 0
        • J
          j-marz
          last edited by

          My issue was resolved after upgrading pfSense-pkg-Avahi from 1.13 to 2.0.0_2.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            The 2 package for that came out like 7 months ago
            https://forum.netgate.com/topic/134339/new-avahi-package

            How was it you were still on 1.13 until now?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.03 | Lab VMs 2.7.2, 24.03

            J 1 Reply Last reply Reply Quote 0
            • J
              j-marz @johnpoz
              last edited by

              @johnpoz I actually upgraded the Avahi package manually to 2.x around mid-Feb (~5 months after release), but not sure why i was on an old (1.13) package even though i'd gone through other pfsense upgrades before then. Maybe i didn't uninstall before the pfsense upgrade..? Maybe 1.13 was the last 1.x version before 2.x?

              Unless you navigate to the package manager GUI and look through the list of packages, there isn't anything (that i've seen) to alert you of available package updates via email or the pfsense dashboard.

              GrimsonG 1 Reply Last reply Reply Quote 0
              • GrimsonG
                Grimson Banned @j-marz
                last edited by

                @j-marz said in Avahi - OpenVPN missing from deny interfaces:

                Unless you navigate to the package manager GUI and look through the list of packages, there isn't anything (that i've seen) to alert you of available package updates via email or the pfsense dashboard.

                The "Installed Packages" widget will show available updates on the Dashboard, you just need to look at it.

                J 1 Reply Last reply Reply Quote 0
                • J
                  j-marz @Grimson
                  last edited by

                  @grimson Thanks! Didn't know about that widget... I've added it to my dashboard :)

                  Some sort of built-in alerting would be good though. I just found this custom script another user wrote to alert on available system and package updates https://forum.netgate.com/topic/137707/auto-update-check-checks-for-updates-to-base-system-packages-and-sends-email-alerts

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post