WAN only connects on unplug and plug back in
-
Yes, that's what I pointed out above. It may or may not be the issue but it's certainly suspicious.
What interface references are you seeing now?
What packages do you still have installed?
-
@stephenw10 Packages
And these still hanging around
Aug 20 18:29:28 vnstatd 41582 vnStat daemon 2.11 (pid:41582 uid:0 gid:0, SQLite 3.43.1) Aug 20 18:29:28 vnstatd 41582 Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries Aug 20 18:29:28 vnstatd 41582 Monitoring (22): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) tun_wg1 (1000 Mbit) tun_wg0 (1000 Mbit) pppoe0 (1000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit) em1 (1000 Mbit) em0.999 (1000 Mbit) em0.40 (1000 Mbit) em0.30 (1000 Mbit) em0.20 (1000 Mbit) em0.10 (1000 Mbit) em0 (1000 Mbit) Aug 20 18:29:28 vnstatd 45241 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting. Aug 20 18:29:28 vnstatd 41582 Interface "tun_wg1" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "tun_wg0" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "pppoe0" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em1" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0.999" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0.40" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0.30" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0.20" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0.10" disabled. Aug 20 18:29:28 vnstatd 41582 Interface "em0" disabled. Aug 20 18:29:28 tail_pfb 46393 [pfBlockerNG] Firewall Filter Service stopped Aug 20 18:29:29 php_pfb 47122 [pfBlockerNG] filterlog daemon stopped Aug 20 18:29:29 tail_pfb 53027 [pfBlockerNG] Firewall Filter Service started Aug 20 18:29:29 root 53976 Bootup complete
-
Do you still see those is Bandwidthd and darkstat are disabled?
-
@stephenw10 yes, I removed both packages and not reinstalled and the interface references are still there after a reboot
-
Hmm, and still from vnstatd?
I'd backup the config and search it directly for em references.
-
@stephenw10 yes vmstatd, bit difficult on a phone atm, I'll save and look at the config.
-
Right then, No reference to em interfaces at all only vtnet ones.
Ah-ha ! I removed Traffic totals and rebooted and the vnstatd interfaces references have gone.
Although the rebooting WAN issues remains
-
Ah, you may need to clear the traffic totals data then if you still need that. Though it clearly isn't what's preventing the default route.
-
@stephenw10 The traffic totals cleared themselves but I also reset them.
For clarity here is the log now.
------------- pfSense rebooted ------------ Aug 21 12:37:54 kernel Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV> Aug 21 12:37:54 kernel AMD Features=0x20100800<SYSCALL,NX,LM> Aug 21 12:37:54 kernel AMD Features2=0x1<LAHF> Aug 21 12:37:54 kernel Hypervisor: Origin = "KVMKVMKVM" Aug 21 12:37:54 kernel intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0 Aug 21 12:37:54 kernel intsmb0: intr IRQ 9 enabled revision 0 Aug 21 12:37:54 kernel smbus0: <System Management Bus> on intsmb0 Aug 21 12:37:54 kernel aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS> Aug 21 12:37:54 kernel lo0: link state changed to UP Aug 21 12:37:54 kernel vtnet0: link state changed to UP Aug 21 12:37:54 kernel vlan0: changing name to 'vtnet0.10' Aug 21 12:37:54 php-cgi 453 rc.bootup: The command '/sbin/ifconfig 'vtnet1' inet6 delete' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address' Aug 21 12:37:54 kernel vlan1: changing name to 'vtnet0.20' Aug 21 12:37:54 kernel vlan2: changing name to 'vtnet0.30' Aug 21 12:37:54 kernel vlan3: changing name to 'vtnet0.40' Aug 21 12:37:54 kernel vlan4: changing name to 'vtnet0.999' Aug 21 12:37:54 kernel vtnet1: link state changed to UP Aug 21 12:37:54 check_reload_status 428 Linkup starting vtnet1 Aug 21 12:37:54 php-cgi 453 rc.bootup: The command '/sbin/ifconfig 'vtnet1' media 'autoselect'' returned exit code '1', the output was 'ifconfig: SIOCSIFMEDIA (media): Operation not supported' Aug 21 12:37:54 kernel [fib_algo] inet.0 (bsearch4#28) rebuild_fd_flm: switching algo to radix4_lockless Aug 21 12:37:54 check_reload_status 428 rc.newwanip starting vtnet1 Aug 21 12:37:55 php-fpm 396 /rc.linkup: Ignoring link event during boot sequence. Aug 21 12:37:55 php-fpm 397 /rc.newwanip: rc.newwanip: Info: starting on vtnet1. Aug 21 12:37:55 php-fpm 397 /rc.newwanip: rc.newwanip: on (IP address: x.x.x.x) (interface: WAN[wan]) (real interface: vtnet1). Aug 21 12:37:56 check_reload_status 428 starting sshd Aug 21 12:37:56 php-cgi 453 rc.bootup: Resyncing OpenVPN instances. Aug 21 12:37:56 kernel done. Aug 21 12:37:56 kernel tun1: changing name to 'ovpns1' Aug 21 12:37:57 kernel ovpns1: link state changed to UP Aug 21 12:37:57 kernel tun2: changing name to 'ovpnc2' Aug 21 12:37:57 check_reload_status 428 rc.newwanip starting ovpns1 Aug 21 12:37:57 sshd 77964 Server listening on :: port 22. Aug 21 12:37:57 sshd 77964 Server listening on 0.0.0.0 port 22. Aug 21 12:37:57 sshguard 78881 Now monitoring attacks. Aug 21 12:37:58 kernel pflog0: promiscuous mode enabled Aug 21 12:37:58 php-fpm 396 /rc.newwanip: rc.newwanip: Info: starting on ovpns1. Aug 21 12:37:58 php-fpm 396 /rc.newwanip: Interface is disabled, nothing to do. Aug 21 12:38:01 kernel .done. Aug 21 