WAN only connects on unplug and plug back in

stephenw10

Yes, that's what I pointed out above. It may or may not be the issue but it's certainly suspicious.

What interface references are you seeing now?

What packages do you still have installed?

randombits

@stephenw10 Packages
screencapture-pfsense-pkg-mgr-installed-php-2024-08-20-19_02_59.png

And these still hanging around

Aug 20 18:29:28	vnstatd	41582	vnStat daemon 2.11 (pid:41582 uid:0 gid:0, SQLite 3.43.1)
Aug 20 18:29:28	vnstatd	41582	Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
Aug 20 18:29:28	vnstatd	41582	Monitoring (22): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) tun_wg1 (1000 Mbit) tun_wg0 (1000 Mbit) pppoe0 (1000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit) em1 (1000 Mbit) em0.999 (1000 Mbit) em0.40 (1000 Mbit) em0.30 (1000 Mbit) em0.20 (1000 Mbit) em0.10 (1000 Mbit) em0 (1000 Mbit)
Aug 20 18:29:28	vnstatd	45241	Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
Aug 20 18:29:28	vnstatd	41582	Interface "tun_wg1" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "tun_wg0" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "pppoe0" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em1" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0.999" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0.40" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0.30" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0.20" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0.10" disabled.
Aug 20 18:29:28	vnstatd	41582	Interface "em0" disabled.
Aug 20 18:29:28	tail_pfb	46393	[pfBlockerNG] Firewall Filter Service stopped
Aug 20 18:29:29	php_pfb	47122	[pfBlockerNG] filterlog daemon stopped
Aug 20 18:29:29	tail_pfb	53027	[pfBlockerNG] Firewall Filter Service started
Aug 20 18:29:29	root	53976	Bootup complete

stephenw10

Do you still see those is Bandwidthd and darkstat are disabled?

randombits

@stephenw10 yes, I removed both packages and not reinstalled and the interface references are still there after a reboot

stephenw10

Hmm, and still from vnstatd?

I'd backup the config and search it directly for em references.

randombits

@stephenw10 yes vmstatd, bit difficult on a phone atm, I'll save and look at the config.

randombits

Right then, No reference to em interfaces at all only vtnet ones.

Ah-ha ! I removed Traffic totals and rebooted and the vnstatd interfaces references have gone.

Although the rebooting WAN issues remains

stephenw10

Ah, you may need to clear the traffic totals data then if you still need that. Though it clearly isn't what's preventing the default route.

randombits

@stephenw10 The traffic totals cleared themselves but I also reset them.

For clarity here is the log now.

