fail2ban
[RFE]: replace pyinotify with watchdog
Description
The use of pyinotify is predicted on the inotify support, which is, largely, a Linux-only thing. The watchdog module would be preferable, because it supports other frameworks, such as BSD's kqueue.
Considered alternatives
Though there exists a wrapper around kqueue/kevent, that provides inotify-like API on BSD systems (indeed, that's used by the FreeBSD port of pyinotify), using a cross-platform module would be both more straightforward and allow using the more efficient file-watching on more operating systems (like Solaris).
missing client specific overwrite? (https://openvpn.net/faq/multi-bad-source-address-from-client-packet-dropped-or-get-inst-by-virt-failed/)
I am seeing the same issue when moving from legacy to the new "instances":
https://forum.opnsense.org/index.php?topic=47309.0
When trying to send routed traffic over the tunnel I get this in my VPN log:
GET INST BY VIRT: 192.168.1.1 [failed]
I was able to fix my issue by using AdSchellevis suggestion. I created a client specific override and placed the foreign network (In my case 192.168.1.0/24) in "Remote Network" field.
I did not realize the difference between the OpenVPN server "Remote Netwokrs" and the "Remote networks" for the Client Specific Overrides. In the overrides the "remote networks" are configured via iroute clauses in OpenVPN and inform the server to send these networks to this specific client.
This issue has been automatically timed-out (after 180 days of inactivity).
For more information about the policies for this repository, please read https://github.com/opnsense/core/blob/master/CONTRIBUTING.md for further details.
If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.