12:38:01 kernel done. Aug 21 12:38:03 php-cgi 453 rc.bootup: Default gateway setting Interface WAN_DHCP Gateway as default. Aug 21 12:38:03 php-cgi 453 rc.bootup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:38:03 kernel done. Aug 21 12:38:07 php-cgi 453 rc.bootup: sync unbound done. Aug 21 12:38:07 kernel done. Aug 21 12:38:09 kernel done. Aug 21 12:38:39 kernel done. Aug 21 12:38:39 php-cgi 453 rc.bootup: NTPD is starting up. Aug 21 12:38:39 kernel done. Aug 21 12:38:40 check_reload_status 428 Updating all dyndns Aug 21 12:38:40 kernel done. Aug 21 12:38:41 kernel . Aug 21 12:38:41 kernel .. Aug 21 12:38:42 php-cgi 453 rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).' Aug 21 12:38:42 kernel .done. Aug 21 12:38:46 php-cgi 453 rc.bootup: The command '/sbin/camcontrol standby da0 -t 0.5' returned exit code '1', the output was 'camcontrol: ATA STANDBY via pass_16 failed' Aug 21 12:38:46 php-cgi 453 rc.bootup: Creating rrd update script Aug 21 12:38:46 php-cgi 453 rc.bootup: The command '/usr/sbin/powerd -b 'min' -a 'min' -n 'min'' returned exit code '69', the output was 'powerd: no cpufreq(4) support -- aborting: No such file or directory' Aug 21 12:38:46 kernel done. Aug 21 12:38:47 syslogd exiting on signal 15 Aug 21 12:38:47 syslogd kernel boot file is /boot/kernel/kernel Aug 21 12:38:47 kernel done. Aug 21 12:38:47 php-cgi 92079 notify_monitor.php: Could not send the message to alert@XXXXXXXX.com -- Error: Failed to connect to ssl://smtp.googlemail.com:465 [SMTP: Failed to connect socket: php_network_getaddresses: getaddrinfo for smtp.googlemail.com failed: Name does not resolve (code: -1, response: )] Aug 21 12:38:47 php-fpm 397 /rc.start_packages: Restarting/Starting all packages. Aug 21 12:38:48 lighttpd_pfb 14154 [pfBlockerNG] DNSBL Webserver stopped Aug 21 12:38:48 lighttpd_pfb 15549 [pfBlockerNG] DNSBL Webserver started Aug 21 12:38:48 php 16207 [pfBlockerNG] DNSBL parser daemon started Aug 21 12:38:50 php-fpm 397 [pfBlockerNG] Starting firewall filter daemon Aug 21 12:38:50 tail_pfb 6980 [pfBlockerNG] Firewall Filter Service stopped Aug 21 12:38:50 php_pfb 7757 [pfBlockerNG] filterlog daemon stopped Aug 21 12:38:50 tail_pfb 9955 [pfBlockerNG] Firewall Filter Service started Aug 21 12:38:50 php_pfb 10695 [pfBlockerNG] filterlog daemon started Aug 21 12:38:50 vnstatd 16176 vnStat daemon 2.11 (pid:16176 uid:0 gid:0, SQLite 3.43.1) Aug 21 12:38:50 vnstatd 16176 Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit) Aug 21 12:38:53 arpwatch 18952 listening on vtnet0.10 Aug 21 12:38:53 kernel vtnet0: promiscuous mode enabled Aug 21 12:38:53 kernel vtnet0.10: promiscuous mode enabled Aug 21 12:38:53 arpwatch 18794 listening on vtnet0 Aug 21 12:38:53 arpwatch 19547 listening on vtnet0.30 Aug 21 12:38:53 kernel vtnet0.30: promiscuous mode enabled Aug 21 12:38:53 arpwatch 19188 listening on vtnet0.20 Aug 21 12:38:53 kernel vtnet0.20: promiscuous mode enabled Aug 21 12:38:53 arpwatch 20053 Link layer type 0 not ethernet or fddi Aug 21 12:38:53 kernel ovpnc2: promiscuous mode enabled Aug 21 12:38:54 kernel ovpnc2: promiscuous mode disabled Aug 21 12:38:54 kernel vtnet0.999: promiscuous mode enabled Aug 21 12:38:53 arpwatch 20289 listening on vtnet0.999 Aug 21 12:38:54 arpwatch 20571 pcap open : : No such device exists (No such device exists) Aug 21 12:38:54 arpwatch 20902 listening on vtnet1 Aug 21 12:38:54 kernel vtnet1: promiscuous mode enabled Aug 21 12:38:58 php-fpm 43380 /index.php: Successful login for user 'admin' from: 192.168.2.21 (Local Database) Aug 21 12:38:58 sshguard 26469 Now monitoring attacks. Aug 21 12:39:01 vnstatd 17978 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting. Aug 21 12:39:01 vnstatd 20270 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting. Aug 21 12:39:01 lighttpd_pfb 21446 [pfBlockerNG] DNSBL Webserver stopped Aug 21 12:39:01 tail_pfb 22424 [pfBlockerNG] Firewall Filter Service stopped Aug 21 12:39:01 php_pfb 22989 [pfBlockerNG] filterlog daemon stopped Aug 21 12:39:01 lighttpd_pfb 26879 [pfBlockerNG] DNSBL Webserver started Aug 21 12:39:01 tail_pfb 28083 [pfBlockerNG] Firewall Filter Service started Aug 21 12:39:01 php_pfb 28887 [pfBlockerNG] filterlog daemon started Aug 21 12:39:01 php 31423 [pfBlockerNG] DNSBL parser daemon started Aug 21 12:39:27 vnstatd 16176 SIGTERM received, exiting. Aug 21 12:39:27 root 27425 Bootup complete Aug 21 12:39:29 login 67823 login on ttyv0 as root Aug 21 12:39:33 arpwatch 18794 bogon 0.0.0.0 fc:b4:67:d4:db:b0 Aug 21 12:39:33 arpwatch 18794 bogon 0.0.0.0 fc:b4:67:d4:db:b0 Aug 21 12:39:34 arpwatch 18794 bogon 0.0.0.0 fc:b4:67:d4:db:b0 ----------- TOGGLED WAN DOWN TO UP ------------ Aug 21 12:45:48 kernel vtnet1: link state changed to DOWN Aug 21 12:45:48 check_reload_status 428 Linkup starting vtnet1 Aug 21 12:45:49 php-fpm 397 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Aug 21 12:45:49 php-fpm 397 /rc.linkup: DEVD Ethernet detached event for wan Aug 21 12:45:50 check_reload_status 428 updating dyndns WAN_DHCP Aug 21 12:45:50 check_reload_status 428 Restarting IPsec tunnels Aug 21 12:45:50 check_reload_status 428 Restarting OpenVPN tunnels/interfaces Aug 21 12:45:50 check_reload_status 428 Reloading filter Aug 21 12:45:50 rc.gateway_alarm 13675 >>> Gateway alarm: WAN_DHCP (Addr:x.x.x.x Alarm:down