Firewall going back into factory default after reboot

jimp

If someone comes up with a good way to reproduce any of these issues it would help. I've never seen it happen, so it's hard to speculate as to what might be happening.

As to getting going again, just get back into the interface one way or another and try to restore a backup from Diagnostics > Backup/Restore, on the Config History tab.

tbaror

@jimp:

If someone comes up with a good way to reproduce any of these issues it would help. I've never seen it happen, so it's hard to speculate as to what might be happening.

As to getting going again, just get back into the interface one way or another and try to restore a backup from Diagnostics > Backup/Restore, on the Config History tab.

Hi
I would like to post diagnostic but once its getting in such situation there is no way (for me) to make interface up again i find myself reinstalling system all over again, so the only way i see is to post complete pc image, or if you can indicate another way to retrieve the current config for posting.

Thanks

jimp

Press ctrl-c, or type "exit" at the interface prompts
break to a shell and:

 cp /conf/config.xml /conf/config.broken

And then try a factory reset from the menu

If you can mount a usb stick and copy it there, that would help too

mount -t msdos /dev/da0 /mnt
cp /conf/config.xml /mnt/config.broken
umount /mnt

Or at least look in the config, specifically at the interfaces portion, and see if you can tell us what it looks like (maybe pictures of the screen?)

tbaror

@jimp:

Press ctrl-c, or type "exit" at the interface prompts
break to a shell and:

 cp /conf/config.xml /conf/config.broken

And then try a factory reset from the menu

If you can mount a usb stick and copy it there, that would help too

mount -t msdos /dev/da0 /mnt
cp /conf/config.xml /mnt/config.broken
umount /mnt

Or at least look in the config, specifically at the interfaces portion, and see if you can tell us what it looks like (maybe pictures of the screen?)

Ok Jimp i will do it (mount usb) and post it by next Monday.
Thanks

louis-m

i've watched mine boot up after the upgrade on the console and it runs through without errors etc, just doesn't see any configured interfaces and starts the wan detection.
i then boot into the working slice and i have to reinstall snort etc to get it back to normal.

wallabybob

@jimp:

If someone comes up with a good way to reproduce any of these issues it would help.

I think there are a few issues here. One is that on some reboots pfSense wants to reconfigure the interfaces. I have seen this a number of times when the set of detected interfaces is different from the set of confgured interfaces. I believe this can be reliably and most conveniently reproduced by removing a configured USB interface before startup. I have a USB ethernet interface which occasionally doesn't get detected on startup after a panic. To the best of my recollection I have been able to recover every time by leaving the console at the prompt for the WAN (?) interface and removing and inserting the USB interface until its green (power?) LED comes on then typing ctrl-ATL-DEL on the keyboard to get a reboot. I have also seen a reconfigure on startup when a configured PCI interface is not detected at all but this is probably a little more awkward to reproduce than removing a USB interface.

A second issue is the appearance of "phantom" or clone interfaces. I posted a reproducer for "clone" interfaces in http://forum.pfsense.org/index.php/topic,27643.0.html

Efonnes

What type of connection is WAN?  If it is PPTP or PPPoE, was it configured from the setup wizard?  You could check your config.xml for an interface entry with some other name besides wan, lan, or opt# that may be there.

ccnet

Using pfSense-2.0-BETA4-20100923-1042
Hardware Compaq DL360 G1 PIII/866 512 MO.

Wan : dhcp 192.168.1.100/24
Lan static (set from console) 192.168.7.254/24

After a reboot ip address on Lan is lost. Openvpn configured with 192.168.11.0/24. No new hardware on the machine. No usb device.

Efonnes

ccnet:
If that isn't about the interface assignment prompt coming up at boot, you should make a separate topic for that.

firewold

In my case it happens when installing the OpenVPN export package.  An additional not configured IF that is actually used by the WAN in my system.
If this interface is not removed from the configuration the system will reboot in what appears to be factory default.  At this point you can only re-install pfsense.

tbaror

Hello all,

Here is my current Firewall config file, currently FW is stacked with network detection.
Please advice

Thanks

config.txt

jimp

@tbaror:

Hello all,

Here is my current Firewall config file, currently FW is stacked with network detection.
Please advice

Thanks

If you remove this line:

From just above "", does it work?

Not sure how/why that got inside that tag.

tbaror

If you remove this line:

From just above "", does it work?

Not sure how/why that got inside that tag.

I think you right, since i did file comparable with last backup i did and  "ppppoe1" is highlighted straight away.
I will remove this line and check it , also don't have any clue how it been added to config file.
Thanks

vito

@jimp:

@tbaror:

Hello all,

Here is my current Firewall config file, currently FW is stacked with network detection.
Please advice

Thanks

If you remove this line:

From just above "", does it work?