------------- pfSense rebooted ------------

Aug 21 12:37:54	kernel		Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV>
Aug 21 12:37:54	kernel		AMD Features=0x20100800<SYSCALL,NX,LM>
Aug 21 12:37:54	kernel		AMD Features2=0x1<LAHF>
Aug 21 12:37:54	kernel		Hypervisor: Origin = "KVMKVMKVM"
Aug 21 12:37:54	kernel		intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0
Aug 21 12:37:54	kernel		intsmb0: intr IRQ 9 enabled revision 0
Aug 21 12:37:54	kernel		smbus0: <System Management Bus> on intsmb0
Aug 21 12:37:54	kernel		aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS>
Aug 21 12:37:54	kernel		lo0: link state changed to UP
Aug 21 12:37:54	kernel		vtnet0: link state changed to UP
Aug 21 12:37:54	kernel		vlan0: changing name to 'vtnet0.10'
Aug 21 12:37:54	php-cgi	453	rc.bootup: The command '/sbin/ifconfig 'vtnet1' inet6 delete' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address'
Aug 21 12:37:54	kernel		vlan1: changing name to 'vtnet0.20'
Aug 21 12:37:54	kernel		vlan2: changing name to 'vtnet0.30'
Aug 21 12:37:54	kernel		vlan3: changing name to 'vtnet0.40'
Aug 21 12:37:54	kernel		vlan4: changing name to 'vtnet0.999'
Aug 21 12:37:54	kernel		vtnet1: link state changed to UP
Aug 21 12:37:54	check_reload_status	428	Linkup starting vtnet1
Aug 21 12:37:54	php-cgi	453	rc.bootup: The command '/sbin/ifconfig 'vtnet1' media 'autoselect'' returned exit code '1', the output was 'ifconfig: SIOCSIFMEDIA (media): Operation not supported'
Aug 21 12:37:54	kernel		[fib_algo] inet.0 (bsearch4#28) rebuild_fd_flm: switching algo to radix4_lockless
Aug 21 12:37:54	check_reload_status	428	rc.newwanip starting vtnet1
Aug 21 12:37:55	php-fpm	396	/rc.linkup: Ignoring link event during boot sequence.
Aug 21 12:37:55	php-fpm	397	/rc.newwanip: rc.newwanip: Info: starting on vtnet1.
Aug 21 12:37:55	php-fpm	397	/rc.newwanip: rc.newwanip: on (IP address: x.x.x.x) (interface: WAN[wan]) (real interface: vtnet1).
Aug 21 12:37:56	check_reload_status	428	starting sshd
Aug 21 12:37:56	php-cgi	453	rc.bootup: Resyncing OpenVPN instances.
Aug 21 12:37:56	kernel		done.
Aug 21 12:37:56	kernel		tun1: changing name to 'ovpns1'
Aug 21 12:37:57	kernel		ovpns1: link state changed to UP
Aug 21 12:37:57	kernel		tun2: changing name to 'ovpnc2'
Aug 21 12:37:57	check_reload_status	428	rc.newwanip starting ovpns1
Aug 21 12:37:57	sshd	77964	Server listening on :: port 22.
Aug 21 12:37:57	sshd	77964	Server listening on 0.0.0.0 port 22.
Aug 21 12:37:57	sshguard	78881	Now monitoring attacks.
Aug 21 12:37:58	kernel		pflog0: promiscuous mode enabled
Aug 21 12:37:58	php-fpm	396	/rc.newwanip: rc.newwanip: Info: starting on ovpns1.
Aug 21 12:37:58	php-fpm	396	/rc.newwanip: Interface is disabled, nothing to do.
Aug 21 12:38:01	kernel		.done.
Aug 21 12:38:01	kernel		done.
Aug 21 12:38:03	php-cgi	453	rc.bootup: Default gateway setting Interface WAN_DHCP Gateway as default.
Aug 21 12:38:03	php-cgi	453	rc.bootup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:38:03	kernel		done.
Aug 21 12:38:07	php-cgi	453	rc.bootup: sync unbound done.
Aug 21 12:38:07	kernel		done.
Aug 21 12:38:09	kernel		done.
Aug 21 12:38:39	kernel		done.
Aug 21 12:38:39	php-cgi	453	rc.bootup: NTPD is starting up.
Aug 21 12:38:39	kernel		done.
Aug 21 12:38:40	check_reload_status	428	Updating all dyndns
Aug 21 12:38:40	kernel		done.
Aug 21 12:38:41	kernel		.
Aug 21 12:38:41	kernel		..
Aug 21 12:38:42	php-cgi	453	rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).'
Aug 21 12:38:42	kernel		.done.
Aug 21 12:38:46	php-cgi	453	rc.bootup: The command '/sbin/camcontrol standby da0 -t 0.5' returned exit code '1', the output was 'camcontrol: ATA STANDBY via pass_16 failed'
Aug 21 12:38:46	php-cgi	453	rc.bootup: Creating rrd update script
Aug 21 12:38:46	php-cgi	453	rc.bootup: The command '/usr/sbin/powerd -b 'min' -a 'min' -n 'min'' returned exit code '69', the output was 'powerd: no cpufreq(4) support -- aborting: No such file or directory'
Aug 21 12:38:46	kernel		done.
Aug 21 12:38:47	syslogd		exiting on signal 15
Aug 21 12:38:47	syslogd		kernel boot file is /boot/kernel/kernel
Aug 21 12:38:47	kernel		done.
Aug 21 12:38:47	php-cgi	92079	notify_monitor.php: Could not send the message to alert@XXXXXXXX.com -- Error: Failed to connect to ssl://smtp.googlemail.com:465 [SMTP: Failed to connect socket: php_network_getaddresses: getaddrinfo for smtp.googlemail.com failed: Name does not resolve (code: -1, response: )]
Aug 21 12:38:47	php-fpm	397	/rc.start_packages: Restarting/Starting all packages.
Aug 21 12:38:48	lighttpd_pfb	14154	[pfBlockerNG] DNSBL Webserver stopped
Aug 21 12:38:48	lighttpd_pfb	15549	[pfBlockerNG] DNSBL Webserver started
Aug 21 12:38:48	php	16207	[pfBlockerNG] DNSBL parser daemon started
Aug 21 12:38:50	php-fpm	397	[pfBlockerNG] Starting firewall filter daemon
Aug 21 12:38:50	tail_pfb	6980	[pfBlockerNG] Firewall Filter Service stopped
Aug 21 12:38:50	php_pfb	7757	[pfBlockerNG] filterlog daemon stopped
Aug 21 12:38:50	tail_pfb	9955	[pfBlockerNG] Firewall Filter Service started
Aug 21 12:38:50	php_pfb	10695	[pfBlockerNG] filterlog daemon started
Aug 21 12:38:50	vnstatd	16176	vnStat daemon 2.11 (pid:16176 uid:0 gid:0, SQLite 3.43.1)
Aug 21 12:38:50	vnstatd	16176	Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit)
Aug 21 12:38:53	arpwatch	18952	listening on vtnet0.10
Aug 21 12:38:53	kernel		vtnet0: promiscuous mode enabled
Aug 21 12:38:53	kernel		vtnet0.10: promiscuous mode enabled
Aug 21 12:38:53	arpwatch	18794	listening on vtnet0
Aug 21 12:38:53	arpwatch	19547	listening on vtnet0.30
Aug 21 12:38:53	kernel		vtnet0.30: promiscuous mode enabled
Aug 21 12:38:53	arpwatch	19188	listening on vtnet0.20
Aug 21 12:38:53	kernel		vtnet0.20: promiscuous mode enabled
Aug 21 12:38:53	arpwatch	20053	Link layer type 0 not ethernet or fddi
Aug 21 12:38:53	kernel		ovpnc2: promiscuous mode enabled
Aug 21 12:38:54	kernel		ovpnc2: promiscuous mode disabled
Aug 21 12:38:54	kernel		vtnet0.999: promiscuous mode enabled
Aug 21 12:38:53	arpwatch	20289	listening on vtnet0.999
Aug 21 12:38:54	arpwatch	20571	pcap open : : No such device exists (No such device exists)
Aug 21 12:38:54	arpwatch	20902	listening on vtnet1
Aug 21 12:38:54	kernel		vtnet1: promiscuous mode enabled
Aug 21 12:38:58	php-fpm	43380	/index.php: Successful login for user 'admin' from: 192.168.2.21 (Local Database)
Aug 21 12:38:58	sshguard	26469	Now monitoring attacks.
Aug 21 12:39:01	vnstatd	17978	Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
Aug 21 12:39:01	vnstatd	20270	Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
Aug 21 12:39:01	lighttpd_pfb	21446	[pfBlockerNG] DNSBL Webserver stopped
Aug 21 12:39:01	tail_pfb	22424	[pfBlockerNG] Firewall Filter Service stopped
Aug 21 12:39:01	php_pfb	22989	[pfBlockerNG] filterlog daemon stopped
Aug 21 12:39:01	lighttpd_pfb	26879	[pfBlockerNG] DNSBL Webserver started
Aug 21 12:39:01	tail_pfb	28083	[pfBlockerNG] Firewall Filter Service started
Aug 21 12:39:01	php_pfb	28887	[pfBlockerNG] filterlog daemon started
Aug 21 12:39:01	php	31423	[pfBlockerNG] DNSBL parser daemon started
Aug 21 12:39:27	vnstatd	16176	SIGTERM received, exiting.
Aug 21 12:39:27	root	27425	Bootup complete
Aug 21 12:39:29	login	67823	login on ttyv0 as root
Aug 21 12:39:33	arpwatch	18794	bogon 0.0.0.0 fc:b4:67:d4:db:b0
Aug 21 12:39:33	arpwatch	18794	bogon 0.0.0.0 fc:b4:67:d4:db:b0
Aug 21 12:39:34	arpwatch	18794	bogon 0.0.0.0 fc:b4:67:d4:db:b0