RTT:0ms RTTsd:0ms Loss:100%) Aug 21 12:45:51 php-fpm 396 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:45:51 php-fpm 396 /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use WAN_DHCP. Aug 21 12:45:53 check_reload_status 428 Linkup starting vtnet1 Aug 21 12:45:53 kernel vtnet1: link state changed to UP Aug 21 12:46:00 php-cgi 55521 servicewatchdog_cron.php: Service Watchdog detected service dpinger stopped. Restarting dpinger (Gateway Monitoring Daemon) Aug 21 12:46:00 php-cgi 57907 notify_monitor.php: Could not send the message to alert@xxxxxxx.com -- Error: Failed to connect to ssl://smtp.googlemail.com:465 [SMTP: Failed to connect socket: php_network_getaddresses: getaddrinfo for smtp.googlemail.com failed: Name does not resolve (code: -1, response: )] Aug 21 12:46:01 check_reload_status 428 Reloading filter Aug 21 12:46:01 php-fpm 396 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Aug 21 12:46:01 php-fpm 396 /rc.linkup: DEVD Ethernet attached event for wan Aug 21 12:46:01 php-fpm 396 /rc.linkup: HOTPLUG: Configuring interface wan Aug 21 12:46:01 php-fpm 396 /rc.linkup: The command '/sbin/ifconfig 'vtnet1' media 'autoselect'' returned exit code '1', the output was 'ifconfig: SIOCSIFMEDIA (media): Operation not supported' Aug 21 12:46:02 check_reload_status 428 rc.newwanip starting vtnet1 Aug 21 12:46:02 php-fpm 396 /rc.linkup: Default gateway setting Interface WAN_DHCP Gateway as default. Aug 21 12:46:02 php-fpm 396 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:46:02 check_reload_status 428 Restarting IPsec tunnels Aug 21 12:46:03 php-fpm 397 /rc.newwanip: rc.newwanip: Info: starting on vtnet1. Aug 21 12:46:03 php-fpm 397 /rc.newwanip: rc.newwanip: on (IP address: x.x.x.x) (interface: WAN[wan]) (real interface: vtnet1). Aug 21 12:46:04 arpwatch 20902 bogon x.x.x.x d4:5a:3f:3c:db:09 Aug 21 12:46:12 kernel ovpnc2: link state changed to UP Aug 21 12:46:12 check_reload_status 428 rc.newwanip starting ovpnc2 Aug 21 12:46:13 php-fpm 907 /rc.newwanip: rc.newwanip: Info: starting on ovpnc2. Aug 21 12:46:13 php-fpm 907 /rc.newwanip: rc.newwanip: on (IP address: 10.16.0.2) (interface: PROTONVPN_NL[opt4]) (real interface: ovpnc2). Aug 21 12:46:37 php-fpm 397 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:46:37 php-fpm 397 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0. Aug 21 12:46:40 php-fpm 907 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:46:47 check_reload_status 428 updating dyndns wan Aug 21 12:46:47 check_reload_status 428 Reloading filter Aug 21 12:46:48 arpwatch 20902 bogon x.x.x.x d4:5a:3f:3c:db:09 Aug 21 12:47:16 php-fpm 397 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Aug 21 12:47:16 php-fpm 397 OpenVPN terminate old pid: 66100 Aug 21 12:47:16 kernel ovpns1: link state changed to DOWN Aug 21 12:47:19 pfSctl 64586 could not finish read in a reasonable time. Action of event might not be completed. Aug 21 12:47:20 php-fpm 397 /rc.newwanip: OpenVPN ID server1 PID 66100 still running, killing. Aug 21 12:47:20 php-fpm 397 OpenVPN PID written: 81805 Aug 21 12:47:20 kernel ovpns1: link state changed to UP Aug 21 12:47:22 check_reload_status 428 Reloading filter Aug 21 12:47:22 check_reload_status 428 Reloading filter Aug 21 12:47:22 check_reload_status 428 rc.newwanip starting ovpns1 Aug 21 12:47:22 php-fpm 397 OpenVPN terminate old pid: 83659 Aug 21 12:47:23 php-fpm 49815 /rc.newwanip: rc.newwanip: Info: starting on ovpns1. Aug 21 12:47:23 php-fpm 49815 /rc.newwanip: Interface is disabled, nothing to do. Aug 21 12:47:23 kernel ovpnc2: link state changed to DOWN Aug 21 12:47:23 check_reload_status 428 Reloading filter Aug 21 12:47:24 php-fpm 397 OpenVPN PID written: 24831 Aug 21 12:47:24 php-fpm 397 /rc.newwanip: Creating rrd update script Aug 21 12:47:26 kernel ovpnc2: link state changed to UP Aug 21 12:47:26 check_reload_status 428 rc.newwanip starting ovpnc2 Aug 21 12:47:26 php-fpm 397 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> x.x.x.x - Restarting packages. Aug 21 12:47:26 check_reload_status 428 Starting packages Aug 21 12:47:27 php-fpm 43380 /rc.newwanip: rc.newwanip: Info: starting on ovpnc2. Aug 21 12:47:27 php-fpm 43380 /rc.newwanip: rc.newwanip: on (IP address: 10.22.0.3) (interface: PROTONVPN_NL[opt4]) (real interface: ovpnc2). Aug 21 12:47:27 php-fpm 396 /rc.start_packages: Restarting/Starting all packages. Aug 21 12:47:38 rc.gateway_alarm 92417 >>> Gateway alarm: PROTONVPN_NL_VPNV4 (Addr:10.16.0.2 Alarm:1 RTT:8.006ms RTTsd:49.594ms Loss:21%) Aug 21 12:47:38 check_reload_status 428 updating dyndns PROTONVPN_NL_VPNV4 Aug 21 12:47:38 check_reload_status 428 Restarting IPsec tunnels Aug 21 12:47:38 check_reload_status 428 Restarting OpenVPN tunnels/interfaces Aug 21 12:47:38 check_reload_status 428 Reloading filter Aug 21 12:47:39 php-fpm 397 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:47:39 php-fpm 397 /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use PROTONVPN_NL_VPNV4. Aug 21 12:47:52 php-fpm 907 /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1724240872] unbound[45808:0] error: bind: address already in use [1724240872] unbound[45808:0] fatal error: could not open ports' Aug 21 12:47:53 php-fpm 43380 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Aug 21 12:47:53 php-fpm 43380 /rc.newwanip: IP