some services show can't start
-
now it can upgarde, Could you add automatic repair functionality? If we have a problem in the future, we don’t know which command to use to fix it.
-
All of that should happen automatically when you open the webgui and it checks for updates. The only reason we are running those commands is because it's failing and we are trying to find out why.
If it upgrades successfully every time when you run:
pfSense-repoc pkg-static update pfSense-upgradeThen the issue is something in the way the gui runs those.
Steve
-
@stephenw10 said in some services show can't start:
All of that should happen automatically when you open the webgui and it checks for updates. The only reason we are running those commands is because it's failing and we are trying to find out why.
If it upgrades successfully every time when you run:
pfSense-repoc pkg-static update pfSense-upgradeThen the issue is something in the way the gui runs those.
Steve
Because php gui often has problems, since then I have used the cli command window to perform upgrades.
-
@stephenw10 said in some services show can't start:
pfSense-repoc
pkg-static update
pfSense-upgradeOk so run those commands in that order to do upgrades from the CLI and see if you still see failures.
-
https://redmine.pfsense.org/issues/14890
run the command
/sbin/ifconfig tun_wg3 inet6 'fe80::32ed:b7ff:fe85:93d3' -alias
show:ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
wireguard still can't start service . in fact, wirgaurd have been running.
-
Yes it's likely because that command is trying to remove an alias from the interface that doesn't exist?
-
when wiregaurd restart, then wg interface was lost?
I used the manually added fe80 address. When I restarted the wg service, the fe80 address disappeared.
-
So, to be clear, how was this setup in 23.05.1? Assuming it worked as expected there?
-
The settings are brought over from the 23.05 configuration.
Maybe I found the reason why starting wg service cannot be displayed.
when setup wiregaurd endpoint address use pfsense LAN gateway ipv6 address, then pfsense show can't start wiregaurd service.
Could you try test this?
-
So you were adding the IPv6 LL addresses as IPAliases VIPs in 23.05.1 also?
Is the LAN IPv6 address not valid?
-
@stephenw10 said in some services show can't start:
So you were adding the IPv6 LL addresses as IPAliases VIPs in 23.05.1 also?
yes.Is the LAN IPv6 address not valid?
when wireguard endpoint input Lan ip, then pfsense can't start wg service. but in fact wg is normal running.
i have try deleted endpoint LAN ip, only use 127.0.0.1 ,then pfsense may start wg service. -
Right but the LAN IPv6 address it's set to use is a valid address at the time WG tries to start?
-
@stephenw10 said in some services show can't start:
Right but the LAN IPv6 address it's set to use is a valid address at the time WG tries to start?
yes, it is public ipv6 valid address.
-
use 127.0.0.1 wg endpoint address can't start service also now.
23.09-BETA (amd64)
built on Wed Oct 18 14:00:00 CST 2023
FreeBSD 14.0-CURRENTOct 18 22:05:57 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Oct 18 22:05:57 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Default gateway setting frwg0 as default. Oct 18 22:05:55 check_reload_status 1217 Syncing firewall Oct 18 22:05:54 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary. Oct 18 22:05:53 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard). Oct 18 22:05:52 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard). Oct 18 22:05:51 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard). Oct 18 22:05:50 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard). Oct 18 22:05:49 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s). Oct 18 22:05:48 check_reload_status 1217 Syncing firewall Oct 18 22:05:48 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s). Oct 18 22:05:40 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for UKWG Oct 18 22:05:40 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i UKWG -B 10.18.1.2 -p /var/run/dpinger_UKWG~10.18.1.2~10.18.1.1.pid -u /var/run/dpinger_UKWG~10.18.1.2~10.18.1.