----------- TOGGLED WAN DOWN TO UP ------------

Aug 21 12:45:48	kernel		vtnet1: link state changed to DOWN
Aug 21 12:45:48	check_reload_status	428	Linkup starting vtnet1
Aug 21 12:45:49	php-fpm	397	/rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
Aug 21 12:45:49	php-fpm	397	/rc.linkup: DEVD Ethernet detached event for wan
Aug 21 12:45:50	check_reload_status	428	updating dyndns WAN_DHCP
Aug 21 12:45:50	check_reload_status	428	Restarting IPsec tunnels
Aug 21 12:45:50	check_reload_status	428	Restarting OpenVPN tunnels/interfaces
Aug 21 12:45:50	check_reload_status	428	Reloading filter
Aug 21 12:45:50	rc.gateway_alarm	13675	>>> Gateway alarm: WAN_DHCP (Addr:x.x.x.x Alarm:down RTT:0ms RTTsd:0ms Loss:100%)
Aug 21 12:45:51	php-fpm	396	/rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:45:51	php-fpm	396	/rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use WAN_DHCP.
Aug 21 12:45:53	check_reload_status	428	Linkup starting vtnet1
Aug 21 12:45:53	kernel		vtnet1: link state changed to UP
Aug 21 12:46:00	php-cgi	55521	servicewatchdog_cron.php: Service Watchdog detected service dpinger stopped. Restarting dpinger (Gateway Monitoring Daemon)
Aug 21 12:46:00	php-cgi	57907	notify_monitor.php: Could not send the message to alert@xxxxxxx.com -- Error: Failed to connect to ssl://smtp.googlemail.com:465 [SMTP: Failed to connect socket: php_network_getaddresses: getaddrinfo for smtp.googlemail.com failed: Name does not resolve (code: -1, response: )]
Aug 21 12:46:01	check_reload_status	428	Reloading filter
Aug 21 12:46:01	php-fpm	396	/rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
Aug 21 12:46:01	php-fpm	396	/rc.linkup: DEVD Ethernet attached event for wan
Aug 21 12:46:01	php-fpm	396	/rc.linkup: HOTPLUG: Configuring interface wan
Aug 21 12:46:01	php-fpm	396	/rc.linkup: The command '/sbin/ifconfig 'vtnet1' media 'autoselect'' returned exit code '1', the output was 'ifconfig: SIOCSIFMEDIA (media): Operation not supported'
Aug 21 12:46:02	check_reload_status	428	rc.newwanip starting vtnet1
Aug 21 12:46:02	php-fpm	396	/rc.linkup: Default gateway setting Interface WAN_DHCP Gateway as default.
Aug 21 12:46:02	php-fpm	396	/rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:46:02	check_reload_status	428	Restarting IPsec tunnels
Aug 21 12:46:03	php-fpm	397	/rc.newwanip: rc.newwanip: Info: starting on vtnet1.
Aug 21 12:46:03	php-fpm	397	/rc.newwanip: rc.newwanip: on (IP address: x.x.x.x) (interface: WAN[wan]) (real interface: vtnet1).
Aug 21 12:46:04	arpwatch	20902	bogon x.x.x.x d4:5a:3f:3c:db:09
Aug 21 12:46:12	kernel		ovpnc2: link state changed to UP
Aug 21 12:46:12	check_reload_status	428	rc.newwanip starting ovpnc2
Aug 21 12:46:13	php-fpm	907	/rc.newwanip: rc.newwanip: Info: starting on ovpnc2.
Aug 21 12:46:13	php-fpm	907	/rc.newwanip: rc.newwanip: on (IP address: 10.16.0.2) (interface: PROTONVPN_NL[opt4]) (real interface: ovpnc2).
Aug 21 12:46:37	php-fpm	397	/rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:46:37	php-fpm	397	/rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
Aug 21 12:46:40	php-fpm	907	/rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:46:47	check_reload_status	428	updating dyndns wan
Aug 21 12:46:47	check_reload_status	428	Reloading filter
Aug 21 12:46:48	arpwatch	20902	bogon x.x.x.x d4:5a:3f:3c:db:09
Aug 21 12:47:16	php-fpm	397	/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
Aug 21 12:47:16	php-fpm	397	OpenVPN terminate old pid: 66100
Aug 21 12:47:16	kernel		ovpns1: link state changed to DOWN
Aug 21 12:47:19	pfSctl	64586	could not finish read in a reasonable time. Action of event might not be completed.
Aug 21 12:47:20	php-fpm	397	/rc.newwanip: OpenVPN ID server1 PID 66100 still running, killing.
Aug 21 12:47:20	php-fpm	397	OpenVPN PID written: 81805
Aug 21 12:47:20	kernel		ovpns1: link state changed to UP
Aug 21 12:47:22	check_reload_status	428	Reloading filter
Aug 21 12:47:22	check_reload_status	428	Reloading filter
Aug 21 12:47:22	check_reload_status	428	rc.newwanip starting ovpns1
Aug 21 12:47:22	php-fpm	397	OpenVPN terminate old pid: 83659
Aug 21 12:47:23	php-fpm	49815	/rc.newwanip: rc.newwanip: Info: starting on ovpns1.
Aug 21 12:47:23	php-fpm	49815	/rc.newwanip: Interface is disabled, nothing to do.
Aug 21 12:47:23	kernel		ovpnc2: link state changed to DOWN
Aug 21 12:47:23	check_reload_status	428	Reloading filter
Aug 21 12:47:24	php-fpm	397	OpenVPN PID written: 24831
Aug 21 12:47:24	php-fpm	397	/rc.newwanip: Creating rrd update script
Aug 21 12:47:26	kernel		ovpnc2: link state changed to UP
Aug 21 12:47:26	check_reload_status	428	rc.newwanip starting ovpnc2
Aug 21 12:47:26	php-fpm	397	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> x.x.x.x - Restarting packages.
Aug 21 12:47:26	check_reload_status	428	Starting packages
Aug 21 12:47:27	php-fpm	43380	/rc.newwanip: rc.newwanip: Info: starting on ovpnc2.
Aug 21 12:47:27	php-fpm	43380	/rc.newwanip: rc.newwanip: on (IP address: 10.22.0.3) (interface: PROTONVPN_NL[opt4]) (real interface: ovpnc2).
Aug 21 12:47:27	php-fpm	396	/rc.start_packages: Restarting/Starting all packages.
Aug 21 12:47:38	rc.gateway_alarm	92417	>>> Gateway alarm: PROTONVPN_NL_VPNV4 (Addr:10.16.0.2 Alarm:1 RTT:8.006ms RTTsd:49.594ms Loss:21%)
Aug 21 12:47:38	check_reload_status	428	updating dyndns PROTONVPN_NL_VPNV4
Aug 21 12:47:38	check_reload_status	428	Restarting IPsec tunnels
Aug 21 12:47:38	check_reload_status	428	Restarting OpenVPN tunnels/interfaces
Aug 21 12:47:38	check_reload_status	428	Reloading filter
Aug 21 12:47:39	php-fpm	397	/rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:47:39	php-fpm	397	/rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use PROTONVPN_NL_VPNV4.
Aug 21 12:47:52	php-fpm	907	/rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1724240872] unbound[45808:0] error: bind: address already in use [1724240872] unbound[45808:0] fatal error: could not open ports'
Aug 21 12:47:53	php-fpm	43380	/rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was ''
Aug 21 12:47:53	php-fpm	43380	/rc.newwanip: IP Address has changed, killing states on former IP Address 10.16.0.2.
Aug 21 12:47:53	php-fpm	907	/rc.newwanip: Creating rrd update script
Aug 21 12:47:55	php-fpm	907	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.16.0.2 -> 10.16.0.2 - Restarting packages.
Aug 21 12:48:00	check_reload_status	428	Starting packages
Aug 21 12:48:00	check_reload_status	428	Reloading filter
Aug 21 12:48:01	php-fpm	45571	/rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
Aug 21 12:48:31	php-fpm	43380	/rc.newwanip: Creating rrd update script
Aug 21 12:48:33	kernel		vtnet0.10: promiscuous mode disabled
Aug 21 12:48:33	kernel		vtnet1: promiscuous mode disabled
Aug 21 12:48:33	kernel		vtnet0.30: promiscuous mode disabled
Aug 21 12:48:33	kernel		vtnet0.20: promiscuous mode disabled
Aug 21 12:48:33	kernel		vtnet0.999: promiscuous mode disabled
Aug 21 12:48:33	vnstatd	94480	vnStat daemon 2.11 (pid:94480 uid:0 gid:0, SQLite 3.43.1)
Aug 21 12:48:33	vnstatd	94480	Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
Aug 21 12:48:33	vnstatd	94480	Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit)
Aug 21 12:48:33	php-fpm	43380	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.16.0.2 -> 10.22.0.3 - Restarting packages.
Aug 21 12:48:33	check_reload_status	428	Starting packages
Aug 21 12:48:33	check_reload_status	428	Reloading filter
Aug 21 12:48:34	php-fpm	397	/rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
Aug 21 12:48:36	arpwatch	33916	listening on vtnet0
Aug 21 12:48:36	kernel		vtnet0.10: promiscuous mode enabled
Aug 21 12:48:36	arpwatch	34087	listening on vtnet0.10
Aug 21 12:48:36	kernel		vtnet0.20: promiscuous mode enabled
Aug 21 12:48:36	arpwatch	34436	listening on vtnet0.20
Aug 21 12:48:36	arpwatch	35139	Link layer type 0 not ethernet or fddi
Aug 21 12:48:36	kernel		vtnet0.30: promiscuous mode enabled
Aug 21 12:48:36	kernel		ovpnc2: promiscuous mode enabled
Aug 21 12:48:36	kernel		ovpnc2: promiscuous mode disabled
Aug 21 12:48:36	arpwatch	34681	listening on vtnet0.30
Aug 21 12:48:36	arpwatch	35875	pcap open : : No such device exists (No such device exists)
Aug 21 12:48:36	kernel		vtnet0.999: promiscuous mode enabled
Aug 21 12:48:36	kernel		vtnet1: promiscuous mode enabled
Aug 21 12:48:36	arpwatch	35559	listening on vtnet0.999
Aug 21 12:48:36	arpwatch	35992	listening on vtnet1
Aug 21 12:48:43	vnstatd	94480	SIGTERM received, exiting.
Aug 21 12:48:43	vnstatd	50165	vnStat daemon 2.11 (pid:50165 uid:0 gid:0, SQLite 3.43.1)
Aug 21 12:48:43	vnstatd	50165	Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
Aug 21 12:48:43	vnstatd	50165	Monitoring (12): vtnet1 (10000 Mbit) vtnet0.999 (10000 Mbit) vtnet0.40 (10000 Mbit) vtnet0.30 (10000 Mbit) vtnet0.20 (10000 Mbit) vtnet0.10 (10000 Mbit) vtnet0 (10000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns1 (1000 Mbit) ovpnc2 (1000 Mbit) enc0 (1000 Mbit)
Aug 21 12:48:43	vnstatd	52656	Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
Aug 21 12:48:43	lighttpd_pfb	53425	[pfBlockerNG] DNSBL Webserver stopped
Aug 21 12:48:43	tail_pfb	55087	[pfBlockerNG] Firewall Filter Service stopped
Aug 21 12:48:43	php_pfb	55982	[pfBlockerNG] filterlog daemon stopped
Aug 21 12:48:43	tail_pfb	58619	[pfBlockerNG] Firewall Filter Service started
Aug 21 12:48:43	lighttpd_pfb	60520	[pfBlockerNG] DNSBL Webserver started
Aug 21 12:48:43	php_pfb	59060	[pfBlockerNG] filterlog daemon started
Aug 21 12:48:43	php	61611	[pfBlockerNG] DNSBL parser daemon started
Aug 21 12:49:00	php-cgi	67732	servicewatchdog_cron.php: Service Watchdog detected service telegraf stopped. Restarting telegraf (Telegraf daemon)
Aug 21 12:49:06	php-cgi	70303	notify_monitor.php: Message sent to alert@xxxxxx.com OK
Aug 21 12:50:00	php-fpm	45571	/status_logs.php: Configuration Change: admin@192.168.2.21 (Local Database): Log Display Settings Saved (no backup, no sync): General