Address has changed, killing states on former IP Address 10.16.0.2. Aug 21 12:47:53 php-fpm 907 /rc.newwanip: Creating rrd update script Aug 21 12:47:55 php-fpm 907 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.16.0.2 -> 10.16.0.2 - Restarting packages. Aug 21 12:48:00 check_reload_status 428 Starting packages Aug 21 12:48:00 check_reload_status 428 Reloading filter Aug 21 12:48:01 php-fpm 45571 /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running Aug 21 12:48:31 php-fpm 43380 /rc.newwanip: Creating rrd update script Aug 21 12:48:33 kernel vtnet0.10: promiscuous mode disabled Aug 21 12:48:33 kernel vtnet1: promiscuous mode disabled Aug 21 12:48:33 kernel vtnet0.30: promiscuous mode disabled Aug 21 12:48:33 kernel vtnet0.20: promiscuous mode disabled Aug 21 12:48:33 kernel vtnet0.999: promiscuous mode disabled Aug 21 12:48:33 vnstatd 94480 vnStat daemon 2.11 (pid:94480 uid:0 gid:0, SQLite 3.43.1) Aug 21 12:48:33 vnstatd 94480 Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries Aug 21 12:48:33 vnstatd 94480 Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit) Aug 21 12:48:33 php-fpm 43380 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.16.0.2 -> 10.22.0.3 - Restarting packages. Aug 21 12:48:33 check_reload_status 428 Starting packages Aug 21 12:48:33 check_reload_status 428 Reloading filter Aug 21 12:48:34 php-fpm 397 /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running Aug 21 12:48:36 arpwatch 33916 listening on vtnet0 Aug 21 12:48:36 kernel vtnet0.10: promiscuous mode enabled Aug 21 12:48:36 arpwatch 34087 listening on vtnet0.10 Aug 21 12:48:36 kernel vtnet0.20: promiscuous mode enabled Aug 21 12:48:36 arpwatch 34436 listening on vtnet0.20 Aug 21 12:48:36 arpwatch 35139 Link layer type 0 not ethernet or fddi Aug 21 12:48:36 kernel vtnet0.30: promiscuous mode enabled Aug 21 12:48:36 kernel ovpnc2: promiscuous mode enabled Aug 21 12:48:36 kernel ovpnc2: promiscuous mode disabled Aug 21 12:48:36 arpwatch 34681 listening on vtnet0.30 Aug 21 12:48:36 arpwatch 35875 pcap open : : No such device exists (No such device exists) Aug 21 12:48:36 kernel vtnet0.999: promiscuous mode enabled Aug 21 12:48:36 kernel vtnet1: promiscuous mode enabled Aug 21 12:48:36 arpwatch 35559 listening on vtnet0.999 Aug 21 12:48:36 arpwatch 35992 listening on vtnet1 Aug 21 12:48:43 vnstatd 94480 SIGTERM received, exiting. Aug 21 12:48:43 vnstatd 50165 vnStat daemon 2.11 (pid:50165 uid:0 gid:0, SQLite 3.43.1) Aug 21 12:48:43 vnstatd 50165 Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries Aug 21 12:48:43 vnstatd 50165 Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit) Aug 21 12:48:43 vnstatd 52656 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting. Aug 21 12:48:43 lighttpd_pfb 53425 [pfBlockerNG] DNSBL Webserver stopped Aug 21 12:48:43 tail_pfb 55087 [pfBlockerNG] Firewall Filter Service stopped Aug 21 12:48:43 php_pfb 55982 [pfBlockerNG] filterlog daemon stopped Aug 21 12:48:43 tail_pfb 58619 [pfBlockerNG] Firewall Filter Service started Aug 21 12:48:43 lighttpd_pfb 60520 [pfBlockerNG] DNSBL Webserver started Aug 21 12:48:43 php_pfb 59060 [pfBlockerNG] filterlog daemon started Aug 21 12:48:43 php 61611 [pfBlockerNG] DNSBL parser daemon started Aug 21 12:49:00 php-cgi 67732 servicewatchdog_cron.php: Service Watchdog detected service telegraf stopped. Restarting telegraf (Telegraf daemon) Aug 21 12:49:06 php-cgi 70303 notify_monitor.php: Message sent to alert@xxxxxx.com OK Aug 21 12:50:00 php-fpm 45571 /status_logs.php: Configuration Change: admin@192.168.2.21 (Local Database): Log Display Settings Saved (no backup, no sync): General
-
@randombits said in WAN only connects on unplug and plug back in:
Aug 21 12:37:54 php-cgi 453 rc.bootup: The command '/sbin/ifconfig 'vtnet1' inet6 delete' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address'
Just spotted this I wonder if it's a issue ?
-
Unlikely, it probably doesn't have an IPv6 address.
Which pfSense version is this?
-
@stephenw10 I just remembered I did briefly enable IPv6 in the WAN basically to see if it would pick up an address from my ISP it did. But I undid it. I'm using version
pfSense CE version 2.7.2-RELEASE (amd64) built on Wed Dec 6 20:10:00 GMT 2023 FreeBSD 14.0-CURRENT
-
Hmm what do you see if you run?:
[2.7.2-RELEASE][admin@cedev-6.stevew.lan]/root: /sbin/route -n6 get 'default' route: route has not been found: No error: 0
For some reason that is returning 1 for you during bootup which is probably preventing the rest of the script running.
-
@stephenw10 When it's working ok the same as you
[2.7.2-RELEASE][root@pfSense.localdomain]/root: /sbin/route -n6 get 'default' route: route has not been found: No error: 0
I need to wait a bit before I can reboot and take the internet down as I'm up and downloading....
Just rebooted and it's the (no internet)
[2.7.2-RELEASE][root@pfSense.localdomain]/root: /sbin/route -n6 get 'default' route: route has not been found: No error: 0
-
OK, so that's the no default IPv4 route situation?
-
@stephenw10 indeed, until WAN up-down
-
Hmm, curious. Try setting the IPv6 default gateway to something, WAN_DHCPv6 for example. That should remove the error at least.
-
@stephenw10 Well, As a sanity(in) check I installed another pfSense (VM) and lo and behold that has the same issue !
