That doesn't appear to be a specific exploit/vulnerability so it's difficult to assess.

The usual precautions apply though; don't open services on your firewall to the internet.

@NickJH said in Why does losing internet make me lose my LAN?:

May 16 11:54:44 pfSense php-fpm[75615]: /rc.start_packages: Restarting/Starting all packages.
May 16 11:54:44 pfSense anmuscle[85684]: Starting anmuscle
May 16 11:54:44 pfSense anmuscle[4545]: Stopping anmuscle
May 16 11:54:46 pfSense anmuscle[11836]: Successfully stopped anmuscle
May 16 11:54:46 pfSense anmuscle[13056]: Finished configuring DTTS pf rules
May 16 11:54:47 pfSense anmuscle[14274]: Successfully started anmuscle on 13443

Something looks like it's out of sequence here.
When packages are restarted they are all first "stopped".
Then started.

Here, for "anmuscle" : the stop starts with a start (now two instances are running ?), then a stop ....
and then a start again.
Strange.
I also upvote unbound here.

Thanks, that fixed it! Not sure why I was too afraid to try that.

@stephenw10
Yes, on aws EC2s

hi @Gertjan thanks for the replies

Alrighty! Thank you so much for the explanations... and for writing it in a way I can understand. That message makes sense now. I really appreciate everyone's help!

Since I can't edit my post anymore.

The problem fixed itself after about 3 hours?
How is that a thing?

Edit"2".
https://tweakers-net.translate.goog/nieuws/221976/delta-en-caiway-klanten-hebben-problemen-met-google-diensten-door-storing.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp

Still.... amazing how it was working on the phone without a vpn to the router and not with, whilst some clients were having no issues at all and others just plain refusing...

Does WAN2 actually have a DHCP lease? Is the WAN2 gateway shown in Diag > ARP?

It could just be an upstream issue at the ISP.

https://redmine.pfsense.org/issues/15499

@stephenw10 said in Rearranging the interfaces:

Not worth it IMO.

I get some peoples ocd tendencies, etc. But the only time I ever look at the assignment page is to take a screenshot to show users which is way more often than I actually go in their myself for something ;)

You can sort by name in the widget you might have on your dashboard, and the drop down to go to an interface is sorted as well with that check box..

I could see maybe if was a really long list and you didn't want to scroll through them all or something?

Its almost certainly blocked on the client device directly. So like Windows firewall, if it's a Windows device.

Ah, nice. 👍

What exactly are you seeing?

@GeorgePatches said in What happened to the CE downloads?:

@mcury Yes, that part seemed to work much like the standard installer.

Thanks GeorgePatches 👍

@usafit why would you think that should go on your firewall.. Endpoint is in the name even, pfsense or any router/firewall is not an "endpoint"

The firewall aspect of pfsense, just allows you to control what is routed.. Can endpoint A on network X talk to endpoint B on network Y..

An endpoint is something that starts a conversation, the other end point is what that something is talking to.. Pfsense is the router between when those 2 things are on different network..

Sure when you access the gui of say pfsense, then pfsense is the endpoint in that conversation.. But vast majority of traffic flows thru pfsense, pfsense is not the "endpoint".. Installing such software doesn't make a lot of sense for something like pfsense.. You would put that on your VM host, or the vm themselves or you laptop or your PC, or your phone, etc. Some iot device..

Is it no longer possible to download the CE images without registration?

If you see it again I would check the state table. The dpinger state may have been created on the wrong interface before the VTI came up and still be there.

@johnpoz
Thank you John. I'll have to do some research and figure out how to implement this.

There is nothing public. Generally we include as a recommended patch anything that can be fixed by a run-time patch, is confirmed as fixed definitively and has significant impact.