Post DR package repo not available in 2.7.2

stephenw10

If ssh guard is being restarted very often that means at least one of the logs is being rotated often. And that implies something is happening that's generating a lot of logs.

Check the logs (ls -ls /var/log) so see which log is rotating and what's in it.

Steve

MakOwner

@stephenw10
nginx, filter and gateways logs have rotated more than others but the filter log looks like it does so more frequently.

rw-------   1 root wheel 144457 Feb  1 07:36 auth.log
-rw-r--r--   1 root wheel  44790 Jan 29 08:39 bsdinstall_log
-rw-------   1 root wheel 410497 Feb  1 07:35 dhcpd.log
-rw-------   1 root wheel  14347 Jan 31 17:00 dhcpd.log.0.bz2
-rw-------   1 root wheel  16915 Jan 30 20:35 dhcpd.log.1.bz2
-rw-r--r--   1 root wheel  15164 Jan 31 05:46 dmesg.boot
-rw-------   1 root wheel 437599 Feb  1 07:36 filter.log
-rw-------   1 root wheel  23772 Feb  1 07:34 filter.log.0.bz2
-rw-------   1 root wheel  23153 Feb  1 07:31 filter.log.1.bz2
-rw-------   1 root wheel  23168 Feb  1 07:28 filter.log.2.bz2
-rw-------   1 root wheel  23363 Feb  1 07:25 filter.log.3.bz2
-rw-------   1 root wheel  23705 Feb  1 07:22 filter.log.4.bz2
-rw-------   1 root wheel  23334 Feb  1 07:19 filter.log.5.bz2
-rw-------   1 root wheel  23087 Feb  1 07:16 filter.log.6.bz2
-rw-------   1 root wheel 503608 Feb  1 07:11 gateways.log
-rw-------   1 root wheel   8957 Jan 30 03:44 gateways.log.0.bz2
-rw-------   1 root wheel   8032 Jan 30 02:44 gateways.log.1.bz2
-rw-------   1 root wheel   8120 Jan 30 01:46 gateways.log.2.bz2
-rw-------   1 root wheel   8103 Jan 30 00:48 gateways.log.3.bz2
-rw-------   1 root wheel   7979 Jan 29 23:50 gateways.log.4.bz2
-rw-------   1 root wheel   7617 Jan 29 22:52 gateways.log.5.bz2
-rw-------   1 root wheel   7791 Jan 29 21:54 gateways.log.6.bz2
-rw-------   1 root wheel      0 Jan 31 05:45 ipsec.log
-rw-------   1 root wheel      0 Jan 31 05:45 l2tps.log
-rw-r--r--   1 root wheel      0 Jan 29 10:53 lastlog
drwxr-xr-x   2 root wheel      3 Jan 29 09:18 nginx
-rw-------   1 root wheel 334891 Feb  1 07:33 nginx.log
-rw-------   1 root wheel  10109 Jan 31 19:53 nginx.log.0.bz2
-rw-------   1 root wheel  10127 Jan 31 19:21 nginx.log.1.bz2
-rw-------   1 root wheel  10021 Jan 31 18:49 nginx.log.2.bz2
-rw-------   1 root wheel  10032 Jan 31 18:17 nginx.log.3.bz2
-rw-------   1 root wheel  10079 Jan 31 17:45 nginx.log.4.bz2
-rw-------   1 root wheel  10014 Jan 31 17:13 nginx.log.5.bz2
-rw-------   1 root wheel  10562 Jan 31 16:41 nginx.log.6.bz2
drwxr-xr-x   2 root wheel      2 Jan 29 09:18 ntp
-rw-------   1 root wheel 351580 Jan 31 06:43 ntpd.log
-rw-------   1 root wheel      0 Jan 31 05:45 openvpn.log
-rw-------   1 root wheel      0 Jan 31 05:45 poes.log
-rw-------   1 root wheel      0 Jan 31 05:45 portalauth.log
-rw-------   1 root wheel      0 Jan 31 05:45 ppp.log
-rw-------   1 root wheel 265790 Feb  1 07:33 resolver.log
-rw-------   1 root wheel  11140 Jan 30 08:02 resolver.log.0.bz2
-rw-------   1 root wheel      0 Jan 31 05:45 routing.log
-rw-------   1 root wheel  41041 Feb  1 07:36 system.log
-rw-------   1 root wheel  35445 Jan 31 21:00 system.log.0.bz2
-rw-------   1 root wheel   6318 Jan 31 05:46 userlog
-rw-r--r--   1 root wheel    394 Feb  1 07:36 utx.lastlogin
-rw-------   1 root wheel   1555 Feb  1 07:36 utx.log
-rw-------   1 root wheel      0 Jan 31 05:45 vpn.log
-rw-------   1 root wheel      0 Jan 31 05:45 wireless.log

MakOwner

@stephenw10

I have two gateways for this firewall -- the default to the WAN and another interface that routes to another pfsense firewall in another building.
It's a 10G link between buildings for backups and access to the private network there.