What I have is Proxmox with a single ethernet port with Proxmox provides the two NIC's for pfSense, the WAN NIC is on vlan 1000 and the switch splits that of into to ports. The ONT port is untagged 1000 solely (no vlan 1 internal to the switch) and LAN and other vlans are on one of the other ports
g1 Trunk 1 1U g2 Trunk 1 1U g3 Trunk 1 1U g4 Trunk 1 1U g5 Trunk 1 1U,10T,20T,999T g6 Trunk 1 1U,10T,20T,999T,1000T g7 Access 1000 1000U g8 Trunk 1 1U,10T,20T,999T Switch ports 1 - 1U 2 - 1U 3 - 1U 4 SPA 1U 5 AP 1U,10T,20T,999T 6 Server 1U,10T,20T,999T,1000T 7 Modem 1000U 8 - 1U,10T,20T,999T
-
Hmm, this starts to feel like a timing issue. I'm testing pretty much exactly that setup though without using VLANs.
Your WAN is pulling a DHCP lease from the ISP directly?
Does your test VM come up correctly if it pulls a lease from a local server?
-
@stephenw10 Yes, the WAN address is coming from the ISP directly, the ISP told me to set DHCP and set PNP - not a good idea so I didn't.
Not tested the local test VM other than setting it's WAN & LAN. It messed up a bit with my current pfSense running and every thing got a bit confused ... I'll have another go in a moment with the test VM.
I first conntacted my ISP with the issue and as expected they weren't a great deal of help. I'm maybe only one of very few that use a different router than the supplied Adtran - the ONT is Adtran too.
I set the test VM to get it's WAN from the main pfSense LAN and that worked, got an IP for it and can ping out.
The main pfSense gets an IP but no internet. One thing I thought is I wonder if the ISP has updated the firmware in the ONT or OLT, I asked but answer on that. Incidentally the supplied ISP's router connects ok
------------ rebooted test VM ----------- Aug 22 17:24:25 syslogd kernel boot file is /boot/kernel/kernel Aug 22 17:24:25 kernel ---<<BOOT>>--- Aug 22 17:24:25 kernel Copyright (c) 1992-2023 The FreeBSD Project. Aug 22 17:24:25 kernel Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Aug 22 17:24:25 kernel The Regents of the University of California. All rights reserved. Aug 22 17:24:25 kernel FreeBSD is a registered trademark of The FreeBSD Foundation. Aug 22 17:24:25 kernel FreeBSD 14.0-CURRENT amd64 1400094 #1 RELENG_2_7_2-n255948-8d2b56da39c: Wed Dec 6 20:45:47 UTC 2023 Aug 22 17:24:25 kernel root@freebsd:/var/jenkins/workspace/pfSense-CE-snapshots-2_7_2-main/obj/amd64/StdASW5b/var/jenkins/workspace/pfSense-CE-snapshots-2_7_2-main/sources/FreeBSD-src-RELENG_2_7_2/amd64.amd64/sys/pfSense amd64 Aug 22 17:24:25 kernel FreeBSD clang version 16.0.6 (https://github.com/llvm/llvm-project.git llvmorg-16.0.6-0-g7cbf1a259152) Aug 22 17:24:25 kernel VT(vga): text 80x25 Aug 22 17:24:25 kernel CPU: QEMU Virtual CPU version 2.5+ (2496.09-MHz K8-class CPU) Aug 22 17:24:25 kernel Origin="GenuineIntel" Id=0x60fb1 Family=0xf Model=0x6b Stepping=1 Aug 22 17:24:25 kernel Features=0x783fbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2> Aug 22 17:24:25 kernel Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV> Aug 22 17:24:25 kernel AMD Features=0x20100800<SYSCALL,NX,LM> Aug 22 17:24:25 kernel AMD Features2=0x1<LAHF> Aug 22 17:24:25 kernel Hypervisor: Origin = "KVMKVMKVM" Aug 22 17:24:25 kernel real memory = 2147483648 (2048 MB) Aug 22 17:24:25 kernel avail memory = 2016673792 (1923 MB) Aug 22 17:24:25 kernel Event timer "LAPIC" quality 100 Aug 22 17:24:25 kernel ACPI APIC Table: <BOCHS BXPC > Aug 22 17:24:25 kernel random: unblocking device. Aug 22 17:24:25 kernel ioapic0 <Version 1.1> irqs 0-23 Aug 22 17:24:25 kernel TCP_ratelimit: Is now initialized Aug 22 17:24:25 kernel wlan: mac acl policy registered Aug 22 17:24:25 kernel ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Aug 22 17:24:25 kernel ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff807475a0, 0) error 1 Aug 22 17:24:25 kernel ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Aug 22 17:24:25 kernel ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff80747650, 0) error 1 Aug 22 17:24:25 kernel ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Aug 22 17:24:25 kernel ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff80747700, 0) error 1 Aug 22 17:24:25 kernel iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Aug 22 17:24:25 kernel iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80765180, 0) error 1 Aug 22 17:24:25 kernel iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Aug 22 17:24:25 kernel iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80765230, 0) error 1 Aug 22 17:24:25 kernel iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Aug 22 17:24:25 kernel iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Aug 22 17:24:25 kernel module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff807652e0, 0) error 1 Aug 22 17:24:25 kernel random: entropy device external interface Aug 22 17:24:25 kernel kbd1 at kbdmux0 Aug 22 17:24:25 kernel WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0. Aug 22 17:24:25 kernel netgate0: <QEMU Guest> Aug 22 17:24:25 kernel kvmclock0: <KVM paravirtual clock> Aug 22 17:24:25 kernel Timecounter "kvmclock" frequency 1000000000 Hz quality 975 Aug 22 17:24:25 kernel kvmclock0: registered as a time-of-day clock, resolution 0.000001s Aug 22 17:24:25 kernel vtvga0: <VT VGA driver> Aug 22 17:24:25 kernel smbios0: <System Management BIOS> at iomem 0xf5290-0xf52ae Aug 22 17:24:25 kernel smbios0: Version: 2.8, BCD Revision: 2.8 Aug 22 17:24:25 kernel acpi0: <BOCHS BXPC> Aug 22 17:24:25 kernel acpi0: Power Button (fixed) Aug 22 17:24:25 kernel cpu0: <ACPI CPU> on acpi0 Aug 22 17:24:25 kernel atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0 