@patient0 Excellent ... thanks!

At the moment, the widget is correctly displaying the state (result of yesterday's reboots).

41275872-7ced-4c1b-96ce-33ebf93db12b-image.png

That's consistent with the PHP script output.

gateway: WAN_DHCP6 ... friendly iface: wan ... isdefault: true ... gateway status: enabled ... get iface gateway: 'fe80::be9a:8eff:fe0b:3b81%igc0' gateway: WAN_DHCP ... friendly iface: wan ... isdefault: true ... gateway status: enabled ... get iface gateway: a.b.c.d gateway: E1V95_LTEGW ... friendly iface: opt12 ... isdefault: false ... gateway status: enabled ... get iface gateway: '192.168.95.1'

It's also consistent with netstat.

[24.11-RELEASE][admin@pfSense.home.arpa]/root: netstat -rn | grep default default a.b.c.d UGS igc0 default fe80::be9a:8eff:fe0b:3b81%igc0 UGS igc0

I'll run the script again and post the results when I next see the failure.

I made small changes to the script to handle different gateway statuses and missing addresses. The WAN_DHCP and E1V95_LTEGW interfaces on my system are set up as a gateway group -- IPv4 failover -- so it's normal for one of them not to be the default gateway.

require_once("pfsense-utils.inc"); $a_gateways = return_gateways_array(); foreach ($a_gateways as $gname => $gateway) { echo "gateway: ", $gateway['name'], "\n"; echo "... friendly iface: ", $gateway['friendlyiface'], "\n"; echo "... isdefault: "; if (isset($gateway['isdefaultgw'])) { echo "true\n"; } else { echo "false\n"; } echo "... gateway status: "; if (isset($gateway['inactive'])) { echo "inactive\n"; } elseif (isset($gateway['disabled'])) { echo "disabled\n"; } else { echo "enabled\n"; } $if_gw = ''; if ($gateway['ipprotocol'] == "inet") { $if_gw = get_interface_gateway($gateway['friendlyiface']); } else { $if_gw = get_interface_gateway_v6($gateway['friendlyiface']); } echo "... get iface gateway: '", $if_gw, "'\n"; //var_dump($gateway); }

@FrankZappa said in Lost access to pfsense:

but suddenly ...

You've probably triggered :

Go here : System > Advanced > Admin Access and scroll down to :
"Login Protection"

When you make an error while logging in, after a couple (2 or so) errors, your (LAN) IP will get firewalled (blacklisted) for a moment.
You still can access pfSense, use another device, or change the LAN IP of the device you are using.

If you trust all your LAN devices, you could set :

ba2cc5a9-7cdf-4d61-a96c-091da9a71130-image.png

( if 192.168.1.0/24 is your LAN network )

@patient0 said in Lost access to pfsense:

Not sure what service lighttpd_p is on 10.10.10.1, but it's not the LAN IP anyway.

That's the pfBlockerng DNSBL Webserver (it uses lighthttp, not nginx) :

a7c2ce43-f3ac-404c-a9de-96dfb793c98f-image.png

@johnpoz said in Missing info on system widget regarding memory usage:

Not seeing what your showing - both show % of memory

Try "hiding" it in the first one. And I beat you with 4 MB. 😉

@SteveITS : Cool, that it is going to be fixed in 25.03. Thanks for the information!
Regards, Mike

@sammiorelli

What is your pfSEnse version ?
I didn't see any errors.

[24.11-RELEASE][root@pfSense.bhf.tld]/root: grep ^date -v-1d +"%D" /var/log/snort/snort_igb0*/alert | awk -F, '{a[$5]++;} END {for(i in a) print a[i]" "i}' | sed 's/"//g' | sort -r ; echo grep: No match.

Just : No match.

edit : I get it : you entered that command here :

ea836970-e55f-4f19-8675-1cd4eab6cca9-image.png

My advise : don't use the GUI for the more 'complex' commands.
Ok for a

ls -al /

and that's it.
Use the command line, console or better : SSH access.

@svandive

Look at the logs ?

Have a look at what happens on the 'server' side : the web server GUI logs.
Console or SSH access, option 8, and then :

tail -f /var/log/nginx.log

@mbarlow

So you use 24.11 ?

The thing is, this file /usr/local/www/head.inc and line :

76180f08-ef13-4e57-aade-40f47834143c-image.png

doesn't seem to match with what you have.
There is no PHP on line 535.
Ok, true, you use a 1100 so it's not 'amd/intel" based, you have an arm version.
I'm presuming the GUI is still the same ...

The fact that you use ZFS will protect you from file system issues.
Just for the fun, when you have time, do the file check as explained in the video. It can't hurt ^^

@khb ah misread, sorry

Having gone ahead and created an explicit gateway group, with both WAN's Tier 1 .. and adjusting the LAN firewall rules to use that gateway group, enable/disable now works to simulate a wire pull for failover.

I'll also note that performance is now very good, at peak 2x our previous best observed peaks (up+down)

@opoplawski

The one liner method works also :

$config = parse_config(true); print_r($config); exec

@Gertjan On a separate note

Thank you for sharing the screenshot. I had been pulling my hair for the past few days trying to figure out why I could not access my WAN GUI from a external network.

I had followed the steps and setup the rule. But your screenshot showed me that I also needed to specify the port within the rule to allow access rather than a choosing HTTP or HTTPS as the destination port

FYI for anyone reading this, you need to pick Port Range as "other" and insert the Port you chose for your GUI which was set in System>Advanced> TCP Port

I'm enjoying learning about all this all thanks to you @Gertjan. On behalf of all the newbies and rookies, thank you for all your contributions

@madmaxpr said in 24.11 GUI crash report from firewall log:

nach Korrekturen suchen.

thanks, i have installed the patch and is worked now without errors

@patient0 said in Error Response Received / Can't access the Web GUI But seems to be Working:

And I would have thought that installing AdGuard (not an pfSense package AFAIK)

@doug_gordon41 :
A non pfSense package that uses the DNS port, thus blocking the resolver from using it.
It has a web server, thus blocking the pfSense GUI from using it.
Etc.

Read Using Software from FreeBSD again ...

Imho : re install pfSense.

@Fitin said in I can't access the web gui after changing hardware, but all services are working fine:

now the only thing I can't access again is the pfSense webgui in any way😐

What does the console menu shows you ?
And :

ifconfig

Double check that you didn't mix WAN and some LAN port.

ps aux | grep 'nginx' sockstat -4 | grep 'nginx'

The new system has new ? other network interface ?
If they got reordered at start, what previous firewall rules will be assigned to what interface ? ( just thinking out loud here )

@Gertjan

7zip did the trick. Thank you.

@Gertjan said in Shouldn't be here? (Solved):

edit : which creates the hilarious situation where you can't apply (it was applied), neither revert the original patch :

If you revert the second one then you can revert the original fix -- it's why they're ordered that way. So if you use apply all or revert all it will come out OK either way.

If you change the size after upgrading do they now change after rebooting?

@Gertjan said in RESOLVED Configuration history hanging php:

And "backupcount" is set to what ? 100 ?

I couldn't check this value exactly because it was hanging.
But based on the config size and the folder size, I would say a hundred indeed.

This one ?

Yes. How I didn't see that option to change the behavior 😢
Just changed to "Automatically backup on a regular schedule" and enabled ACB again.