• 0 Votes
    22 Posts
    2k Views
    stephenw10S

    Those logs are expected if you open the webgui to random connection attempts. It's not an indication of any sort of compromise.

    You can test it yourself, just try to access some page before you login and you will see those logs:

    Apr 5 22:02:16 nginx 2023/04/05 22:02:16 [error] 47504#100318: *72304 open() "/usr/local/www/somenonexistentpage.htm" failed (2: No such file or directory), client: 172.21.16.8, server: , request: "GET /somenonexistentpage.htm HTTP/2.0", host: "4100.stevew.lan"
  • 0 Votes
    9 Posts
    1k Views
    H

    @johnpoz said in how to set up split-dns to access internal server via external ip and port from inside the network??:

    @hsssslaa said in how to set up split-dns to access internal server via external ip and port from inside the network??:

    it will get handed over to the dns configured under General Setup.

    only if you setup forwarding.. By default unbound resolves, it doesn't forward - if you want your dns to come from say 1.1.1.1 you have to setup that up in general and then turn on forwarding in unbound.

    Thanks for your explanation, it all makes sense. Yes, I do have the forwaring turned on so all is working as it should.

  • Interface doesn't connect - no carrier

    3
    0 Votes
    3 Posts
    770 Views
    F

    @stephenw10 You were correct, mistaken identity :)

  • PF Restart every time

    2
    0 Votes
    2 Posts
    217 Views
    stephenw10S

    Backtrace:

    db:0:kdb.enter.default> bt Tracing pid 11 tid 100005 td 0xfffff80004325000 kdb_enter() at kdb_enter+0x37/frame 0xfffffe003f174490 vpanic() at vpanic+0x197/frame 0xfffffe003f1744e0 panic() at panic+0x43/frame 0xfffffe003f174540 trap_fatal() at trap_fatal+0x391/frame 0xfffffe003f1745a0 trap() at trap+0x67/frame 0xfffffe003f1746b0 calltrap() at calltrap+0x8/frame 0xfffffe003f1746b0 --- trap 0x9, rip = 0xffffffff80da98f4, rsp = 0xfffffe003f174780, rbp = 0xfffffe003f1747e0 --- callout_process() at callout_process+0x184/frame 0xfffffe003f1747e0 handleevents() at handleevents+0x188/frame 0xfffffe003f174820 timercb() at timercb+0x25f/frame 0xfffffe003f174870 lapic_handle_timer() at lapic_handle_timer+0x9b/frame 0xfffffe003f1748a0 Xtimerint() at Xtimerint+0xb1/frame 0xfffffe003f1748a0 --- interrupt, rip = 0xffffffff81531986, rsp = 0xfffffe003f174970, rbp = 0xfffffe003f174970 --- acpi_cpu_c1() at acpi_cpu_c1+0x6/frame 0xfffffe003f174970 acpi_cpu_idle() at acpi_cpu_idle+0x2e0/frame 0xfffffe003f1749b0 cpu_idle_acpi() at cpu_idle_acpi+0x3e/frame 0xfffffe003f1749d0 cpu_idle() at cpu_idle+0x9f/frame 0xfffffe003f1749f0 sched_idletd() at sched_idletd+0x326/frame 0xfffffe003f174ab0 fork_exit() at fork_exit+0x7e/frame 0xfffffe003f174af0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe003f174af0 --- trap 0, rip = 0, rsp = 0, rbp = 0 ---

    Panic:

    kernel trap 9 with interrupts disabled Fatal trap 9: general protection fault while in kernel mode cpuid = 2; apic id = 04 instruction pointer = 0x20:0xffffffff80da98f4 stack pointer = 0x28:0xfffffe003f174780 frame pointer = 0x28:0xfffffe003f1747e0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = resume, IOPL = 0 current process = 11 (idle: cpu2) trap number = 9 panic: general protection fault cpuid = 2 time = 1680623985 KDB: enter: panic

    Nothing significant in the message buffer

    It looks like something in the idle process so maybe some unsupported power saving function?

    Has it always done this?

    Steve

  • Filter logs by time and date

    2
    0 Votes
    2 Posts
    391 Views
    stephenw10S

    You need to use REGEX there so something like: Apr .4 1[2-5]

    Though I'm sure anyone with REGEX skilz could do better. 😉

  • Multi-topic question: NAT, VPN, possibly IPSEC

    10
    0 Votes
    10 Posts
    800 Views
    stephenw10S

    It could be either but I would set it up as 'split tunneling'. So OpenVPN on pfSense on your LAN will only route traffic to the OpenVPN tunnel subnet or other remote subnets. The server sends the subnets to route to the clients when it connects.
    So, yes, you can keep a PIA client separately and route traffic across that without causing a conflict.

  • High CPU Usage and Delay Calling ifconfig -v ix0/ix1; Delays Dashboard Load

    19
    0 Votes
    19 Posts
    2k Views
    stephenw10S

    Better to add comments to the bug so all developers can see them.

  • SMTP Test Successful, But Error With "Real" Email

    5
    0 Votes
    5 Posts
    785 Views
    U

    @serbus Thanks John. That's probably a better idea than what I am doing.

    I do have it working now, though. I had it testing successfully using port 465 SSL/TLS, but true notifications failed. I changed to 587 plain and notifications are being received.

    Thanks for the replies.