This hopefully doesn't affect anything as it worked without issues with 2.6.x virtualized -- maybe some logging setting is wrong for the private gateway?

MakOwner

I see a lot of this in the firewall logs:

stephenw10

Yeah that's rotating every few minutes. Unless you have very limited disk space I would set the firewall log larger so it rotates less frequetly and disable log compression so it isn't taxing the CPU each time.

You might also consider changing the ruleset to log less depending on what it's logging.

MakOwner

I'll do that and pursue the question of why the firewall is being flooded from that private IP range with the ISP ...

I've got overly large disk space for this firewall so I bumped log size from 512000 to 5120000 an turned off compression.

Filesystem                            Size    Used   Avail Capacity  Mounted on
pfSense/var/log                       729G    825K    729G     0%    /var/log

stephenw10

Ah, nice. Well it would be trivial to add a block rule for just UDP port 10002 without logging enabled. That traffic is odd though I agree.

MakOwner

@stephenw10
I reinstalled, but the recovery of the configuration via config.xml in either the root or a copy on /conf (of a fat32 formatted USB stick) doesn't work.
I had to configure wan and lan, connect an restore through the GUI.
back to not being able to even get a list of available packages in the GUI. :/

I just saw a noticed the little alarm bell is lit up:

The config file I restored had this for packages:
<installedpackages>
</installedpackages>

What could have possibly re-installed?

MakOwner

@MakOwner

pfSense-repoc
pfSense-repoc: failed to fetch the repo data
failed to read the repo data.

I really used to like pfsense but I really am starting to get discouraged.

MakOwner

@MakOwner
Speaking of disappointments, where do you file bugs?
You can't position widgets on the dashboard at the bottom of a column.
Widgets will only "stick" in a column above another widget.

MakOwner

@MakOwner
I should probably start another thread over this...
I installed apcupsd using the cli.
Installed nice and quick.

Getting it to work on the other hand ...
What's the magic?

I have an APC RM 2200 connected via USB.
I have no issues with USB connection (using the same cable) to linux desktop...

I miss the good old days when things worked :/

stephenw10

What does pkg-static -d update show?

Does the config actually contain any installed packages? I've never seen that report success when it couldn't reach the package server.

How did you format the USB drive? I've noticed Windows will try to use some proprietary format if you're not careful.

Steve

stephenw10

We use redmine for bug reports: https://redmine.pfsense.org/

MakOwner

This post is deleted!

MakOwner

@stephenw10
No -- the config file looked like this:

<installedpackages>
</installedpackages>

I used a Linux desktop to format the 4GB USB to fat32

stephenw10

Ah, OK. Then yes the reinstall process completes as expected; no packages are installed. That obviously doesn't require pkh repo access so it succeeds.

Hmm, I would certainly expect a Linux created FAT32 stick to work. I use that process all the time. Perhaps the drive is not detected at all for some reason? If you connect it now do you see it reported in the system log?

@stephenw10 said in Post DR package repo not available in 2.7.2:

What does pkg-static -d update show?

MakOwner

@stephenw10
I have just given up.

I can get the two packages I want installed from the CLI.

It would be really, really helpful if you didn't have to guess at package names at the CLI.
Is displaying the the actual package name in the GUI that difficult?

Try installing pfblockerng from the cli (if you don't already know the package name) to see what I mean ...

stephenw10

You can use 'pkg search' like:

[2.7.2-RELEASE][admin@t70.stevew.lan]/root: pkg search pfSense-pkg
pfSense-pkg-Avahi-2.2_4        pfSense package Avahi
pfSense-pkg-Backup-0.6         pfSense package Backup
pfSense-pkg-Cron-0.3.8_3       pfSense package Cron
pfSense-pkg-FTP_Client_Proxy-0.3_8 pfSense package FTP_Client_Proxy
pfSense-pkg-Filer-0.60.6_8     pfSense package Filer
pfSense-pkg-LADVD-1.2.2_3      pfSense package LADVD
pfSense-pkg-LCDproc-0.11.5_1   LCDproc package for pfSense
pfSense-pkg-Lightsquid-3.0.7_3 pfSense package Lightsquid
pfSense-pkg-Netgate_Firmware_Upgrade-0.47 pfSense package Netgate Firmware Upgrade
pfSense-pkg-Notes-0.2.9_5      pfSense package Notes
pfSense-pkg-Open-VM-Tools-10.1.0_5,1 pfSense package Open-VM-Tools
pfSense-pkg-RRD_Summary-2.2    pfSense package RRD_Summary
pfSense-pkg-Service_Watchdog-1.8.7_1 pfSense package Service_Watchdog
pfSense-pkg-Shellcmd-1.0.5_3   pfSense package Shellcmd
pfSense-pkg-Status_Traffic_Totals-2.3.2_3 Traffic Totals using the vnStat database
pfSense-pkg-System_Patches-2.2.9_1 pfSense package System_Patches
pfSense-pkg-Tailscale-0.1.4    pfSense package Tailscale
pfSense-pkg-Telegraf-0.9_6     pfSense package Telegraf
pfSense-pkg-WireGuard-0.2.1    pfSense package WireGuard
pfSense-pkg-acme-0.7.5         ACME package for pfSense
pfSense-pkg-apcupsd-0.3.92_1   pfSense package apcupsd
pfSense-pkg-arping-1.2.2_4     pfSense package arping
pfSense-pkg-arpwatch-0.2.1     Arpwatch package for pfSense
pfSense-pkg-bandwidthd-0.7.5   BandwidthD package for pfSense
pfSense-pkg-bind-9.17          BIND DNS suite with updated DNSSEC and DNS64
pfSense-pkg-cellular-1.2.3_3   Voleatech Cellular Module Interface
pfSense-pkg-darkstat-3.1.3_6   pfSense package darkstat
pfSense-pkg-freeradius3-0.15.10_1 FreeRADIUS 3.x package for pfSense
pfSense-pkg-frr-2.0.2_1        FRR package for pfSense
pfSense-pkg-haproxy-0.63_1     pfSense package haproxy
pfSense-pkg-haproxy-devel-0.63_1 pfSense package haproxy-devel
pfSense-pkg-iperf-3.0.3        pfSense package iperf
pfSense-pkg-lldpd-0.9.11_2     802.1ab Link Layer Discovery Protocol (LLDP) daemon
pfSense-pkg-mailreport-3.6.4_1 pfSense package mailreport
pfSense-pkg-mtr-nox11-0.85.6_3 pfSense package mtr-nox11
pfSense-pkg-net-snmp-0.1.5_11  Net-SNMP package for pfSense
pfSense-pkg-nmap-1.4.4_7       pfSense package nmap
pfSense-pkg-node_exporter-0.18.1_3 pfSense package node_exporter
pfSense-pkg-nrpe-4.1           pfSense package nrpe
pfSense-pkg-ntopng-0.8.13_10   pfSense package ntopng
pfSense-pkg-nut-2.8.2          Network UPS Tools
pfSense-pkg-openvpn-client-export-1.9.2 pfSense package openvpn-client-export
pfSense-pkg-pfBlockerNG-3.2.0_7 pfSense package pfBlockerNG
pfSense-pkg-pfBlockerNG-devel-3.2.0_7 pfSense package pfBlockerNG
pfSense-pkg-pimd-0.0.3_6       PIMD package for pfSense
pfSense-pkg-siproxd-1.1.4_1    pfSense package siproxd
pfSense-pkg-snmptt-1.0.0_1     pfSense package snmptt
pfSense-pkg-snort-4.1.6_14     pfSense package snort
pfSense-pkg-softflowd-1.2.6_1  pfSense package softflowd
pfSense-pkg-squid-0.4.46       pfSense package squid
pfSense-pkg-squidGuard-1.16.19 pfSense package squidGuard
pfSense-pkg-stunnel-5.50_11    pfSense package stunnel
pfSense-pkg-sudo-0.3_8         pfSense package sudo
pfSense-pkg-suricata-7.0.2_3   pfSense package suricata
pfSense-pkg-syslog-ng-1.16     pfSense package syslog-ng
pfSense-pkg-tftpd-0.1.3_4      pfSense package for tftp server
pfSense-pkg-tinc-1.0.35_3      pfSense package tinc
pfSense-pkg-udpbroadcastrelay-1.0 pfSense package UDP Broadcast Relay
pfSense-pkg-zabbix-agent4-1.0.6 pfSense package zabbix-agent
pfSense-pkg-zabbix-agent5-1.0.6 pfSense package zabbix-agent
pfSense-pkg-zabbix-agent6-1.0.6 pfSense package zabbix-agent
pfSense-pkg-zabbix-agent64-1.0.6 pfSense package zabbix-agent
pfSense-pkg-zabbix-proxy4-1.0.6 pfSense package zabbix-proxy
pfSense-pkg-zabbix-proxy5-1.0.6 pfSense package zabbix-proxy
pfSense-pkg-zabbix-proxy6-1.0.6 pfSense package zabbix-proxy
pfSense-pkg-zabbix-proxy64-1.0.6 pfSense package zabbix-proxy
pfSense-pkg-zeek-3.0.6_4       Zeek Network Security Monitor package for pfSense