randombits

@randombits said in WAN only connects on unplug and plug back in:

Aug 21 12:37:54 php-cgi 453 rc.bootup: The command '/sbin/ifconfig 'vtnet1' inet6 delete' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address'

Just spotted this I wonder if it's a issue ?

stephenw10

Unlikely, it probably doesn't have an IPv6 address.

Which pfSense version is this?

randombits

@stephenw10 I just remembered I did briefly enable IPv6 in the WAN basically to see if it would pick up an address from my ISP it did. But I undid it. I'm using version

pfSense CE version 2.7.2-RELEASE (amd64)
built on Wed Dec 6 20:10:00 GMT 2023
FreeBSD 14.0-CURRENT

stephenw10

Hmm what do you see if you run?:

[2.7.2-RELEASE][admin@cedev-6.stevew.lan]/root: /sbin/route -n6 get 'default'
route: route has not been found: No error: 0

For some reason that is returning 1 for you during bootup which is probably preventing the rest of the script running.

randombits

@stephenw10 When it's working ok the same as you

[2.7.2-RELEASE][root@pfSense.localdomain]/root: /sbin/route -n6 get 'default'
route: route has not been found: No error: 0

I need to wait a bit before I can reboot and take the internet down as I'm up and downloading....

Just rebooted and it's the (no internet)

[2.7.2-RELEASE][root@pfSense.localdomain]/root: /sbin/route -n6 get 'default'
route: route has not been found: No error: 0

stephenw10

OK, so that's the no default IPv4 route situation?

randombits

@stephenw10 indeed, until WAN up-down

stephenw10

Hmm, curious. Try setting the IPv6 default gateway to something, WAN_DHCPv6 for example. That should remove the error at least.

randombits

@stephenw10 Well, As a sanity(in) check I installed another pfSense (VM) and lo and behold that has the same issue !

