Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    some services show can't start

    Scheduled Pinned Locked Moved Plus 23.09 Development Snapshots (Retired)
    131 Posts 5 Posters 33.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • yon 0Y
      yon 0 @stephenw10
      last edited by

      @stephenw10 said in some services show can't start:

      @yon-0 said in some services show can't start:

      HTTP/1.1 400 Bad Request

      This means it's sending the wrong client cert so you haven't opened the webgui recently.
      Run pfSense-repoc then retry.

      [23.09-BETA][admin@]/root: pfSense-repoc
[23.09-BETA][admin@]/root: pkg -d update
DBG(1)[25960]> pkg initialized
Updating pfSense-core repository catalogue...
DBG(1)[25960]> PkgRepo: verifying update for pfSense-core
DBG(1)[25960]> PkgRepo: need forced update of pfSense-core
DBG(1)[25960]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
DBG(1)[25960]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/meta.conf
DBG(1)[25960]> curl_open
DBG(1)[25960]> Fetch: fetcher used: pkg+https
DBG(1)[25960]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/meta.conf

DBG(1)[25960]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel01.atx.netgate.com in the .netrc file; using defaults
*   Trying [2610:160:11:18::209]:443...
*   Trying 208.123.73.209:443...
* Connected to pfsense-plus-pkg-devel01.atx.netgate.com (2610:160:11:18::209) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel01.atx.netgate.com
*  start date: Oct  9 15:13:58 2023 GMT
*  expire date: Sep 15 15:13:58 2123 GMT
*  common name: pfsense-plus-pkg-devel01.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-core/meta.conf HTTP/1.1
Host: pfsense-plus-pkg-devel01.atx.netgate.com
Accept: */*
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< HTTP/1.1 200 OK
Fetching meta.conf:   0%< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:19 GMT
< Content-Type: application/octet-stream
< Content-Length: 163
< Last-Modified: Tue, 17 Oct 2023 09:34:16 GMT
< Connection: keep-alive
< ETag: "652e5518-a3"
< Accept-Ranges: bytes
<
Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
* Connection #0 to host pfsense-plus-pkg-devel01.atx.netgate.com left intact
DBG(1)[25960]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/packagesite.pkg
DBG(1)[25960]> curl_open
DBG(1)[25960]> Fetch: fetcher used: pkg+https
DBG(1)[25960]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/packagesite.pkg

DBG(1)[25960]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel01.atx.netgate.com in the .netrc file; using defaults
* Found bundle for host: 0xa09f9c268d0 [serially]
* Re-using existing connection with host pfsense-plus-pkg-devel01.atx.netgate.com
> GET /pfSense_plus-v23_09_amd64-core/packagesite.pkg HTTP/1.1
Host: pfsense-plus-pkg-devel01.atx.netgate.com
Accept: */*
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< HTTP/1.1 200 OK
Fetching packagesite.pkg:   0%< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:20 GMT
< Content-Type: application/octet-stream
< Content-Length: 1584
< Last-Modified: Tue, 17 Oct 2023 09:34:17 GMT
< Connection: keep-alive
< ETag: "652e5519-630"
< Accept-Ranges: bytes
<
Fetching packagesite.pkg: 100%    2 KiB   1.6kB/s    00:01
* Connection #0 to host pfsense-plus-pkg-devel01.atx.netgate.com left intact
DBG(1)[25960]> PkgRepo: extracting packagesite.yaml of repo pfSense-core
DBG(1)[26089]> PkgRepo: extracting signature of repo in a sandbox
DBG(1)[25960]> Pkgrepo, reading new packagesite.yaml for '/var/db/pkg/repo-pfSense-core.sqlite'
Processing entries: 100%
pfSense-core repository update completed. 5 packages processed.
Updating pfSense repository catalogue...
DBG(1)[25960]> PkgRepo: verifying update for pfSense
DBG(1)[25960]> PkgRepo: need forced update of pfSense
DBG(1)[25960]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
DBG(1)[25960]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf
DBG(1)[25960]> curl_open
DBG(1)[25960]> Fetch: fetcher used: pkg+https
DBG(1)[25960]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf

DBG(1)[25960]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel00.atx.netgate.com in the .netrc file; using defaults
*   Trying [2610:160:11:18::207]:443...
*   Trying 208.123.73.207:443...
* Connected to pfsense-plus-pkg-devel00.atx.netgate.com (2610:160:11:18::207) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel00.atx.netgate.com
*  start date: Oct  9 15:13:42 2023 GMT
*  expire date: Sep 15 15:13:42 2123 GMT
*  common name: pfsense-plus-pkg-devel00.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf HTTP/1.1
Host: pfsense-plus-pkg-devel00.atx.netgate.com
Accept: */*
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< HTTP/1.1 200 OK
Fetching meta.conf:   0%< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:21 GMT
< Content-Type: application/octet-stream
< Content-Length: 163
< Last-Modified: Tue, 17 Oct 2023 09:34:03 GMT
< Connection: keep-alive
< ETag: "652e550b-a3"
< Accept-Ranges: bytes
<
Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
* Connection #0 to host pfsense-plus-pkg-devel00.atx.netgate.com left intact
DBG(1)[25960]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg
DBG(1)[25960]> curl_open
DBG(1)[25960]> Fetch: fetcher used: pkg+https
DBG(1)[25960]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg

DBG(1)[25960]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel00.atx.netgate.com in the .netrc file; using defaults
* Found bundle for host: 0xa09f9cebda0 [serially]
* Re-using existing connection with host pfsense-plus-pkg-devel00.atx.netgate.com
> GET /pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg HTTP/1.1
Host: pfsense-plus-pkg-devel00.atx.netgate.com
Accept: */*
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< HTTP/1.1 200 OK
Fetching packagesite.pkg:   0%< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:21 GMT
< Content-Type: application/octet-stream
< Content-Length: 195048
< Last-Modified: Tue, 17 Oct 2023 09:34:04 GMT
< Connection: keep-alive
< ETag: "652e550c-2f9e8"
< Accept-Ranges: bytes
<
Fetching packagesite.pkg: 100%  190 KiB 195.1kB/s    00:01
* Connection #0 to host pfsense-plus-pkg-devel00.atx.netgate.com left intact
DBG(1)[25960]> PkgRepo: extracting packagesite.yaml of repo pfSense
DBG(1)[26437]> PkgRepo: extracting signature of repo in a sandbox
DBG(1)[25960]> Pkgrepo, reading new packagesite.yaml for '/var/db/pkg/repo-pfSense.sqlite'
Processing entries: 100%
pfSense repository update completed. 725 packages processed.
All repositories are up to date.
[23.09-BETA][admin@pf.xiaoyu.net]/root: pkg-static -d rquery %v pkg
DBG(1)[55518]> pkg initialized
DBG(1)[55518]> PkgRepo: verifying update for pfSense-core
DBG(1)[55518]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
DBG(1)[55518]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/meta.conf
DBG(1)[55518]> curl_open
DBG(1)[55518]> Fetch: fetcher used: pkg+https
DBG(1)[55518]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/meta.conf

DBG(1)[55518]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel00.atx.netgate.com in the .netrc file; using defaults
*   Trying [2610:160:11:18::207]:443...
*   Trying 208.123.73.207:443...
* Connected to pfsense-plus-pkg-devel00.atx.netgate.com (2610:160:11:18::207) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel00.atx.netgate.com
*  start date: Oct  9 15:13:42 2023 GMT
*  expire date: Sep 15 15:13:42 2123 GMT
*  common name: pfsense-plus-pkg-devel00.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-core/meta.conf HTTP/1.1
Host: pfsense-plus-pkg-devel00.atx.netgate.com
Accept: */*
If-Modified-Since: Tue, 17 Oct 2023 09:34:17 GMT

< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:36 GMT
< Content-Type: application/octet-stream
< Content-Length: 163
< Last-Modified: Tue, 17 Oct 2023 09:34:16 GMT
< Connection: keep-alive
< ETag: "652e5518-a3"
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection
DBG(1)[55518]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/packagesite.pkg
DBG(1)[55518]> curl_open
DBG(1)[55518]> Fetch: fetcher used: pkg+https
DBG(1)[55518]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-core/packagesite.pkg

DBG(1)[55518]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel00.atx.netgate.com in the .netrc file; using defaults
* Hostname pfsense-plus-pkg-devel00.atx.netgate.com was found in DNS cache
*   Trying [2610:160:11:18::207]:443...
*   Trying 208.123.73.207:443...
* Connected to pfsense-plus-pkg-devel00.atx.netgate.com (2610:160:11:18::207) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel00.atx.netgate.com
*  start date: Oct  9 15:13:42 2023 GMT
*  expire date: Sep 15 15:13:42 2123 GMT
*  common name: pfsense-plus-pkg-devel00.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-core/packagesite.pkg HTTP/1.1
Host: pfsense-plus-pkg-devel00.atx.netgate.com
Accept: */*
If-Modified-Since: Tue, 17 Oct 2023 09:34:17 GMT

