Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Portal fails regularly after upgrading from 2.0.1 to 2.0.2

    Scheduled Pinned Locked Moved Captive Portal
    43 Posts 15 Posters 27.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      Slam
      last edited by

      I'm running 64bit version full install in a vm.

      Same problem a moment ago, so I dropped to the console and killed the process running lightys captive portal instance and then restarted the captive portal from the gui and it started up fine, I doubled checked lightys error log and found this.

      2012-12-31 22:19:28: (log.c.166) server started
      2012-12-31 22:19:28: (server.c.987) WARNING: unknown config-key: evasive.max-conns-per-ip (ignored)

      I know its just a warning but I have "Maximum concurrent connections" set to a value of "6" in the captive portal gui, I removed this value, restarted the captive portal and the warning went away, I dont know if this is related but I thought I'd mention it.

      1 Reply Last reply Reply Quote 0
      • E Offline
        eri--
        last edited by

        Can you please gitsync to RELENG_2_0 branch and see if that fixes for you?

        1 Reply Last reply Reply Quote 0
        • D Offline
          dgwilson
          last edited by

          @ermal:

          Can you please gitsync to RELENG_2_0 branch and see if that fixes for you?

          Hello.  More than happy to do so… err how?

          • David
          1 Reply Last reply Reply Quote 0
          • D Offline
            dgwilson
            last edited by

            @ermal:

            Can you please gitsync to RELENG_2_0 branch and see if that fixes for you?

            OK. found this… http://doc.pfsense.org/index.php/Updating_pfSense_code_between_snapshots
            Actioning now.

            • David
            1 Reply Last reply Reply Quote 0
            • D Offline
              dgwilson
              last edited by

              @ermal:

              Can you please gitsync to RELENG_2_0 branch and see if that fixes for you?

              Captive portal is running.

              The following messages are in the error logs:

              Jan 3 08:12:19 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:12:19 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:12:19 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:12:19 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:13 lighttpd[60409]: (mod_fastcgi.c.3329) response not received, request sent: 927 on socket: unix:/tmp/php-fastcgi.socket-1 for /graph.php?ifnum=wan&ifname=WAN&timeint=3&initdelay=4, closing connection
              Jan 3 08:10:13 lighttpd[60409]: (mod_fastcgi.c.3329) response not received, request sent: 927 on socket: unix:/tmp/php-fastcgi.socket-1 for /graph.php?ifnum=wan&ifname=WAN&timeint=3&initdelay=4, closing connection
              Jan 3 08:10:12 lighttpd[60409]: (mod_fastcgi.c.3282) child exited, pid: 35644 status: 0
              Jan 3 08:10:12 lighttpd[60409]: (mod_fastcgi.c.3282) child exited, pid: 35644 status: 0
              Jan 3 08:10:12 lighttpd[60409]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 35644 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:12 lighttpd[60409]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 35644 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:08 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 2
              Jan 3 08:10:08 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 2
              Jan 3 08:10:08 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-0
              Jan 3 08:10:08 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-0
              Jan 3 08:10:07 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:10:07 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:10:07 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:07 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:01 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:10:01 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:10:01 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:10:01 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:09:42 check_reload_status: Reloading filter
              Jan 3 08:09:42 lighttpd[17609]: (log.c.166) server started
              Jan 3 08:09:42 lighttpd[17609]: (log.c.166) server started

              These errors are continuing…

              Jan 3 08:14:59 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:14:59 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:14:59 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:14:59 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:14:32 lighttpd[17609]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:14:32 lighttpd[17609]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:14:32 lighttpd[17609]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:14:32 lighttpd[17609]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:14:18 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 2
              Jan 3 08:14:18 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 2
              Jan 3 08:14:18 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:14:18 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1

              I can't validate at the moment if the captive Portal is working….

              I removed an allowed host from the portal.
              It could still access the internet.
              I restarted the captive portal... and now it's failing again.

              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 1 load: 1
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 1 load: 1
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-0
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-0
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:20:43 lighttpd[60409]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:20:22 lighttpd[60409]: (mod_fastcgi.c.2760) fcgi-server re-enabled: 0 /tmp/php-fastcgi.socket
              Jan 3 08:20:22 lighttpd[60409]: (mod_fastcgi.c.2760) fcgi-server re-enabled: 0 /tmp/php-fastcgi.socket
              Jan 3 08:20:20 php: /status_services.php: The command '/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf' returned exit code '255', the output was '2013-01-03 08:20:20: (network.c.385) can't bind to port: 8000 Address already in use'

              Next step - reboot firewall.

