-
I am not home now, so I don't know how to do this....
Yesterday I VPN in and found the negate 3100 full with log files....over 103%.... So I decided to delete many of these log files hoping it would clear up some of the hard drive space
After that I decided to restore the latest configuration file that I had backed up the night before, thinking the log files won't fill up my hard drive anymore
After the restore the net gate reboot and I just lost all VPN connection
I sent my neighbor this morning to take a look at the situation and she send me pictures off three blue LEDs blinking simultaneously.
We tried to reboot the router multiple times to no avail
We also tried to reset the router using a paper clip and it still ended up being the three LEDs blinkingI do upload my configuration files to the netget server every time there is a change.
I'm still out of town now and wondering what can be done to get this firewall up and running, aside from me physically in front of it trying to restore everything
My wild thinking is if netget could restore the latest configuration file which also has VPN server built-in then I would be up and running in no time. But this may be pipe dream
Thank you
Jim -
@caymann Are you running Suricata?
Connect via the console (https://docs.netgate.com/pfsense/en/latest/solutions/sg-3100/connect-to-console.html)
Go to the Shell (option 8) and run this command and send back the result:
du -a /var | sort -n -r | head -n 10 -
R rcoleman-netgate moved this topic from Official Netgate® Hardware on
-
@rcoleman-netgate .....yes I am running Suricata
Sorry I am not home, so I can't do any shell commands -
R rcoleman-netgate moved this topic from General pfSense Questions on
-
@caymann Suricata needs to be configured to do proper log rotation. I've moved this ticket into the IDS/IPS channel so that others can see this and help you out.
Additionally if you are running this on a 3100 BASE you will likely kill your eMMC in a matter of months if not weeks with the logging level that Suricata runs out of the gate.
If you can SSH in or run those commands from the GUI you can clean up after Suricata using the rm commands.
-
All three LEDs blinking blue means it never finished booting. So really you need to connect to the console to see where it stopped and why.
Steve
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.