Aug 22 17:24:25 kernel atrtc0: registered as a time-of-day clock, resolution 1.000000s Aug 22 17:24:25 kernel Event timer "RTC" frequency 32768 Hz quality 0 Aug 22 17:24:25 kernel hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0 Aug 22 17:24:25 kernel Timecounter "HPET" frequency 100000000 Hz quality 950 Aug 22 17:24:25 kernel Timecounter "ACPI-fast" frequency 3579545 Hz quality 900 Aug 22 17:24:25 kernel acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0 Aug 22 17:24:25 kernel pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 Aug 22 17:24:25 kernel pci0: <ACPI PCI bus> on pcib0 Aug 22 17:24:25 kernel isab0: <PCI-ISA bridge> at device 1.0 on pci0 Aug 22 17:24:25 kernel isa0: <ISA bus> on isab0 Aug 22 17:24:25 kernel atapci0: <Intel PIIX3 WDMA2 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf0a0-0xf0af at device 1.1 on pci0 Aug 22 17:24:25 kernel ata0: <ATA channel> at channel 0 on atapci0 Aug 22 17:24:25 kernel ata1: <ATA channel> at channel 1 on atapci0 Aug 22 17:24:25 kernel uhci0: <Intel 82371SB (PIIX3) USB controller> port 0xf040-0xf05f irq 11 at device 1.2 on pci0 Aug 22 17:24:25 kernel usbus0 on uhci0 Aug 22 17:24:25 kernel pci0: <bridge> at device 1.3 (no driver attached) Aug 22 17:24:25 kernel vgapci0: <VGA-compatible display> mem 0xfc000000-0xfcffffff,0xfea90000-0xfea90fff at device 2.0 on pci0 Aug 22 17:24:25 kernel vgapci0: Boot video device Aug 22 17:24:25 kernel virtio_pci0: <VirtIO PCI (legacy) Balloon adapter> port 0xf000-0xf03f mem 0xfd600000-0xfd603fff irq 11 at device 3.0 on pci0 Aug 22 17:24:25 kernel vtballoon0: <VirtIO Balloon Adapter> on virtio_pci0 Aug 22 17:24:25 kernel pcib1: <ACPI PCI-PCI bridge> mem 0xfea91000-0xfea910ff irq 10 at device 5.0 on pci0 Aug 22 17:24:25 kernel pci1: <ACPI PCI bus> on pcib1 Aug 22 17:24:25 kernel virtio_pci1: <VirtIO PCI (legacy) SCSI adapter> port 0xe000-0xe03f mem 0xfe800000-0xfe800fff,0xfd400000-0xfd403fff irq 10 at device 1.0 on pci1 Aug 22 17:24:25 kernel vtscsi0: <VirtIO SCSI Adapter> on virtio_pci1 Aug 22 17:24:25 kernel virtio_pci2: <VirtIO PCI (legacy) Network adapter> port 0xf060-0xf07f mem 0xfea92000-0xfea92fff,0xfd604000-0xfd607fff irq 10 at device 18.0 on pci0 Aug 22 17:24:25 kernel vtnet0: <VirtIO Networking Adapter> on virtio_pci2 Aug 22 17:24:25 kernel vtnet0: Ethernet address: bc:24:11:23:6c:e0 Aug 22 17:24:25 kernel vtnet0: netmap queues/slots: TX 1/256, RX 1/512 Aug 22 17:24:25 kernel 000.000761 [ 452] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=512 Aug 22 17:24:25 kernel virtio_pci3: <VirtIO PCI (legacy) Network adapter> port 0xf080-0xf09f mem 0xfea93000-0xfea93fff,0xfd608000-0xfd60bfff irq 11 at device 19.0 on pci0 Aug 22 17:24:25 kernel vtnet1: <VirtIO Networking Adapter> on virtio_pci3 Aug 22 17:24:25 kernel vtnet1: Ethernet address: bc:24:11:95:85:5e Aug 22 17:24:25 kernel vtnet1: netmap queues/slots: TX 1/256, RX 1/512 Aug 22 17:24:25 kernel 000.000762 [ 452] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=512 Aug 22 17:24:25 kernel pcib2: <ACPI PCI-PCI bridge> mem 0xfea94000-0xfea940ff irq 10 at device 30.0 on pci0 Aug 22 17:24:25 kernel pci2: <ACPI PCI bus> on pcib2 Aug 22 17:24:25 kernel pcib3: <ACPI PCI-PCI bridge> mem 0xfea95000-0xfea950ff irq 11 at device 31.0 on pci0 Aug 22 17:24:25 kernel pci3: <ACPI PCI bus> on pcib3 Aug 22 17:24:25 kernel acpi_syscontainer0: <System Container> on acpi0 Aug 22 17:24:25 kernel vmgenc0: <VM Generation Counter> on acpi0 Aug 22 17:24:25 kernel acpi_syscontainer1: <System Container> port 0xaf00-0xaf0b on acpi0 Aug 22 17:24:25 kernel acpi_syscontainer2: <System Container> port 0xafe0-0xafe3 on acpi0 Aug 22 17:24:25 kernel acpi_syscontainer3: <System Container> port 0xae00-0xae17 on acpi0 Aug 22 17:24:25 kernel atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 Aug 22 17:24:25 kernel atkbd0: <AT Keyboard> irq 1 on atkbdc0 Aug 22 17:24:25 kernel kbd0 at atkbd0 Aug 22 17:24:25 kernel atkbd0: [GIANT-LOCKED] Aug 22 17:24:25 kernel psm0: <PS/2 Mouse> irq 12 on atkbdc0 Aug 22 17:24:25 kernel psm0: [GIANT-LOCKED] Aug 22 17:24:25 kernel WARNING: Device "psm" is Giant locked and may be deleted before FreeBSD 14.0. Aug 22 17:24:25 kernel psm0: model IntelliMouse Explorer, device ID 4 Aug 22 17:24:25 kernel fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0 Aug 22 17:24:25 kernel fdc0: does not respond Aug 22 17:24:25 kernel device_attach: fdc0 attach returned 6 Aug 22 17:24:25 kernel orm0: <ISA Option ROM> at iomem 0xe7800-0xeffff pnpid ORM0000 on isa0 Aug 22 17:24:25 kernel vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0 Aug 22 17:24:25 kernel attimer0: <AT timer> at port 0x40 on isa0 Aug 22 17:24:25 kernel Timecounter "i8254" frequency 1193182 Hz quality 0 Aug 22 17:24:25 kernel Event timer "i8254" frequency 1193182 Hz quality 100 Aug 22 17:24:25 kernel fdc0: No FDOUT register! Aug 22 17:24:25 kernel Timecounter "TSC-low" frequency 1247999989 Hz quality 800 Aug 22 17:24:25 kernel Timecounters tick every 10.000 msec Aug 22 17:24:25 kernel usbus0: 12Mbps Full Speed USB v1.0 Aug 22 17:24:25 kernel ZFS filesystem version: 5 Aug 22 17:24:25 kernel ZFS storage pool version: features support (5000) Aug 22 17:24:25 kernel ugen0.1: <Intel UHCI root HUB> at usbus0 Aug 22 17:24:25 kernel uhub0 on usbus0 Aug 22 17:24:25 kernel uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0 Aug 22 17:24:25 kernel Trying to mount root from zfs:pfSense/ROOT/default []... Aug 22 17:24:25 kernel cd0 at ata1 bus 0 scbus1 target 0 lun 0 Aug 22 17:24:25 kernel cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device Aug 22 17:24:25 kernel cd0: Serial Number QM00003 Aug 22 17:24:25 