              Rebooted- home page says it's NOT running, then says it is running…

              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.3329) response not received, request sent: 927 on socket: unix:/tmp/php-fastcgi.socket-1 for /graph.php?ifnum=wan&ifname=WAN&timeint=3&initdelay=4, closing connection
              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.3329) response not received, request sent: 927 on socket: unix:/tmp/php-fastcgi.socket-1 for /graph.php?ifnum=wan&ifname=WAN&timeint=3&initdelay=4, closing connection
              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.3282) child exited, pid: 32580 status: 0
              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.3282) child exited, pid: 32580 status: 0
              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 32580 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:30:26 lighttpd[31743]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 32580 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:55 apinger: rrdtool respawning too fast, waiting 300s.
              Jan 3 08:26:50 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:50 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:50 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:50 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.3329) response not received, request sent: 669 on socket: unix:/tmp/php-fastcgi.socket-1 for /index.php?redirurl=/configurations/pep/pipeline/pipeline2.html, closing connection
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.3329) response not received, request sent: 669 on socket: unix:/tmp/php-fastcgi.socket-1 for /index.php?redirurl=/configurations/pep/pipeline/pipeline2.html, closing connection
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 35226 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:35 lighttpd[52016]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 35226 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:34 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:34 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:34 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:34 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.1732) connect failed: Connection refused on unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.3329) response not received, request sent: 3060 on socket: unix:/tmp/php-fastcgi.socket-1 for /index.php?redirurl=/index.php?redirurl=http%3A%2F%2Fax.init.itunes.apple.com%2Fbag.xml%3Fix%3D2, closing connection
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.3329) response not received, request sent: 3060 on socket: unix:/tmp/php-fastcgi.socket-1 for /index.php?redirurl=/index.php?redirurl=http%3A%2F%2Fax.init.itunes.apple.com%2Fbag.xml%3Fix%3D2, closing connection
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 0 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:27 lighttpd[52016]: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 0 socket: unix:/tmp/php-fastcgi.socket-1
              Jan 3 08:26:12 check_reload_status: Reloading filter
              Jan 3 08:26:12 login: login on ttyv0 as root
              Jan 3 08:26:09 php: : IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
              Jan 3 08:26:09 bandwidthd: Packet Encoding: Ethernet
              Jan 3 08:26:09 bandwidthd: Opening xl0
              Jan 3 08:26:09 bandwidthd: Monitoring subnet 203.97.236.0 with netmask 203.97.236.0
              Jan 3 08:26:09 bandwidthd: Monitoring subnet 192.168.250.0 with netmask 192.168.250.0
              Jan 3 08:26:09 bandwidthd: Monitoring subnet 192.168.10.0 with netmask 192.168.10.0
              Jan 3 08:26:09 bandwidthd: Monitoring subnet 192.168.10.0 with netmask 192.168.10.0
              Jan 3 08:26:04 php: : The command '/usr/local/etc/rc.d/bandwidthd.sh stop' returned exit code '1', the output was 'No matching processes were found'
