• Fatal Trap 12 page fault while in kernel mode

    2
    0 Votes
    2 Posts
    967 Views
    jimpJ

    Reboot the box, stop at the loader prompt, type "show" and look for any em tunables you may have had set, for each of those, run "unset xxxxxx" where xxxxxx is the variable name of the tunable, when they're all unset, boot and see if it works.

    Odds are that you either had an em tunable in /boot/loader.conf or /boot/loader.conf.local that either had no effect before and is honored now, or that is no longer necessary.

    If it boots OK, edit those files and remove any em tunables and see if it reboots OK on its own the next time.

  • NAT Reflection Broken after Upgrade

    10
    0 Votes
    10 Posts
    2k Views
    D

    @doktornotor:

    You have yet again rewritten "oh noes it does not work". I did not ask for definition of NAT reflection, but for details about what's exactly set up how and does not work. Also you have any good reason to use NAT + Proxy instead of Pure NAT?

    I thought my last post was detailed enough. pfsense makes many things easy. I realize there is a lot going on behind the scenes, but it is just a simple drop down menu to enable it. Below is pfsense hint information for NAT Reflection and Pure NAT.

    **"When enabled, this automatically creates additional NAT redirect rules for access to port forwards on your external IP addresses from within your internal networks.

    The NAT + proxy mode uses a helper program to send packets to the target of the port forward. It is useful in setups where the interface and/or gateway IP used for communication with the target cannot be accurately determined at the time the rules are loaded. Reflection rules are not created for ranges larger than 500 ports and will not be used for more than 1000 ports total between all port forwards. Only TCP and UDP protocols are supported.

    The pure NAT mode uses a set of NAT rules to direct packets to the target of the port forward. It has better scalability, but it must be possible to accurately determine the interface and gateway IP used for communication with the target at the time the rules are loaded. There are no inherent limits to the number of ports other than the limits of the protocols. All protocols available for port forwards are supported.

    Individual rules may be configured to override this system setting on a per-rule basis."**

  • Dnsmasq failure's after 2.1.1 and 2.1.2 upgrade

    2
    0 Votes
    2 Posts
    772 Views
    M

    Reply to myself…

    just had another failure, this time I checked the log's:

    On Resolver Log i found:

    failed to load names from /etc/hosts: Too many open files in system

    And on System Log lot's of:

    kernel: pid 65477 (dhcpd), uid 1002 inumber 5975 on /var: filesystem full

    Googling the first entry i found that thread:
    https://forum.pfsense.org/index.php?topic=63357.0

    So I'll continue over there… ;-)

  • Feasibility of pfSense + Squid + SquidGuard

    1
    0 Votes
    1 Posts
    757 Views
    No one has replied
  • 2.1 -> 2.1.2 Upgrade Issue

    6
    0 Votes
    6 Posts
    2k Views
    M

    Here is the "gateways" section:

    <gateways><gateway_item><interface>opt1</interface> <gateway>192.168.65.254</gateway> <name>AspinwallGW</name> <weight><interval><ipprotocol>inet</ipprotocol></interval></weight></gateway_item> <gateway_item><interface>wan</interface> <gateway>X.159.198.129</gateway> <name>CharterBusiness</name> <weight><interval><descr><ipprotocol>inet</ipprotocol></descr></interval></weight></gateway_item> <gateway_item><interface>wan</interface> <gateway>X.181.155.193</gateway> <name>CharterBusiness_LJG2</name> <weight><interval><descr><ipprotocol>inet</ipprotocol></descr></interval></weight></gateway_item> <gateway_item><interface>lan</interface> <gateway>192.168.50.2</gateway> <name>Untangle_GW</name> <weight>1</weight> <ipprotocol>inet</ipprotocol> <interval></interval></gateway_item> <gateway_item><interface>opt2</interface> <gateway>172.20.1.1</gateway> <name>OPT2GW</name> <weight><ipprotocol>inet</ipprotocol> <interval><defaultgw></defaultgw></interval></weight></gateway_item></gateways>

    A couple things:

    My WAN default gateway is X.181.155.193 and named "CharterBusiness_LJG2"

    That "opt2" interface was just entered as a test and was deleted months ago.

    I used to see that opt2 interface IP (172.20.1.1) in my logs, but couldn't for the life of me figure out where it was coming from since it wasn't configured in my system anywhere….  now I know.... it's there behind the scenes.

  • Problem updating NanoBSD 2.1 to 2.1.2: Disk Full

    4
    0 Votes
    4 Posts
    1k Views
    J

    @robi:

    But the download could go to ramdisk instead…

    Sure, except that machines running from a 512MB card (Alix boxes) are likely to have 256MB of RAM which is barely enough to keep things running.

    This will get you going for now.  Long term though you should upgrade to a larger card.

    https://forum.pfsense.org/index.php?topic=74140.0

  • WAN interface stuck on PPPoE

    1
    0 Votes
    1 Posts
    781 Views
    No one has replied
  • Arpwatch Not working After upgrade to 2.1.1

    5
    0 Votes
    5 Posts
    1k Views
    F

    I entered again packages tab
    I saw the package in the list of installed packages

    I clicked on reinstall
    It came back

  • DHCP Windows server 2008 Isolation PF Sense in Vmware esxi

    6
    0 Votes
    6 Posts
    2k Views
    F

    You should probably check your default gateway and dns servers. Those shouldn't be blank!? You should point default gateway to pfSense LAN ip and DNS to the Windows 2008 Server. Also make sure to configure DNS on the Windows 2008 Server so that it knows one or more relays where it can check for addresses it doesn't know itself. This can be either pfSense's DNS forwarder or your ISP's DNS or Google DNS (8.8.8.8).