Not sure how/why that got inside that tag.

Jimp,
Same problem here.
After i saw your post, i went to check my config also.

i had <em0>just above

removed the line, reinstalled, and uploaded the config.
pfsense came back up. (NOTE: my packages did not reinstall)

PF info:
2.0-BETA4  (i386)
built on Wed Sep 22 21:47:59 EDT 2010
FreeBSD 8.1-RELEASE-p1</em0>

vito

Ok,
After i started adding my packages again the rouge interface reappeared.

packages installed:
openvpn export (note: this failed to install but was still in the installed pages list)
HAVP
Snort
Squid
Squid Guard.

Note sure it is related, but it seemed odd

tbaror

Ok,
After i started adding my packages again the rouge interface reappeared.

packages installed:
openvpn export (note: this failed to install but was still in the installed pages list)
HAVP
Snort
Squid
Squid Guard.

Note sure it is related, but it seemed odd

Hi Vito

I think we have something in common in booth of our FW  except Squid Guard we have the same package structure
for me its happen twice  in  1st time SQUID was not install but the last addition where OpenVpn.
could it be that OpenVpn is adding something to Interface ?when its happen in the 2nd time i just got into OpenVpn>client section (but not the very last action in the fw)since i didn't configure it yet started to do client configuration but then cancel it,  then exit configuration.

vito

I have not done a fresh clean install to test more.
But i have not had the problem on the past few snaps.

kilthro

I have been having an issue with network mismatch on the beta and snort with a rogue wan interface that  gets duplicated. I have pasted the info from my original thread

I have been experiencing a problem that I dont know how to correct (if it is fixable) and was hoping someone could help.

I am running on the current beta version and this has happened since the 9/17 build (first time with pfsense). This may also be a problem with the snort package directly. If so, please move the topic.

As the title says, I am getting a duplicate WAN interface. I have two netgear gigabit cards. RE0 is wan and RE1 is the lan. Everything works fine until I configure snort in the global settings when its already set up to monitor the WAN interface. After I apply the settings, I will notice that in the interface menu in pfsense I will have three interfaces instead of 2. I will have the wan interface listed wich is what i originally configured RE0 to be and then a Lan interface that I configued re1 to be. Then at the bottom of the list another RE0 appears. it does have the option to change what physical card to select in the pull down either RE0(wan) or re1 (lan). The big problem here is, I cant delete the RE0 entry and if I reboot, I get a never ending network interface mismatch error and it wants me to reset up the interfaces like it does when you first install the firewall.  Unfortunately it never completes that state and keeps asking me to set it up over and over.
When trying to delete the entry via the interface menu i get
Fatal error: Cannot unset string offsets in /usr/local/www/interfaces_assign.php on line 25
I have even tried disabling the wan interface and deleting it and still same error.

After a long process of package isololation it seems like it only happens after Snort is installed and configured. I do have snort configured to monitor the Wan interface.

Prior to installing the snort package i do have the following packages installed and setup

Country Block 1.7 (have had 1.5 and 1.6 as well)
Cron 0.1.5
darkstat 3.0.712
diag_new_states 0.2

So I dont know how to keep that duplicate interface from showing up.

Is there a file that I can edit to manually remove it? I know if I export settings, then restore to factory defaults then import the settings again it will give me the mis match error. So I have edited the xml to remove the bad re0 entry and can resetup but the problem will reapear if I mess with snort. Well so I am experiencing.

Anyone got any suggestions on how to remove that bogus interface? Any Help would be greatly appreciated.

I included screnshots . They are edited to keep ips and full mac addresses private. 

kilthro

One somewhat workaround that I found will allow me to run snort and all but the issue will come back if I change settings and re-save them

What I have done so far is setup pfsense the way I want it including packages. Get Snort installed and configured the way I want it. Yes it will duplicate the interface. Then I backup all the settings in pfsense. (the exported xml.)

Then I edit the xml and remove the duplicated interface. It is listed in the interface section but with no settings. So I delete it, then save. I then go to pfsense and select restore to defaults.

This will erase everything back to as if you just installed it. Then I reset lan interface IP so I can access the web config at the console.

Then once I am in the webgui I import the backup xml that I exported earlier. Then it will reinstall all packages and settings ect then reboot. When pfsense comes back, I will have all packages running including snort with all settings and no duplicated wan interface.

This is a pain in the butt to do all the time. However its the only work around I know of at them moment. Unless someone knows the exact file that I can edit to remove the duplicated interface so I dont get caught in that endless mismatch error.

jimp

I found a case where it might be possible that the interface could be duplicated in certain conditions under snort.

If anyone was seeing this problem and had snort installed, if you could reinstall snort any time after 10:20am EDT today and then try to see if you can replicate the issue.