              Jan 3 08:26:04 php: : The command '/usr/local/etc/rc.d/bandwidthd.sh stop' returned exit code '1', the output was 'No matching processes were found'
              Jan 3 08:26:04 kernel: xl0: promiscuous mode enabled
              Jan 3 08:26:02 php: : The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
              Jan 3 08:25:59 php: : Restarting/Starting all packages.
              Jan 3 08:25:56 miniupnpd[63000]: Listening for NAT-PMP traffic on port 5351
              Jan 3 08:25:56 miniupnpd[63000]: Listening for NAT-PMP traffic on port 5351
              Jan 3 08:25:56 miniupnpd[63000]: HTTP listening on port 2189
              Jan 3 08:25:56 miniupnpd[63000]: HTTP listening on port 2189
              Jan 3 08:25:56 php: : miniupnpd: Starting service on interface: lan
              Jan 3 08:25:55 apinger: Error while feeding rrdtool: Broken pipe
              Jan 3 08:25:55 php: : Creating rrd update script
              Jan 3 08:25:49 check_reload_status: Restarting ipsec tunnels
              Jan 3 08:25:46 lighttpd[52016]: (log.c.166) server started
              Jan 3 08:25:46 lighttpd[52016]: (log.c.166) server started
              Jan 3 08:25:29 kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding enabled, default to accept, logging disabled
              Jan 3 08:25:23 dnsmasq[42232]: read /etc/hosts - 59 addresses
              Jan 3 08:25:22 check_reload_status: Updating all dyndns
              Jan 3 08:25:22 dnsmasq[42232]: ignoring nameserver 127.0.0.1 - local interface
              Jan 3 08:25:22 dnsmasq[42232]: ignoring nameserver 127.0.0.1 - local interface
              Jan 3 08:25:22 dnsmasq[42232]: using nameserver 203.97.78.43#53
              Jan 3 08:25:22 dnsmasq[42232]: using nameserver 203.97.78.44#53
              Jan 3 08:25:22 dnsmasq[42232]: reading /etc/resolv.conf
              Jan 3 08:25:22 dnsmasq[42232]: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack
              Jan 3 08:25:22 dnsmasq[42232]: started, version 2.63 cachesize 10000
              Jan 3 08:25:21 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
              Jan 3 08:25:16 ntpdate[38757]: step time server 202.78.240.38 offset 1.736489 sec
              Jan 3 08:25:06 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
              Jan 3 08:25:01 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
              Jan 3 08:25:01 dhcpd: All rights reserved.
              Jan 3 08:25:01 dhcpd: Copyright 2004-2012 Internet Systems Consortium.
              Jan 3 08:25:01 dhcpd: Internet Systems Consortium DHCP Server 4.2.4-P1
              Jan 3 08:25:01 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
              Jan 3 08:25:00 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
              Jan 3 08:24:59 php: : ROUTING: setting default route to 203.97.236.1
              Jan 3 08:24:58 lighttpd[31743]: (log.c.166) server started
              Jan 3 08:24:58 lighttpd[31743]: (log.c.166) server started
              Jan 3 08:24:55 apinger: Starting Alarm Pinger, apinger(17845)
              Jan 3 08:24:54 sshlockout[16863]: sshlockout/webConfigurator v3.0 starting up
              Jan 3 08:24:54 sshd[16759]: Server listening on 0.0.0.0 port 222.
              Jan 3 08:24:54 sshd[16759]: Server listening on :: port 222.
              Jan 3 08:24:53 kernel: load_dn_sched dn_sched PRIO loaded
              Jan 3 08:24:53 kernel: load_dn_sched dn_sched WF2Q+ loaded
              Jan 3 08:24:53 kernel: load_dn_sched dn_sched RR loaded
              Jan 3 08:24:53 kernel: load_dn_sched dn_sched QFQ loaded
              Jan 3 08:24:53 kernel: load_dn_sched dn_sched FIFO loaded
              Jan 3 08:24:53 check_reload_status: Linkup starting rl2