What I have is Proxmox with a single ethernet port with Proxmox provides the two NIC's for pfSense, the WAN NIC is on vlan 1000 and the switch splits that of into to ports. The ONT port is untagged 1000 solely (no vlan 1 internal to the switch) and LAN and other vlans are on one of the other ports

	g1	Trunk	1	1U	 
	g2	Trunk	1	1U	 
	g3	Trunk	1	1U	 
	g4	Trunk	1	1U	 
	g5	Trunk	1	1U,10T,20T,999T	 
	g6	Trunk	1	1U,10T,20T,999T,1000T	 
	g7	Access	1000	1000U	 
	g8	Trunk	1	1U,10T,20T,999T	 

Switch ports
1	-		1U
2	-		1U
3	-		1U
4	SPA		1U
5	AP		1U,10T,20T,999T	 
6	Server	        1U,10T,20T,999T,1000T	 
7	Modem	        1000U
8	-		1U,10T,20T,999T

stephenw10

Hmm, this starts to feel like a timing issue. I'm testing pretty much exactly that setup though without using VLANs.

Your WAN is pulling a DHCP lease from the ISP directly?

Does your test VM come up correctly if it pulls a lease from a local server?

randombits

@stephenw10 Yes, the WAN address is coming from the ISP directly, the ISP told me to set DHCP and set PNP - not a good idea so I didn't.

Not tested the local test VM other than setting it's WAN & LAN. It messed up a bit with my current pfSense running and every thing got a bit confused ... I'll have another go in a moment with the test VM.

I first conntacted my ISP with the issue and as expected they weren't a great deal of help. I'm maybe only one of very few that use a different router than the supplied Adtran - the ONT is Adtran too.

I set the test VM to get it's WAN from the main pfSense LAN and that worked, got an IP for it and can ping out.

The main pfSense gets an IP but no internet. One thing I thought is I wonder if the ISP has updated the firmware in the ONT or OLT, I asked but answer on that. Incidentally the supplied ISP's router connects ok