< HTTP/1.1 304 Not Modified
< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:37 GMT
< Last-Modified: Tue, 17 Oct 2023 09:34:17 GMT
< Connection: keep-alive
< ETag: "652e5519-630"
<
* Connection #1 to host pfsense-plus-pkg-devel00.atx.netgate.com left intact
DBG(1)[55518]> PkgRepo: verifying update for pfSense
DBG(1)[55518]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
DBG(1)[55518]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf
DBG(1)[55518]> curl_open
DBG(1)[55518]> Fetch: fetcher used: pkg+https
DBG(1)[55518]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf

DBG(1)[55518]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel01.atx.netgate.com in the .netrc file; using defaults
*   Trying [2610:160:11:18::209]:443...
*   Trying 208.123.73.209:443...
* Connected to pfsense-plus-pkg-devel01.atx.netgate.com (2610:160:11:18::209) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel01.atx.netgate.com
*  start date: Oct  9 15:13:58 2023 GMT
*  expire date: Sep 15 15:13:58 2123 GMT
*  common name: pfsense-plus-pkg-devel01.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/meta.conf HTTP/1.1
Host: pfsense-plus-pkg-devel01.atx.netgate.com
Accept: */*
If-Modified-Since: Tue, 17 Oct 2023 09:34:04 GMT

< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:39 GMT
< Content-Type: application/octet-stream
< Content-Length: 163
< Last-Modified: Tue, 17 Oct 2023 09:34:03 GMT
< Connection: keep-alive
< ETag: "652e550b-a3"
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection
DBG(1)[55518]> Request to fetch pkg+https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg
DBG(1)[55518]> curl_open
DBG(1)[55518]> Fetch: fetcher used: pkg+https
DBG(1)[55518]> curl> fetching https://pfsense-plus-pkg-devel.netgate.com/pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg

DBG(1)[55518]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pfsense-plus-pkg-devel01.atx.netgate.com in the .netrc file; using defaults
* Hostname pfsense-plus-pkg-devel01.atx.netgate.com was found in DNS cache
*   Trying [2610:160:11:18::209]:443...
*   Trying 208.123.73.209:443...
* Connected to pfsense-plus-pkg-devel01.atx.netgate.com (2610:160:11:18::209) port 443
* ALPN: curl offers http/1.1
*  CAfile: /etc/ssl/netgate-ca.pem
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=pfSense Plus; CN=pfsense-plus-pkg-devel01.atx.netgate.com
*  start date: Oct  9 15:13:58 2023 GMT
*  expire date: Sep 15 15:13:58 2123 GMT
*  common name: pfsense-plus-pkg-devel01.atx.netgate.com (matched)
*  issuer: C=US; ST=Texas; L=Austin; O=Rubicon Communications, LLC (Netgate); OU=Netgate root CA; CN=Netgate root CA
*  SSL certificate verify ok.
* using HTTP/1.1
> GET /pfSense_plus-v23_09_amd64-pfSense_plus_v23_09/packagesite.pkg HTTP/1.1
Host: pfsense-plus-pkg-devel01.atx.netgate.com
Accept: */*
If-Modified-Since: Tue, 17 Oct 2023 09:34:04 GMT

< HTTP/1.1 304 Not Modified
< Server: nginx
< Date: Tue, 17 Oct 2023 12:31:40 GMT
< Last-Modified: Tue, 17 Oct 2023 09:34:04 GMT
< Connection: keep-alive
< ETag: "652e550c-2f9e8"
<
* Connection #1 to host pfsense-plus-pkg-devel01.atx.netgate.com left intact
1.20.8_1
      yon 0Y 1 Reply Last reply Reply Quote 0
      • yon 0Y
        yon 0 @yon 0
        last edited by

        now it can upgarde, Could you add automatic repair functionality? If we have a problem in the future, we don’t know which command to use to fix it.

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          All of that should happen automatically when you open the webgui and it checks for updates. The only reason we are running those commands is because it's failing and we are trying to find out why.

          If it upgrades successfully every time when you run:

          pfSense-repoc
pkg-static update
pfSense-upgrade

          Then the issue is something in the way the gui runs those.

          Steve

          yon 0Y 1 Reply Last reply Reply Quote 0
          • yon 0Y
            yon 0 @stephenw10
            last edited by

            @stephenw10 said in some services show can't start:

            All of that should happen automatically when you open the webgui and it checks for updates. The only reason we are running those commands is because it's failing and we are trying to find out why.