              testing on device that I removed the host for… it requested authentication and then proceeded to the page for a successful load.

              So it's working... with issues?

              1 Reply Last reply Reply Quote 0
              • S Offline
                Slam
                last edited by

                I've also applied the updated with gitsync after taking a snapshot of my vm, JIC.

                Also Ermal thanks for the mod_evasive/max concurrent connections fix , it is now working….as well as the bug with traffic graph reported on another post.

                Log in reverse order.

                Jan 3 05:08:58 dhclient: RENEW
                Jan 3 05:08:17 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:17 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:17 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:17 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:16 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:16 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:12 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:12 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:12 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:12 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:09 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:08 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:08 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:07 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:07 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:07 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:08:07 lighttpd[25142]: (mod_evasive.c.183) 10.0.0.228 turned away. Too many connections.
                Jan 3 05:07:14 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 05:04:47 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 05:01:54 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 04:59:36 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 04:58:52 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 04:55:18 dnsmasq[32508]: read /etc/hosts - 48 addresses
                Jan 3 04:54:18 check_reload_status: Reloading filter
                Jan 3 04:54:18 lighttpd[25142]: (log.c.166) server started
                Jan 3 04:54:18 lighttpd[25142]: (log.c.166) server started
                Jan 3 04:54:15 kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding enabled, default to accept, logging disabled
                Jan 3 04:54:14 check_reload_status: Syncing firewall
                Jan 3 04:53:51 lighttpd[11896]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
                Jan 3 04:53:51 lighttpd[11896]: (mod_fastcgi.c.3002) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 0 load: 1
                Jan 3 04:53:51 lighttpd[11896]: (mod_fastcgi.c.1732) connect failed: No such file or directory on unix:/tmp/php-fastcgi.socket-1
                Jan 3 04:53:51 lighttpd[11896]: (mod_fastcgi.c.1732) connect failed: No such file or directory on unix:/tmp/php-fastcgi.socket-1
                Jan 3 04:53:33 lighttpd[13787]: (server.c.1546) server stopped by UID = 0 PID = 2939
                Jan 3 04:53:33 lighttpd[13787]: (server.c.1546) server stopped by UID = 0 PID = 2939
                Jan 3 04:52:52 kernel: IP firewall unloaded
                Jan 3 04:52:52 check_reload_status: Reloading filter
                Jan 3 04:52:52 minicron: (/etc/rc.prunecaptiveportal) terminated by signal 15 (Terminated: 15)
                Jan 3 04:52:52 check_reload_status: Syncing firewall
                Jan 3 04:51:00 apinger: Error while feeding rrdtool: Broken pipe
                Jan 3 04:50:55 php[14668]: /services_captiveportal.php: The command '/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf' returned exit code '255', the output was '2013-01-03 04:50:55: (network.c.385) can't bind to port: 8000 Address already in use'
                Jan 3 04:50:54 minicron: (/etc/rc.prunecaptiveportal) terminated by signal 15 (Terminated: 15)
                Jan 3 04:50:50 check_reload_status: Reloading filter
                Jan 3 04:50:50 php[15003]: /services_captiveportal.php: The command '/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf' returned exit code '255', the output was '2013-01-03 04:50:50: (network.c.385) can't bind to port: 8000 Address already in use'
                Jan 3 04:50:47 minicron: (/etc/rc.prunecaptiveportal) terminated by signal 15 (Terminated: 15)
                Jan 3 04:50:47 check_reload_status: Syncing firewall
                Jan 3 04:50:10 php: : Creating rrd update script
                Jan 3 04:50:10 lighttpd[13787]: (log.c.166) server started
                Jan 3 04:50:10 lighttpd[13787]: (log.c.166) server started
                Jan 3 04:50:09 lighttpd[11896]: (log.c.166) server started
                Jan 3 04:50:09 lighttpd[11896]: (log.c.166) server started
                Jan 3 04:50:06 check_reload_status: webConfigurator restart in progress
                Jan 3 04:50:01 php: : Start Configuration upgrade at 04:50:01, set execution timeout to 15 minutes

                Ahh and thanks outputing lightys error log to diag_logs, Ill report back if there are any problems.

                1 Reply Last reply Reply Quote 0
                • E Offline
                  eri--
                  last edited by

                  I put some more fixes in there so just gitsync again.

                  1 Reply Last reply Reply Quote 0
                  • D Offline
                    dgwilson
                    last edited by

                    @ermal:

                    I put some more fixes in there so just gitsync again.

                    So far so good.

                    Something was horribly wrong after the update was applied. Responses to the web interface virtually stopped… so I rebooted.

                    Testing with a single device has been successful. Software, after a few minutes, appears stable according to the logs.