------------ rebooted test VM -----------


Aug 22 17:24:25	syslogd		kernel boot file is /boot/kernel/kernel
Aug 22 17:24:25	kernel		---<<BOOT>>---
Aug 22 17:24:25	kernel		Copyright (c) 1992-2023 The FreeBSD Project.
Aug 22 17:24:25	kernel		Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Aug 22 17:24:25	kernel		The Regents of the University of California. All rights reserved.
Aug 22 17:24:25	kernel		FreeBSD is a registered trademark of The FreeBSD Foundation.
Aug 22 17:24:25	kernel		FreeBSD 14.0-CURRENT amd64 1400094 #1 RELENG_2_7_2-n255948-8d2b56da39c: Wed Dec 6 20:45:47 UTC 2023
Aug 22 17:24:25	kernel		root@freebsd:/var/jenkins/workspace/pfSense-CE-snapshots-2_7_2-main/obj/amd64/StdASW5b/var/jenkins/workspace/pfSense-CE-snapshots-2_7_2-main/sources/FreeBSD-src-RELENG_2_7_2/amd64.amd64/sys/pfSense amd64
Aug 22 17:24:25	kernel		FreeBSD clang version 16.0.6 (https://github.com/llvm/llvm-project.git llvmorg-16.0.6-0-g7cbf1a259152)
Aug 22 17:24:25	kernel		VT(vga): text 80x25
Aug 22 17:24:25	kernel		CPU: QEMU Virtual CPU version 2.5+ (2496.09-MHz K8-class CPU)
Aug 22 17:24:25	kernel		Origin="GenuineIntel" Id=0x60fb1 Family=0xf Model=0x6b Stepping=1
Aug 22 17:24:25	kernel		Features=0x783fbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2>
Aug 22 17:24:25	kernel		Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV>
Aug 22 17:24:25	kernel		AMD Features=0x20100800<SYSCALL,NX,LM>
Aug 22 17:24:25	kernel		AMD Features2=0x1<LAHF>
Aug 22 17:24:25	kernel		Hypervisor: Origin = "KVMKVMKVM"
Aug 22 17:24:25	kernel		real memory = 2147483648 (2048 MB)
Aug 22 17:24:25	kernel		avail memory = 2016673792 (1923 MB)
Aug 22 17:24:25	kernel		Event timer "LAPIC" quality 100
Aug 22 17:24:25	kernel		ACPI APIC Table: <BOCHS BXPC >
Aug 22 17:24:25	kernel		random: unblocking device.
Aug 22 17:24:25	kernel		ioapic0 <Version 1.1> irqs 0-23
Aug 22 17:24:25	kernel		TCP_ratelimit: Is now initialized
Aug 22 17:24:25	kernel		wlan: mac acl policy registered
Aug 22 17:24:25	kernel		ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Aug 22 17:24:25	kernel		ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff807475a0, 0) error 1
Aug 22 17:24:25	kernel		ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Aug 22 17:24:25	kernel		ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff80747650, 0) error 1
Aug 22 17:24:25	kernel		ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Aug 22 17:24:25	kernel		ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff80747700, 0) error 1
Aug 22 17:24:25	kernel		iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Aug 22 17:24:25	kernel		iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80765180, 0) error 1
Aug 22 17:24:25	kernel		iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Aug 22 17:24:25	kernel		iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80765230, 0) error 1
Aug 22 17:24:25	kernel		iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Aug 22 17:24:25	kernel		iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 22 17:24:25	kernel		module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff807652e0, 0) error 1
Aug 22 17:24:25	kernel		random: entropy device external interface
Aug 22 17:24:25	kernel		kbd1 at kbdmux0
Aug 22 17:24:25	kernel		WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 14.0.
Aug 22 17:24:25	kernel		netgate0: <QEMU Guest>
Aug 22 17:24:25	kernel		kvmclock0: <KVM paravirtual clock>
Aug 22 17:24:25	kernel		Timecounter "kvmclock" frequency 1000000000 Hz quality 975
Aug 22 17:24:25	kernel		kvmclock0: registered as a time-of-day clock, resolution 0.000001s
Aug 22 17:24:25	kernel		vtvga0: <VT VGA driver>
Aug 22 17:24:25	kernel		smbios0: <System Management BIOS> at iomem 0xf5290-0xf52ae
Aug 22 17:24:25	kernel		smbios0: Version: 2.8, BCD Revision: 2.8
Aug 22 17:24:25	kernel		acpi0: <BOCHS BXPC>
Aug 22 17:24:25	kernel		acpi0: Power Button (fixed)
Aug 22 17:24:25	kernel		cpu0: <ACPI CPU> on acpi0
Aug 22 17:24:25	kernel		atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0
Aug 22 17:24:25	kernel		atrtc0: registered as a time-of-day clock, resolution 1.000000s
Aug 22 17:24:25	kernel		Event timer "RTC" frequency 32768 Hz quality 0
Aug 22 17:24:25	kernel		hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Aug 22 17:24:25	kernel		Timecounter "HPET" frequency 100000000 Hz quality 950
Aug 22 17:24:25	kernel		Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
Aug 22 17:24:25	kernel		acpi_timer0: <24-bit timer at 3.579545MHz> port 0x608-0x60b on acpi0
Aug 22 17:24:25	kernel		pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
Aug 22 17:24:25	kernel		pci0: <ACPI PCI bus> on pcib0
Aug 22 17:24:25	kernel		isab0: <PCI-ISA bridge> at device 1.0 on pci0
Aug 22 17:24:25	kernel		isa0: <ISA bus> on isab0
Aug 22 17:24:25	kernel		atapci0: <Intel PIIX3 WDMA2 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf0a0-0xf0af at device 1.1 on pci0
Aug 22 17:24:25	kernel		ata0: <ATA channel> at channel 0 on atapci0
Aug 22 17:24:25	kernel		ata1: <ATA channel> at channel 1 on atapci0
Aug 22 17:24:25	kernel		uhci0: <Intel 82371SB (PIIX3) USB controller> port 0xf040-0xf05f irq 11 at device 1.2 on pci0
Aug 22 17:24:25	kernel		usbus0 on uhci0
Aug 22 17:24:25	kernel		pci0: <bridge> at device 1.3 (no driver attached)
Aug 22 17:24:25	kernel		vgapci0: <VGA-compatible display> mem 0xfc000000-0xfcffffff,0xfea90000-0xfea90fff at device 2.0 on pci0
Aug 22 17:24:25	kernel		vgapci0: Boot video device
Aug 22 17:24:25	kernel		virtio_pci0: <VirtIO PCI (legacy) Balloon adapter> port 0xf000-0xf03f mem 0xfd600000-0xfd603fff irq 11 at device 3.0 on pci0
Aug 22 17:24:25	kernel		vtballoon0: <VirtIO Balloon Adapter> on virtio_pci0
Aug 22 17:24:25	kernel		pcib1: <ACPI PCI-PCI bridge> mem 0xfea91000-0xfea910ff irq 10 at device 5.0 on pci0
Aug 22 17:24:25	kernel		pci1: <ACPI PCI bus> on pcib1
Aug 22 17:24:25	kernel		virtio_pci1: <VirtIO PCI (legacy) SCSI adapter> port 0xe000-0xe03f mem 0xfe800000-0xfe800fff,0xfd400000-0xfd403fff irq 10 at device 1.0 on pci1
Aug 22 17:24:25	kernel		vtscsi0: <VirtIO SCSI Adapter> on virtio_pci1
Aug 22 17:24:25	kernel		virtio_pci2: <VirtIO PCI (legacy) Network adapter> port 0xf060-0xf07f mem 0xfea92000-0xfea92fff,0xfd604000-0xfd607fff irq 10 at device 18.0 on pci0
Aug 22 17:24:25	kernel		vtnet0: <VirtIO Networking Adapter> on virtio_pci2
Aug 22 17:24:25	kernel		vtnet0: Ethernet address: bc:24:11:23:6c:e0
Aug 22 17:24:25	kernel		vtnet0: netmap queues/slots: TX 1/256, RX 1/512
Aug 22 17:24:25	kernel		000.000761 [ 452] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=512
Aug 22 17:24:25	kernel		virtio_pci3: <VirtIO PCI (legacy) Network adapter> port 0xf080-0xf09f mem 0xfea93000-0xfea93fff,0xfd608000-0xfd60bfff irq 11 at device 19.0 on pci0
Aug 22 17:24:25	kernel		vtnet1: <VirtIO Networking Adapter> on virtio_pci3
Aug 22 17:24:25	kernel		vtnet1: Ethernet address: bc:24:11:95:85:5e
Aug 22 17:24:25	kernel		vtnet1: netmap queues/slots: TX 1/256, RX 1/512
Aug 22 17:24:25	kernel		000.000762 [ 452] vtnet_netmap_attach vtnet attached txq=1, txd=256 rxq=1, rxd=512
Aug 22 17:24:25	kernel		pcib2: <ACPI PCI-PCI bridge> mem 0xfea94000-0xfea940ff irq 10 at device 30.0 on pci0
Aug 22 17:24:25	kernel		pci2: <ACPI PCI bus> on pcib2
Aug 22 17:24:25	kernel		pcib3: <ACPI PCI-PCI bridge> mem 0xfea95000-0xfea950ff irq 11 at device 31.0 on pci0
Aug 22 17:24:25	kernel		pci3: <ACPI PCI bus> on pcib3
Aug 22 17:24:25	kernel		acpi_syscontainer0: <System Container> on acpi0
Aug 22 17:24:25	kernel		vmgenc0: <VM Generation Counter> on acpi0
Aug 22 17:24:25	kernel		acpi_syscontainer1: <System Container> port 0xaf00-0xaf0b on acpi0
Aug 22 17:24:25	kernel		acpi_syscontainer2: <System Container> port 0xafe0-0xafe3 on acpi0
Aug 22 17:24:25	kernel		acpi_syscontainer3: <System Container> port 0xae00-0xae17 on acpi0
Aug 22 17:24:25	kernel		atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
Aug 22 17:24:25	kernel		atkbd0: <AT Keyboard> irq 1 on atkbdc0
Aug 22 17:24:25	kernel		kbd0 at atkbd0
Aug 22 17:24:25	kernel		atkbd0: [GIANT-LOCKED]
Aug 22 17:24:25	kernel		psm0: <PS/2 Mouse> irq 12 on atkbdc0
Aug 22 17:24:25	kernel		psm0: [GIANT-LOCKED]
Aug 22 17:24:25	kernel		WARNING: Device "psm" is Giant locked and may be deleted before FreeBSD 14.0.
Aug 22 17:24:25	kernel		psm0: model IntelliMouse Explorer, device ID 4