kernel cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes) Aug 22 17:24:25 kernel cd0: 1369MB (701060 2048 byte sectors) Aug 22 17:24:25 kernel da0 at vtscsi0 bus 0 scbus2 target 0 lun 0 Aug 22 17:24:25 kernel da0: <QEMU QEMU HARDDISK 2.5+> Fixed Direct Access SPC-3 SCSI device Aug 22 17:24:25 kernel da0: 300.000MB/s transfers Aug 22 17:24:25 kernel da0: Command Queueing enabled Aug 22 17:24:25 kernel da0: 32768MB (67108864 512 byte sectors) Aug 22 17:24:25 kernel uhub0: 2 ports with 2 removable, self powered Aug 22 17:24:25 kernel ugen0.2: <QEMU QEMU USB Tablet> at usbus0 Aug 22 17:24:25 kernel uhid0 on uhub0 Aug 22 17:24:25 kernel uhid0: <QEMU QEMU USB Tablet, class 0/0, rev 2.00/0.00, addr 2> on usbus0 Aug 22 17:24:25 kernel CPU: QEMU Virtual CPU version 2.5+ (2496.00-MHz K8-class CPU) Aug 22 17:24:25 kernel Origin="GenuineIntel" Id=0x60fb1 Family=0xf Model=0x6b Stepping=1 Aug 22 17:24:25 kernel Features=0x78bfbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2> Aug 22 17:24:25 kernel Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV> Aug 22 17:24:25 kernel AMD Features=0x20100800<SYSCALL,NX,LM> Aug 22 17:24:25 kernel AMD Features2=0x1<LAHF> Aug 22 17:24:25 kernel Hypervisor: Origin = "KVMKVMKVM" Aug 22 17:24:25 kernel intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0 Aug 22 17:24:25 kernel intsmb0: intr IRQ 9 enabled revision 0 Aug 22 17:24:25 kernel smbus0: <System Management Bus> on intsmb0 Aug 22 17:24:25 kernel lo0: link state changed to UP Aug 22 17:24:25 kernel done. Aug 22 17:24:25 kernel vtnet1: link state changed to UP Aug 22 17:24:25 kernel vtnet0: link state changed to UP Aug 22 17:24:25 check_reload_status 445 Linkup starting vtnet1 Aug 22 17:24:25 check_reload_status 445 Linkup starting vtnet0 Aug 22 17:24:26 php-fpm 396 /rc.linkup: Ignoring link event during boot sequence. Aug 22 17:25:26 php-cgi 465 rc.bootup: calling interface_dhcpv6_configure. Aug 22 17:25:26 php-cgi 465 rc.bootup: Accept router advertisements on interface vtnet0 Aug 22 17:25:26 php-cgi 465 rc.bootup: Starting DHCP6 client for interfaces vtnet0 in DHCP6 without RA mode Aug 22 17:25:26 php-cgi 465 rc.bootup: Starting rtsold process on wan(vtnet0) Aug 22 17:25:28 php-cgi 465 rc.bootup: Resyncing OpenVPN instances. Aug 22 17:25:28 kernel done. Aug 22 17:25:28 kernel pflog0: promiscuous mode enabled Aug 22 17:25:28 php-cgi 465 rc.bootup: Gateway, NONE AVAILABLE Aug 22 17:25:28 kernel .done. Aug 22 17:25:28 kernel done. Aug 22 17:25:28 php-cgi 465 rc.bootup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:25:29 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:30 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:31 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:32 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:33 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:34 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:35 php-cgi 465 rc.bootup: Unbound start waiting on dhcp6c. Aug 22 17:25:35 php-fpm 396 /rc.newwanipv6: rc.newwanipv6: Info: starting on vtnet0. Aug 22 17:25:35 php-fpm 396 /rc.newwanipv6: rc.newwanipv6: on (IP address: 2a0c:4f47:8030:2::1) (interface: wan) (real interface: vtnet0). Aug 22 17:25:35 php-fpm 396 /rc.newwanipv6: Gateway, NONE AVAILABLE Aug 22 17:25:35 php-fpm 396 /rc.newwanipv6: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:25:36 php-cgi 465 rc.bootup: dhcp6 init complete. Continuing Aug 22 17:25:36 php-cgi 465 rc.bootup: sync unbound done. Aug 22 17:25:36 kernel done. Aug 22 17:25:37 kernel done. Aug 22 17:26:07 kernel done. Aug 22 17:26:07 kernel done. Aug 22 17:26:07 php-cgi 465 rc.bootup: NTPD is starting up. Aug 22 17:26:08 kernel done. Aug 22 17:26:08 check_reload_status 445 Updating all dyndns Aug 22 17:26:09 kernel .... Aug 22 17:26:09 php-cgi 465 rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).' Aug 22 17:26:09 kernel .done. Aug 22 17:26:13 php-cgi 465 rc.bootup: Creating rrd update script Aug 22 17:26:13 syslogd exiting on signal 15 Aug 22 17:26:13 syslogd kernel boot file is /boot/kernel/kernel Aug 22 17:26:13 kernel done. Aug 22 17:26:14 php-fpm 396 /rc.start_packages: Restarting/Starting all packages. Aug 22 17:26:14 root 36514 Bootup complete Aug 22 17:26:15 login 79662 login on ttyv0 as root Aug 22 17:26:15 sshguard 81305 Now monitoring attacks. Aug 22 17:36:33 check_reload_status 445 rc.newwanip starting vtnet0 Aug 22 17:36:34 php-fpm 396 /rc.newwanip: rc.newwanip: Info: starting on vtnet0. Aug 22 17:36:34 php-fpm 396 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: vtnet0). Aug 22 17:36:37 php-fpm 396 /rc.newwanip: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Aug 22 17:36:37 php-fpm 396 /rc.newwanip: Default gateway setting Interface WAN_DHCP Gateway as default. Aug 22 17:36:37 rc.gateway_alarm 58962 >>> Gateway alarm: WAN_DHCP (Addr:xxx.xxx.xxx.xxx Alarm:1 RTT:0ms RTTsd:0ms Loss:100%) Aug 22 17:36:37 check_reload_status 445 updating dyndns WAN_DHCP Aug 22 17:36:37 check_reload_status 445 Restarting IPsec tunnels Aug 22 17:36:37 check_reload_status 445 Restarting OpenVPN tunnels/interfaces Aug 22 17:36:37 check_reload_status 445 Reloading filter Aug 22 17:36:37 php-fpm 396 /rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:36:37 php-fpm 396 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0. Aug 22 17:36:37 php-fpm 396 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Aug 22 17:36:37 php-fpm 396 /rc.newwanip: Creating rrd update script Aug 22 17:36:38 php-fpm 75474 /rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Aug 22 17:36:38 php-fpm 75474 /rc.openvpn: Default gateway setting Interface WAN_DHCP Gateway as