  • Multi WAN with NAT Reflection

    8
    0 Votes
    8 Posts
    792 Views
    stephenw10S

    When you use an actual proxy, like HAProxy, you don't need any sort of reflection. The proxy will listen on the public IP for incoming traffic from any source and will open it's own connections to the backend so no outbound NAT is needed there either.
    So your LAN rules would need to allow connections from LAN to the WAN IP HAProxy is listening on without routing via the WAN gateway.

    Steve

  • Is rsync preinstalled in pfSense?

    7
    0 Votes
    7 Posts
    2k Views
    senseivitaS

    Oh, man. That's not good.

    I thought for a second to initiate rsync job from the remote host but I remembered about this one time rsync on a target macOS was too old (no surprise there) and it failed one of the options—so… it's required on both ends.

    Thanks again everyone. I'll go with scp, it has to be there. The good thing is that it's only a handful of files that have to be overwritten anyway triggered by a successful task, e.g; successful cert renewal. There is no need to compare files or anything like that.

    I'd like to share it when I'm done (almost there, as soon as I simplify error checking) so I don't want to script an install because I think that would be too invasive.

  • Arpwatch email since upgrading to 23.01

    Moved
    8
    0 Votes
    8 Posts
    1k Views
    F

    @stephenw10 Thanks!

  • ntopng top talkers no values

    17
    0 Votes
    17 Posts
    2k Views
    stephenw10S

    No packages are not covered by TAC Lite. But this seems like a bug anyway so opening a bug report is correct way to go.

  • Issues after upgrading to 23.01

    11
    0 Votes
    11 Posts
    1k Views
    D

    @stephenw10
    @SteveITS

    It seemed a weird issue, I could navigate to the bbc.com, apple.com but netgate.com and this forum I could not resolve. I could ping those addresses.

    I unticked the DNSSEC support, which gave me the above results.

    So, just for laughs and giggles, I Factory Reset pFsense and manually inputted the barest setups and went and unticked the DNSSEC support button and ALL was GOOD. Could get everywhere.

    Am assuming that since this has been an old setup that I have added and added (for over 10 years), that along the way there is something not quite right, an issue buried long ago that has now bitten me on the bum.

    So, am going to take this opportunity to (almost) start again, I've been able to re-import restore areas, such as OpenVPN (although I need to add new user certificates ).

    Oh well. Thanks all for your kind help!

    Ian

  • Cuts in streamed music?!

    7
    0 Votes
    7 Posts
    977 Views
    F

    @dobby_ said in Cut's in streamed music?!:

    @furom said in Cut's in streamed music?!:

    No disconnects, and well, atm I have pfBlocker installed, but this started a long time before I recently installed that.

    Perhaps other packets installed?

    Snort with some rules affecting that behaviour Squid and ClamAV and not checked don´t scan "streams" Squid set up to pass through streams from audio and/or video in pfBlocker-NG the servers for the streaming into a whitelist perhaps?

    Thanks for good suggestion! This started before I even knew I could install any sort of packets on pfSense, so I must assume it is not the setup in itself...?

  • 0 Votes
    4 Posts
    1k Views
    stephenw10S

    Hmm, I'm not sure how to show that per interface. Possibly some combination of netstat -i and netstat -Q

  • No packages available for download

    2
    0 Votes
    2 Posts
    221 Views
    M

    Solved it.
    There was a repo defined in my list - found at /usr/local/etc/pkg/repos/

    Deleted the repo and i was able to bring down a list.

    I knew there was an issue when i ran the following command from the shell:
    pkg clean -ay

  • UDP with haproxy

    2
    0 Votes
    2 Posts
    1k Views
    NollipfSenseN

    @lewis said in UDP with haproxy:

    From all that I've found, I suspect there is no way of doing this.

    You found the answer, hooray!

  • ONT Wifi Router and No WAN PPPoe

    5
    0 Votes
    5 Posts
    772 Views
    Dobby_D

    @amar-tataelxsi

    ISP -- ONT -- ISP Router 192.168.1.0/24 -- pfSense WAN Port
    with static IP 192.168.1.5/24 --- switch --- lan devices

    On the WNA settings you should uncheck the privat IP addresses and all should be fine On the ISP no DHCP On the pfSense DHCP for LAN

    PPPoE will be done at the IPS router and you will get the benfit on top that you can use multicore at the wan from
    the pfSense and that means, more cpu cores = more wan queues and so more or higher wan speed!

  • Whats the best way to Power down with a UPS

    4
    0 Votes
    4 Posts
    548 Views
    JKnottJ

    @violetdragon

    I have an APC UPS and APCUPSD works fine here.

  • How to monitor internet bandwidth?

    10
    0 Votes
    10 Posts
    1k Views
    CreationGuyC

    Bandwidthd would not work well, barely would load for me. I have ntopng and traffic totals. I see that today, something downloaded 5.5GB of data and no one has been on the internet expect to check weather and these posts.

    I cannot find how to look to see what device today in ntopng has downloaded that data and what kinda.

    If you look at this screen shot, WAN Rx has 2.5GB and CAMLAN Tx has almost that much. I thought Tx was transmit? I did log on around 1PM to download 2 updates for the NVR software, one of which I don't know how large it is. Also, of note, I used Remote Desktop Connection to remote into the NVR system from LAN VLAN. Is it possible that this tool is measuring traffic from CAMLAN to LAN traffic?
    tstats.PNG

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.