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.18.1.1 >/dev/null' returned exit code '1', the output was '' Oct 18 22:05:40 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW Oct 18 22:05:39 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway FMTZHU Oct 18 22:05:39 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway DEwg Oct 18 22:05:37 check_reload_status 1217 Syncing firewall Oct 18 22:05:37 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary. Oct 18 22:05:35 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard). Oct 18 22:05:35 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard). Oct 18 22:05:33 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard). Oct 18 22:05:33 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard). Oct 18 22:05:32 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s). Oct 18 22:05:32 check_reload_status 1217 Syncing firewall Oct 18 22:05:32 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s). Oct 18 22:05:26 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for OPT7GW Oct 18 22:05:26 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i OPT7GW -B 10.17.2.2 -p /var/run/dpinger_OPT7GW~10.17.2.2~10.17.2.1.pid -u /var/run/dpinger_OPT7GW~10.17.2.2~10.17.2.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.17.2.1 >/dev/null' returned exit code '1', the output was '' Oct 18 22:05:26 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW Oct 18 22:05:26 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway WAN_PPPOE Oct 18 22:05:24 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary. Oct 18 22:05:23 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard). Oct 18 22:05:22 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard). Oct 18 22:05:21 check_reload_status 1217 Syncing firewall Oct 18 22:05:21 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard). Oct 18 22:05:21 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard). Oct 18 22:05:20 check_reload_status 1217 Syncing firewall Oct 18 22:05:20 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s). Oct 18 22:05:20 check_reload_status 1217 Syncing firewall Oct 18 22:05:19 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s). Oct 18 22:05:12 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for DEwgGW Oct 18 22:05:12 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i DEwgGW -B 10.11.0.2 -p /var/run/dpinger_DEwgGW~10.11.0.2~10.11.0.1.pid -u /var/run/dpinger_DEwgGW~10.11.0.2~10.11.0.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.11.0.1 >/dev/null' returned exit code '1', the output was '' Oct 18 22:05:05 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary. Oct 18 22:05:04 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard). Oct 18 22:05:03 check_reload_status 1217 Syncing firewall Oct 18 22:05:03 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard). Oct 18 22:05:01 check_reload_status 1217 Syncing firewall Oct 18 22:05:01 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard). Oct 18 22:05:00 check_reload_status 1217 Syncing firewall Oct 18 22:04:59 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard). Oct 18 22:04:58 check_reload_status 1217 Syncing firewall Oct 18 22:04:57 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s). Oct 18 22:04:57 check_reload_status 1217 Syncing firewall Oct 18 22:04:57 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s). Oct 18 22:04:49 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: Error starting gateway monitor for wg3GW Oct 18 22:04:49 php_wg 48848 /usr/local/pkg/wireguard/includes/wg_service.inc: The command '/usr/local/bin/dpinger -S -r 0 -i wg3GW -B 10.15.1.2 -p /var/run/dpinger_wg3GW~10.15.1.2~10.15.1.1.pid -u /var/run/dpinger_wg3GW~10.15.1.2~10.15.1.1.sock -C "/etc/rc.gateway_alarm" -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 600 -L 80 10.15.1.1 >/dev/null' returned exit code '1', the output was '' Oct 18 22:04:48 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg3GW Oct 18 22:04:48 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0 Oct 18 22:04:48 php-fpm 60021 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway wg0GW -
Filter Reload
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:11:20
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:12:14
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:13:08
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12 -
What address is that mapping supposed to be from?
-
no setup Port Forward for pppoe2. I don't know where this comes from either.
-
It's a 1:1 NAT rule.
Do you have any 1:1 NAT rules? Perhaps the interface got switched out somehow.
-
@yon-0 said in some services show can't start:
Filter Reload
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:11:20
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:12:14
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12
@ 2023-10-24 00:13:08
There were error(s) loading the rules: /tmp/rules.debug:198: syntax error - The line in question reads [198]: binat on pppoe2 inet from to any -> 10.1.7.12Thank you for reporting this. The fix should be in the next snapshot. See https://redmine.pfsense.org/issues/14918
If that fixes it for you, please let us know here or on the redmine report.
-
Services: Shellcmd
I added 6 shellcmd configurations, but when the system restarts, the 5th-6th shellcmd configurations cannot be executed.