            If it upgrades successfully every time when you run:

            pfSense-repoc
pkg-static update
pfSense-upgrade

            Then the issue is something in the way the gui runs those.

            Steve

            Because php gui often has problems, since then I have used the cli command window to perform upgrades.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              @stephenw10 said in some services show can't start:

              pfSense-repoc
              pkg-static update
              pfSense-upgrade

              Ok so run those commands in that order to do upgrades from the CLI and see if you still see failures.

              yon 0Y 1 Reply Last reply Reply Quote 0
              • yon 0Y
                yon 0 @stephenw10
                last edited by

                @stephenw10

                https://redmine.pfsense.org/issues/14890

                run the command
                /sbin/ifconfig tun_wg3 inet6 'fe80::32ed:b7ff:fe85:93d3' -alias
                show:

                ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address

                wireguard still can't start service . in fact, wirgaurd have been running.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Yes it's likely because that command is trying to remove an alias from the interface that doesn't exist?

                  yon 0Y 1 Reply Last reply Reply Quote 0
                  • yon 0Y
                    yon 0 @stephenw10
                    last edited by yon 0

                    @stephenw10

                    when wiregaurd restart, then wg interface was lost?

                    I used the manually added fe80 address. When I restarted the wg service, the fe80 address disappeared.

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      So, to be clear, how was this setup in 23.05.1? Assuming it worked as expected there?

                      yon 0Y 1 Reply Last reply Reply Quote 0
                      • yon 0Y
                        yon 0 @stephenw10
                        last edited by

                        @stephenw10

                        The settings are brought over from the 23.05 configuration.

                        Maybe I found the reason why starting wg service cannot be displayed.

                        when setup wiregaurd endpoint address use pfsense LAN gateway ipv6 address, then pfsense show can't start wiregaurd service.

                        Could you try test this?

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          So you were adding the IPv6 LL addresses as IPAliases VIPs in 23.05.1 also?

                          Is the LAN IPv6 address not valid?

                          yon 0Y 1 Reply Last reply Reply Quote 0
                          • yon 0Y
                            yon 0 @stephenw10
                            last edited by

                            @stephenw10 said in some services show can't start:

                            So you were adding the IPv6 LL addresses as IPAliases VIPs in 23.05.1 also?
                            yes.

                            Is the LAN IPv6 address not valid?
                            when wireguard endpoint input Lan ip, then pfsense can't start wg service. but in fact wg is normal running.
                            i have try deleted endpoint LAN ip, only use 127.0.0.1 ,then pfsense may start wg service.

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S
                              stephenw10 Netgate Administrator
                              last edited by

                              Right but the LAN IPv6 address it's set to use is a valid address at the time WG tries to start?

                              yon 0Y 1 Reply Last reply Reply Quote 0
                              • yon 0Y
                                yon 0 @stephenw10
                                last edited by

                                @stephenw10 said in some services show can't start:

                                Right but the LAN IPv6 address it's set to use is a valid address at the time WG tries to start?

                                yes, it is public ipv6 valid address.

                                yon 0Y 1 Reply Last reply Reply Quote 0
                                • yon 0Y
                                  yon 0 @yon 0
                                  last edited by

                                  use 127.0.0.1 wg endpoint address can't start service also now.

                                  23.09-BETA (amd64)
                                  built on Wed Oct 18 14:00:00 CST 2023
                                  FreeBSD 14.0-CURRENT