default. Aug 22 17:36:38 php-fpm 75474 /rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:36:39 php-fpm 396 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages. Aug 22 17:36:39 check_reload_status 445 Starting packages Aug 22 17:36:39 check_reload_status 445 Reloading filter Aug 22 17:36:40 php-fpm 75474 /rc.start_packages: Restarting/Starting all packages. Aug 22 17:38:10 php-fpm 396 /index.php: Successful login for user 'admin' from: 192.168.2.21 (Local Database) Aug 22 17:38:13 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:14 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:15 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:16 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:17 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:19 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:20 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:21 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:22 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:23 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:24 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:38:25 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:40:00 sshguard 81305 Exiting on signal. Aug 22 17:40:00 sshguard 29094 Now monitoring attacks. ----------- Toggled WAN on testVM ------------ Aug 22 17:44:59 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:00 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:01 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:02 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:03 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:04 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:05 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:06 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:07 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:08 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:09 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:10 kernel arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0 Aug 22 17:45:31 kernel vtnet0: link state changed to DOWN Aug 22 17:45:31 check_reload_status 445 Linkup starting vtnet0 Aug 22 17:45:32 php-fpm 397 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp, 6: dhcp6) Aug 22 17:45:32 php-fpm 397 /rc.linkup: DEVD Ethernet detached event for wan Aug 22 17:45:34 check_reload_status 445 Reloading filter Aug 22 17:45:34 rc.gateway_alarm 77152 >>> Gateway alarm: WAN_DHCP (Addr:xxx.xxx.xxx.xxx Alarm:down RTT:0ms RTTsd:0ms Loss:100%) Aug 22 17:45:34 check_reload_status 445 updating dyndns WAN_DHCP Aug 22 17:45:34 check_reload_status 445 Restarting IPsec tunnels Aug 22 17:45:34 check_reload_status 445 Restarting OpenVPN tunnels/interfaces Aug 22 17:45:34 check_reload_status 445 Reloading filter Aug 22 17:45:36 check_reload_status 445 Linkup starting vtnet0 Aug 22 17:45:36 kernel vtnet0: link state changed to UP Aug 22 17:45:37 php-fpm 396 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp, 6: dhcp6) Aug 22 17:45:37 php-fpm 396 /rc.linkup: DEVD Ethernet attached event for wan Aug 22 17:45:37 php-fpm 396 /rc.linkup: HOTPLUG: Configuring interface wan Aug 22 17:45:37 check_reload_status 445 rc.newwanip starting vtnet0 Aug 22 17:45:37 php-fpm 396 /rc.linkup: calling interface_dhcpv6_configure. Aug 22 17:45:37 php-fpm 396 /rc.linkup: Accept router advertisements on interface vtnet0 Aug 22 17:45:37 php-fpm 396 /rc.linkup: Starting DHCP6 client for interfaces vtnet0 in DHCP6 without RA mode Aug 22 17:45:37 php-fpm 396 /rc.linkup: Starting rtsold process on wan(vtnet0) Aug 22 17:45:38 php-fpm 75474 /rc.newwanip: rc.newwanip: Info: starting on vtnet0. Aug 22 17:45:38 php-fpm 75474 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: vtnet0). Aug 22 17:45:39 php-fpm 397 /rc.newwanipv6: rc.newwanipv6: Info: starting on vtnet0. Aug 22 17:45:39 php-fpm 397 /rc.newwanipv6: rc.newwanipv6: on (IP address: 2a0c:4f47:8030:2::1) (interface: wan) (real interface: vtnet0). Aug 22 17:45:40 php-fpm 396 /rc.linkup: Gateway, NONE AVAILABLE Aug 22 17:45:40 php-fpm 75474 /rc.newwanip: Gateway, NONE AVAILABLE Aug 22 17:45:40 php-fpm 396 /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:45:40 php-fpm 75474 /rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:45:40 php-fpm 75474 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0. Aug 22 17:45:40 check_reload_status 445 Restarting IPsec tunnels Aug 22 17:45:40 php-fpm 75474 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Aug 22 17:45:40 check_reload_status 445 updating dyndns wan Aug 22 17:45:40 php-fpm 75474 /rc.newwanip: Creating rrd update script Aug 22 17:45:40 check_reload_status 445 Reloading filter Aug 22 17:45:40 php-fpm 397 /rc.newwanipv6: Gateway, NONE AVAILABLE Aug 22 17:45:40 php-fpm 397 /rc.newwanipv6: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6' Aug 22 17:45:40 check_reload_status 445 Reloading filter Aug 22 17:45:40 php-fpm 397 /rc.newwanipv6: Resyncing OpenVPN instances for interface WAN. Aug 22 17:45:40 php-fpm 397 /rc.newwanipv6: Creating rrd update script Aug 22 17:45:40 php-fpm 397 /rc.newwanipv6: pfSense package system has detected an IP change or dynamic WAN reconnection - -> 2a0c:4f47:8030:2::1 - Restarting packages. Aug 22 17:45:40 check_reload_status 445 Starting packages Aug 22 17:45:41 php-fpm 397 /rc.start_packages: Restarting/Starting all packages. Aug 22 17:45:42 php-fpm 75474 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages. Aug 22 17:45:42 check_reload_status 445 Starting packages Aug 22 17:45:42 check_reload_status 445 Reloading filter Aug 22 17:45:43 php-fpm 71050 /rc.start_packages: Restarting/Starting all packages.