    By asking if you can get to internet from pfSense, I meant that can you ping google.com or other address from pfSense GUI or console? I ask this to make sure that it's not pfSense's fault that your client machine can't connect to internet.

  • Fatal Trap12 page fault while in kernel mode

    6
    0 Votes
    6 Posts
    1k Views
    T

    ok i think i found the cause of this problem

    i reinstalled 2.1.2 RELEASE and  configured everything as usual
    Then i added the NIC tweak - (https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards)

    /boot/loader.conf.local
    kern.ipc.nmbclusters="655356"
    hw.em.num_queues="4"

    as we always did- but after adding this line, and rebooting, ill get the exact same error message.

    any idea why?

  • 2.1.1 -> 2.1.2 Status: Traffic Graph - Solve

    6
    0 Votes
    6 Posts
    2k Views
    A

    thanks you problem solve!.

    dont know what cause the problem but fresh install fix the problem.

  • Upgrade to latest: Unable to load a kernel

    5
    0 Votes
    5 Posts
    1k Views
    J

    @cmb

    Thanks, I would like to try that but don't know how. Can you explain ?

  • 2.1 to 2.1.2 upgrade - word of warning

    6
    0 Votes
    6 Posts
    2k Views
    C

    The only way that happens is if you have NICs assigned in your config that aren't actually present anymore. Then things can't function until the system knows what NICs it should be using, since what's in your config isn't actually valid (NIC removed from the system generally, on occasion a hardware failure will make a NIC disappear entirely).

    If you go to Interfaces>assign before the upgrade and verify all your assigned interfaces actually exist, remove or fix any that don't, that won't happen.

  • Why such a hunk of shit

    3
    0 Votes
    3 Posts
    1k Views
    C

    doktor's right on there.

    You're very obviously doing it wrong. I've NEVER had to reinstall a production system short of hardware failure or someone getting in and modifying the source on their own, and I have upwards of 20,000 hours of my life into this over the past decade. Supporting over 1000 companies via portal.pfsense.org.

  • I HAVE A PROXY IN COLLEGE!!!

    3
    0 Votes
    3 Posts
    1k Views
    D

    Thanks Steve…worked.

  • 2.1 to 2.1.1 Issues

    7
    0 Votes
    7 Posts
    2k Views
    R

    I've run into a strange issue where my pfSense nanoBSD 2.1 will not upgrade to 2.1.1 or 2.1.2. I have tried using the webGUI and the manual update but each fails at the 48% download/upload. Since I'm running off a 4GB USB drive, I'm simply building another USB using Physdiskwrite with the 2.12 image and will restore my configuration from backup. Will report back with results.

  • Can't update 2.1.1 to 2.1.2, 413 Request Entity Too Large

    11
    0 Votes
    11 Posts
    4k Views
    stephenw10S

    Yes, 9600bps does seem a little outdated these days.
    I would fully expect that running /var on a flash drive will kill it eventually but I would also expect it to take while on a, say, 2GB stick and they are now very cheap. I guess the issue would be what happens if the drive fails? The script would take care of it on reboot but what would happen before that? A by product of this would also be that logs would be readable after a crash and also easily removed from the box for reading.
    Personally I don't have an Alix box so it's not an issue for me. There have been a number of upgrade failure reports since 2.1 though where memory exhaustion seemed to be the culprit, this mod could help that. I wouldn't expect it to ever be official though.  ;)

    Steve

  • Firebox x750e running 2.1…safe to auto-upgrade?

    11
    0 Votes
    11 Posts
    2k Views
    O

    I was a bit disappointed that this 2950 ended up being so loud and hot, but honestly now that I'm running this x750e I staged months ago but never used…I'm starting to realize that it's probably better this way.  Keep pfSense on its own dedicated box rather than in a VM on one of my ESXi hosts alongside other VMs.  Whenever my 860 crashed it took my network and internet connectivity with it.

    I'll keep the pfSense VM on the 860 as a backup in case the firebox fails.

  • Operation not permitted in the upgrade_log.txt

    3
    0 Votes
    3 Posts
    892 Views
    C

    Thanks Jimp  :) !

  • 2.1.2 Cannot redeclare crypt_data()

    9
    0 Votes
    9 Posts
    2k Views
    S

    This bricked one of my boxes.

    Insert rude ramblings about previous comments from pfSense team about packages bricking boxes, and finding out this time it's a 'paid for' and marked stable package.

    Thank you jimp (and pfSense team), for the quick repair instructions, for the one time I didn't download an iso simultaneously, and thank you Google, may you always 'steal' my information, so you may provide me the fastest search result in my time of dis pare.

    (and yes, I realize this was pushed out 'quickly' because of HeartBleed.., and yes, I apologize for not adding any real value to this conversation)

    I hope in time this mystical new framework/system the other Jim is talking about resolves issues like this before someone gets bit..

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.