                                  Oct 18 22:05:57	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Oct 18 22:05:57	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Default gateway setting frwg0 as default.
Oct 18 22:05:55	check_reload_status	1217	Syncing firewall
Oct 18 22:05:54	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Oct 18 22:05:53	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Oct 18 22:05:52	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Oct 18 22:05:51	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Oct 18 22:05:50	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Oct 18 22:05:49	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Oct 18 22:05:48	check_reload_status	1217	Syncing firewall
Oct 18 22:05:48	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Oct 18 22:05:40	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for UKWG
Oct 18 22:05:40	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i UKWG -B 10.18.1.2 -p /var/run/dpinger_UKWG~10.18.1.2~10.18.1.1.pid -u /var/run/dpinger_UKWG~10.18.1.2~10.18.1.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.18.1.1 >/dev/null' returned exit code '1', the output was ''
Oct 18 22:05:40	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW
Oct 18 22:05:39	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway FMTZHU
Oct 18 22:05:39	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway DEwg
Oct 18 22:05:37	check_reload_status	1217	Syncing firewall
Oct 18 22:05:37	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Oct 18 22:05:35	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Oct 18 22:05:35	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Oct 18 22:05:33	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Oct 18 22:05:33	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Oct 18 22:05:32	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Oct 18 22:05:32	check_reload_status	1217	Syncing firewall
Oct 18 22:05:32	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Oct 18 22:05:26	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for OPT7GW
Oct 18 22:05:26	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i OPT7GW -B 10.17.2.2 -p /var/run/dpinger_OPT7GW~10.17.2.2~10.17.2.1.pid -u /var/run/dpinger_OPT7GW~10.17.2.2~10.17.2.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.17.2.1 >/dev/null' returned exit code '1', the output was ''
Oct 18 22:05:26	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW
Oct 18 22:05:26	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway WAN_PPPOE
Oct 18 22:05:24	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Oct 18 22:05:23	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Oct 18 22:05:22	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Oct 18 22:05:21	check_reload_status	1217	Syncing firewall
Oct 18 22:05:21	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Oct 18 22:05:21	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Oct 18 22:05:20	check_reload_status	1217	Syncing firewall
Oct 18 22:05:20	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Oct 18 22:05:20	check_reload_status	1217	Syncing firewall
Oct 18 22:05:19	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Oct 18 22:05:12	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for DEwgGW
Oct 18 22:05:12	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i DEwgGW -B 10.11.0.2 -p /var/run/dpinger_DEwgGW~10.11.0.2~10.11.0.1.pid -u /var/run/dpinger_DEwgGW~10.11.0.2~10.11.0.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.11.0.1 >/dev/null' returned exit code '1', the output was ''
Oct 18 22:05:05	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Oct 18 22:05:04	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Oct 18 22:05:03	check_reload_status	1217	Syncing firewall
Oct 18 22:05:03	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Oct 18 22:05:01	check_reload_status	1217	Syncing firewall
Oct 18 22:05:01	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Oct 18 22:05:00	check_reload_status	1217	Syncing firewall
Oct 18 22:04:59	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Oct 18 22:04:58	check_reload_status	1217	Syncing firewall
Oct 18 22:04:57	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Oct 18 22:04:57	check_reload_status	1217	Syncing firewall
Oct 18 22:04:57	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Oct 18 22:04:49	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for wg3GW
Oct 18 22:04:49	php_wg	48848	/usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i wg3GW -B 10.15.1.2 -p /var/run/dpinger_wg3GW~10.15.1.2~10.15.1.1.pid -u /var/run/dpinger_wg3GW~10.15.1.2~10.15.1.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.15.1.1 >/dev/null' returned exit code '1', the output was ''
Oct 18 22:04:48	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg3GW
Oct 18 22:04:48	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0
Oct 18 22:04:48	php-fpm	60021	/rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW
                                  yon 0Y 1 Reply Last reply Reply Quote 0
                                  • yon 0Y
                                    yon 0 @yon 0
                                    last edited by

                                    Filter Reload
                                    There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                    @ 2023-10-24 00:11:20
                                    There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                    @ 2023-10-24 00:12:14
                                    There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                    @ 2023-10-24 00:13:08
                                    There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12

                                    M 1 Reply Last reply Reply Quote 0
                                    • stephenw10S
                                      stephenw10 Netgate Administrator
                                      last edited by

                                      What address is that mapping supposed to be from?

                                      yon 0Y 1 Reply Last reply Reply Quote 0
                                      • yon 0Y
                                        yon 0 @stephenw10
                                        last edited by

                                        @stephenw10

                                        no setup Port Forward for pppoe2. I don't know where this comes from either.

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          It's a 1:1 NAT rule.

                                          Do you have any 1:1 NAT rules? Perhaps the interface got switched out somehow.

                                          1 Reply Last reply Reply Quote 0
                                          • M
                                            marcosm Netgate @yon 0
                                            last edited by marcosm

                                            @yon-0 said in some services show can't start:

                                            Filter Reload
                                            There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                            @ 2023-10-24 00:11:20
                                            There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                            @ 2023-10-24 00:12:14
                                            There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
                                            @ 2023-10-24 00:13:08
                                            There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12

                                            Thank you for reporting this. The fix should be in the next snapshot. See https://redmine.pfsense.org/issues/14918

                                            If that fixes it for you, please let us know here or on the redmine report.

                                            yon 0Y 2 Replies Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.