Aug 22 17:24:25	kernel		fdc0: <floppy drive controller (FDE)> port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0
Aug 22 17:24:25	kernel		fdc0: does not respond
Aug 22 17:24:25	kernel		device_attach: fdc0 attach returned 6
Aug 22 17:24:25	kernel		orm0: <ISA Option ROM> at iomem 0xe7800-0xeffff pnpid ORM0000 on isa0
Aug 22 17:24:25	kernel		vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff pnpid PNP0900 on isa0
Aug 22 17:24:25	kernel		attimer0: <AT timer> at port 0x40 on isa0
Aug 22 17:24:25	kernel		Timecounter "i8254" frequency 1193182 Hz quality 0
Aug 22 17:24:25	kernel		Event timer "i8254" frequency 1193182 Hz quality 100
Aug 22 17:24:25	kernel		fdc0: No FDOUT register!
Aug 22 17:24:25	kernel		Timecounter "TSC-low" frequency 1247999989 Hz quality 800
Aug 22 17:24:25	kernel		Timecounters tick every 10.000 msec
Aug 22 17:24:25	kernel		usbus0: 12Mbps Full Speed USB v1.0
Aug 22 17:24:25	kernel		ZFS filesystem version: 5
Aug 22 17:24:25	kernel		ZFS storage pool version: features support (5000)
Aug 22 17:24:25	kernel		ugen0.1: <Intel UHCI root HUB> at usbus0
Aug 22 17:24:25	kernel		uhub0 on usbus0
Aug 22 17:24:25	kernel		uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
Aug 22 17:24:25	kernel		Trying to mount root from zfs:pfSense/ROOT/default []...
Aug 22 17:24:25	kernel		cd0 at ata1 bus 0 scbus1 target 0 lun 0
Aug 22 17:24:25	kernel		cd0: <QEMU QEMU DVD-ROM 2.5+> Removable CD-ROM SCSI device
Aug 22 17:24:25	kernel		cd0: Serial Number QM00003
Aug 22 17:24:25	kernel		cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
Aug 22 17:24:25	kernel		cd0: 1369MB (701060 2048 byte sectors)
Aug 22 17:24:25	kernel		da0 at vtscsi0 bus 0 scbus2 target 0 lun 0
Aug 22 17:24:25	kernel		da0: <QEMU QEMU HARDDISK 2.5+> Fixed Direct Access SPC-3 SCSI device
Aug 22 17:24:25	kernel		da0: 300.000MB/s transfers
Aug 22 17:24:25	kernel		da0: Command Queueing enabled
Aug 22 17:24:25	kernel		da0: 32768MB (67108864 512 byte sectors)
Aug 22 17:24:25	kernel		uhub0: 2 ports with 2 removable, self powered
Aug 22 17:24:25	kernel		ugen0.2: <QEMU QEMU USB Tablet> at usbus0
Aug 22 17:24:25	kernel		uhid0 on uhub0
Aug 22 17:24:25	kernel		uhid0: <QEMU QEMU USB Tablet, class 0/0, rev 2.00/0.00, addr 2> on usbus0
Aug 22 17:24:25	kernel		CPU: QEMU Virtual CPU version 2.5+ (2496.00-MHz K8-class CPU)
Aug 22 17:24:25	kernel		Origin="GenuineIntel" Id=0x60fb1 Family=0xf Model=0x6b Stepping=1
Aug 22 17:24:25	kernel		Features=0x78bfbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2>
Aug 22 17:24:25	kernel		Features2=0x82b82201<SSE3,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AESNI,HV>
Aug 22 17:24:25	kernel		AMD Features=0x20100800<SYSCALL,NX,LM>
Aug 22 17:24:25	kernel		AMD Features2=0x1<LAHF>
Aug 22 17:24:25	kernel		Hypervisor: Origin = "KVMKVMKVM"
Aug 22 17:24:25	kernel		intsmb0: <Intel PIIX4 SMBUS Interface> irq 9 at device 1.3 on pci0
Aug 22 17:24:25	kernel		intsmb0: intr IRQ 9 enabled revision 0
Aug 22 17:24:25	kernel		smbus0: <System Management Bus> on intsmb0
Aug 22 17:24:25	kernel		lo0: link state changed to UP
Aug 22 17:24:25	kernel		done.
Aug 22 17:24:25	kernel		vtnet1: link state changed to UP
Aug 22 17:24:25	kernel		vtnet0: link state changed to UP
Aug 22 17:24:25	check_reload_status	445	Linkup starting vtnet1
Aug 22 17:24:25	check_reload_status	445	Linkup starting vtnet0
Aug 22 17:24:26	php-fpm	396	/rc.linkup: Ignoring link event during boot sequence.
Aug 22 17:25:26	php-cgi	465	rc.bootup: calling interface_dhcpv6_configure.
Aug 22 17:25:26	php-cgi	465	rc.bootup: Accept router advertisements on interface vtnet0
Aug 22 17:25:26	php-cgi	465	rc.bootup: Starting DHCP6 client for interfaces vtnet0 in DHCP6 without RA mode
Aug 22 17:25:26	php-cgi	465	rc.bootup: Starting rtsold process on wan(vtnet0)
Aug 22 17:25:28	php-cgi	465	rc.bootup: Resyncing OpenVPN instances.
Aug 22 17:25:28	kernel		done.
Aug 22 17:25:28	kernel		pflog0: promiscuous mode enabled
Aug 22 17:25:28	php-cgi	465	rc.bootup: Gateway, NONE AVAILABLE
Aug 22 17:25:28	kernel		.done.
Aug 22 17:25:28	kernel		done.
Aug 22 17:25:28	php-cgi	465	rc.bootup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:25:29	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:30	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:31	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:32	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:33	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:34	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:35	php-cgi	465	rc.bootup: Unbound start waiting on dhcp6c.
Aug 22 17:25:35	php-fpm	396	/rc.newwanipv6: rc.newwanipv6: Info: starting on vtnet0.
Aug 22 17:25:35	php-fpm	396	/rc.newwanipv6: rc.newwanipv6: on (IP address: 2a0c:4f47:8030:2::1) (interface: wan) (real interface: vtnet0).
Aug 22 17:25:35	php-fpm	396	/rc.newwanipv6: Gateway, NONE AVAILABLE
Aug 22 17:25:35	php-fpm	396	/rc.newwanipv6: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:25:36	php-cgi	465	rc.bootup: dhcp6 init complete. Continuing
Aug 22 17:25:36	php-cgi	465	rc.bootup: sync unbound done.
Aug 22 17:25:36	kernel		done.
Aug 22 17:25:37	kernel		done.
Aug 22 17:26:07	kernel		done.
Aug 22 17:26:07	kernel		done.
Aug 22 17:26:07	php-cgi	465	rc.bootup: NTPD is starting up.
Aug 22 17:26:08	kernel		done.
Aug 22 17:26:08	check_reload_status	445	Updating all dyndns
Aug 22 17:26:09	kernel		....
Aug 22 17:26:09	php-cgi	465	rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).'
Aug 22 17:26:09	kernel		.done.
Aug 22 17:26:13	php-cgi	465	rc.bootup: Creating rrd update script
Aug 22 17:26:13	syslogd		exiting on signal 15
Aug 22 17:26:13	syslogd		kernel boot file is /boot/kernel/kernel
Aug 22 17:26:13	kernel		done.
Aug 22 17:26:14	php-fpm	396	/rc.start_packages: Restarting/Starting all packages.
Aug 22 17:26:14	root	36514	Bootup complete
Aug 22 17:26:15	login	79662	login on ttyv0 as root
Aug 22 17:26:15	sshguard	81305	Now monitoring attacks.
Aug 22 17:36:33	check_reload_status	445	rc.newwanip starting vtnet0
Aug 22 17:36:34	php-fpm	396	/rc.newwanip: rc.newwanip: Info: starting on vtnet0.
Aug 22 17:36:34	php-fpm	396	/rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: vtnet0).
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: Default gateway setting Interface WAN_DHCP Gateway as default.
Aug 22 17:36:37	rc.gateway_alarm	58962	>>> Gateway alarm: WAN_DHCP (Addr:xxx.xxx.xxx.xxx Alarm:1 RTT:0ms RTTsd:0ms Loss:100%)
Aug 22 17:36:37	check_reload_status	445	updating dyndns WAN_DHCP
Aug 22 17:36:37	check_reload_status	445	Restarting IPsec tunnels
Aug 22 17:36:37	check_reload_status	445	Restarting OpenVPN tunnels/interfaces
Aug 22 17:36:37	check_reload_status	445	Reloading filter
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
Aug 22 17:36:37	php-fpm	396	/rc.newwanip: Creating rrd update script
Aug 22 17:36:38	php-fpm	75474	/rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
Aug 22 17:36:38	php-fpm	75474	/rc.openvpn: Default gateway setting Interface WAN_DHCP Gateway as default.
Aug 22 17:36:38	php-fpm	75474	/rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:36:39	php-fpm	396	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
Aug 22 17:36:39	check_reload_status	445	Starting packages
Aug 22 17:36:39	check_reload_status	445	Reloading filter
Aug 22 17:36:40	php-fpm	75474	/rc.start_packages: Restarting/Starting all packages.
Aug 22 17:38:10	php-fpm	396	/index.php: Successful login for user 'admin' from: 192.168.2.21 (Local Database)
Aug 22 17:38:13	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:14	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:15	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:16	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:17	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:19	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:20	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:21	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:22	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:23	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:24	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:38:25	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:40:00	sshguard	81305	Exiting on signal.
Aug 22 17:40:00	sshguard	29094	Now monitoring attacks.


