Bugfixes for OPNsense/FRR

FRR

As a “homelab” user, I was interested in joining DN42 using an OPNsense firewall in order to educate myself more on BGP and associated networking protocols, but I ran into problems with the project out of the box with the included frr package and the way the PHP web UI configured the daemon on the backend.

I raised some issues (#2602, #2604, #2606, #2623) with the project containing my findings on these three issues. And by working through the issue on my local appliance I was able to put together a set of Pull Requests which were ultimately superseded/consolidated into #2633. Once this was approved by the OPNsense developers (with positive feedback in our collaboration via Pull Request comments) this was merged into the OPNsense project for version 21.7.5 and will hopefully set other users up to be in a good position out of the box for their own usage.

Caddy

The Caddy webserver has the ability to drop privileges for better security, however there was a bug in OPNsense that causes permissions errors when this functionality was used. I debugged the problem and found out where the failure was occurring before proposing a fix.

Full details

• OPNsense core issues
• OPNsense core pull requests
• OPNsense plugin issues
• OPNsense plugin pull requests