----------- Toggled WAN on testVM ------------

Aug 22 17:44:59	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:00	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:01	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:02	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:03	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:04	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:05	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:06	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:07	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:08	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:09	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:10	kernel		arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx on vtnet0
Aug 22 17:45:31	kernel		vtnet0: link state changed to DOWN
Aug 22 17:45:31	check_reload_status	445	Linkup starting vtnet0
Aug 22 17:45:32	php-fpm	397	/rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp, 6: dhcp6)
Aug 22 17:45:32	php-fpm	397	/rc.linkup: DEVD Ethernet detached event for wan
Aug 22 17:45:34	check_reload_status	445	Reloading filter
Aug 22 17:45:34	rc.gateway_alarm	77152	>>> Gateway alarm: WAN_DHCP (Addr:xxx.xxx.xxx.xxx Alarm:down RTT:0ms RTTsd:0ms Loss:100%)
Aug 22 17:45:34	check_reload_status	445	updating dyndns WAN_DHCP
Aug 22 17:45:34	check_reload_status	445	Restarting IPsec tunnels
Aug 22 17:45:34	check_reload_status	445	Restarting OpenVPN tunnels/interfaces
Aug 22 17:45:34	check_reload_status	445	Reloading filter
Aug 22 17:45:36	check_reload_status	445	Linkup starting vtnet0
Aug 22 17:45:36	kernel		vtnet0: link state changed to UP
Aug 22 17:45:37	php-fpm	396	/rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp, 6: dhcp6)
Aug 22 17:45:37	php-fpm	396	/rc.linkup: DEVD Ethernet attached event for wan
Aug 22 17:45:37	php-fpm	396	/rc.linkup: HOTPLUG: Configuring interface wan
Aug 22 17:45:37	check_reload_status	445	rc.newwanip starting vtnet0
Aug 22 17:45:37	php-fpm	396	/rc.linkup: calling interface_dhcpv6_configure.
Aug 22 17:45:37	php-fpm	396	/rc.linkup: Accept router advertisements on interface vtnet0
Aug 22 17:45:37	php-fpm	396	/rc.linkup: Starting DHCP6 client for interfaces vtnet0 in DHCP6 without RA mode
Aug 22 17:45:37	php-fpm	396	/rc.linkup: Starting rtsold process on wan(vtnet0)
Aug 22 17:45:38	php-fpm	75474	/rc.newwanip: rc.newwanip: Info: starting on vtnet0.
Aug 22 17:45:38	php-fpm	75474	/rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: vtnet0).
Aug 22 17:45:39	php-fpm	397	/rc.newwanipv6: rc.newwanipv6: Info: starting on vtnet0.
Aug 22 17:45:39	php-fpm	397	/rc.newwanipv6: rc.newwanipv6: on (IP address: 2a0c:4f47:8030:2::1) (interface: wan) (real interface: vtnet0).
Aug 22 17:45:40	php-fpm	396	/rc.linkup: Gateway, NONE AVAILABLE
Aug 22 17:45:40	php-fpm	75474	/rc.newwanip: Gateway, NONE AVAILABLE
Aug 22 17:45:40	php-fpm	396	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:45:40	php-fpm	75474	/rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:45:40	php-fpm	75474	/rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
Aug 22 17:45:40	check_reload_status	445	Restarting IPsec tunnels
Aug 22 17:45:40	php-fpm	75474	/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
Aug 22 17:45:40	check_reload_status	445	updating dyndns wan
Aug 22 17:45:40	php-fpm	75474	/rc.newwanip: Creating rrd update script
Aug 22 17:45:40	check_reload_status	445	Reloading filter
Aug 22 17:45:40	php-fpm	397	/rc.newwanipv6: Gateway, NONE AVAILABLE
Aug 22 17:45:40	php-fpm	397	/rc.newwanipv6: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
Aug 22 17:45:40	check_reload_status	445	Reloading filter
Aug 22 17:45:40	php-fpm	397	/rc.newwanipv6: Resyncing OpenVPN instances for interface WAN.
Aug 22 17:45:40	php-fpm	397	/rc.newwanipv6: Creating rrd update script
Aug 22 17:45:40	php-fpm	397	/rc.newwanipv6: pfSense package system has detected an IP change or dynamic WAN reconnection - -> 2a0c:4f47:8030:2::1 - Restarting packages.
Aug 22 17:45:40	check_reload_status	445	Starting packages
Aug 22 17:45:41	php-fpm	397	/rc.start_packages: Restarting/Starting all packages.
Aug 22 17:45:42	php-fpm	75474	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
Aug 22 17:45:42	check_reload_status	445	Starting packages
Aug 22 17:45:42	check_reload_status	445	Reloading filter
Aug 22 17:45:43	php-fpm	71050	/rc.start_packages: Restarting/Starting all packages.