                    • David

                    Jan 4 07:51:11 apinger: rrdtool respawning too fast, waiting 300s.
                    Jan 4 07:50:39 login: login on ttyv0 as root
                    Jan 4 07:50:38 check_reload_status: Reloading filter
                    Jan 4 07:50:32 bandwidthd: Packet Encoding: Ethernet
                    Jan 4 07:50:32 php: : IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
                    Jan 4 07:50:32 bandwidthd: Opening xl0
                    Jan 4 07:50:32 bandwidthd: Monitoring subnet 203.97.236.0 with netmask 203.97.236.0
                    Jan 4 07:50:32 bandwidthd: Monitoring subnet 192.168.250.0 with netmask 192.168.250.0
                    Jan 4 07:50:32 bandwidthd: Monitoring subnet 192.168.10.0 with netmask 192.168.10.0
                    Jan 4 07:50:32 bandwidthd: Monitoring subnet 192.168.10.0 with netmask 192.168.10.0
                    Jan 4 07:50:27 php: : The command '/usr/local/etc/rc.d/bandwidthd.sh stop' returned exit code '1', the output was 'No matching processes were found'
                    Jan 4 07:50:27 php: : The command '/usr/local/etc/rc.d/bandwidthd.sh stop' returned exit code '1', the output was 'No matching processes were found'
                    Jan 4 07:50:27 kernel: xl0: promiscuous mode enabled
                    Jan 4 07:50:25 php: : The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
                    Jan 4 07:50:21 php: : Restarting/Starting all packages.
                    Jan 4 07:50:11 apinger: Error while feeding rrdtool: Broken pipe
                    Jan 4 07:50:10 miniupnpd[1738]: Listening for NAT-PMP traffic on port 5351
                    Jan 4 07:50:10 miniupnpd[1738]: Listening for NAT-PMP traffic on port 5351
                    Jan 4 07:50:10 miniupnpd[1738]: HTTP listening on port 2189
                    Jan 4 07:50:10 miniupnpd[1738]: HTTP listening on port 2189
                    Jan 4 07:50:10 php: : miniupnpd: Starting service on interface: lan
                    Jan 4 07:50:08 php: : Creating rrd update script
                    Jan 4 07:50:02 check_reload_status: Restarting ipsec tunnels
                    Jan 4 07:49:59 lighttpd[51111]: (log.c.166) server started
                    Jan 4 07:49:59 lighttpd[51111]: (log.c.166) server started
                    Jan 4 07:49:39 kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding enabled, default to accept, logging disabled
                    Jan 4 07:49:26 ntpdate[37661]: step time server 209.167.68.100 offset 0.929602 sec
                    Jan 4 07:49:18 dnsmasq[40770]: read /etc/hosts - 60 addresses
                    Jan 4 07:49:18 dnsmasq[40770]: ignoring nameserver 127.0.0.1 - local interface
                    Jan 4 07:49:18 dnsmasq[40770]: ignoring nameserver 127.0.0.1 - local interface
                    Jan 4 07:49:18 dnsmasq[40770]: using nameserver 203.97.78.43#53
                    Jan 4 07:49:18 dnsmasq[40770]: using nameserver 203.97.78.44#53
                    Jan 4 07:49:18 dnsmasq[40770]: reading /etc/resolv.conf
                    Jan 4 07:49:18 dnsmasq[40770]: compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack
                    Jan 4 07:49:18 dnsmasq[40770]: started, version 2.63 cachesize 10000
                    Jan 4 07:49:18 check_reload_status: Updating all dyndns
                    Jan 4 07:49:17 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
                    Jan 4 07:49:17 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
                    Jan 4 07:49:17 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
                    Jan 4 07:49:17 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
                    Jan 4 07:49:17 dhcpd: All rights reserved.
                    Jan 4 07:49:17 dhcpd: Copyright 2004-2012 Internet Systems Consortium.
                    Jan 4 07:49:17 dhcpd: Internet Systems Consortium DHCP Server 4.2.4-P1
                    Jan 4 07:49:17 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
                    Jan 4 07:49:14 php: : ROUTING: setting default route to 203.97.236.1
                    Jan 4 07:49:14 lighttpd[29910]: (log.c.166) server started
                    Jan 4 07:49:14 lighttpd[29910]: (log.c.166) server started
                    Jan 4 07:49:11 apinger: Starting Alarm Pinger, apinger(17425)
                    Jan 4 07:49:10 sshlockout[16498]: sshlockout/webConfigurator v3.0 starting up
                    Jan 4 07:49:10 sshd[16201]: Server listening on 0.0.0.0 port 222.
                    Jan 4 07:49:10 sshd[16201]: Server listening on :: port 222.

                    1 Reply Last reply Reply Quote 0
                    • S Offline
                      Slam
                      last edited by

                      I havent gitsynced the latest updates since the early hours of this morning but so far so good, the original error of captive portal crashing seems to be fixed, as well as some other minor bugs, the redirected lighty error log also reports no problems.

                      Big thanks to the devs and pfsensers!

                      1 Reply Last reply Reply Quote 0
                      • D Offline
                        debremarkos
                        last edited by

                        Hi I am having the same issue, upgraded from 2.0.1 (i386) to 2.0.2 in the services tap captive portal appears down. Interestingly I use radius and openldap for the username and passwords on a separate computer. When a user types in a username and password they get an error saying that page could not be reached, but then if they close the browser and open it they have been authenticated by captive portal and all is working. I am also using esx 4, I use squid (as transparent proxy) and squidguard and a wpad file to auto configure the browser. It all worked fine before the upgrade.

                        1 Reply Last reply Reply Quote 0
                        • E Offline
                          eri--
                          last edited by

                          Please gitsync to latest changes i think the root cause of this has been fixed now.

                          1 Reply Last reply Reply Quote 0
                          • D Offline
                            debremarkos
                            last edited by

                            yep did this and after a reboot everything works again, thanks for your help really appreciated.

                            1 Reply Last reply Reply Quote 0
                            • D Offline
                              dgwilson
                              last edited by

                              @ermal:

                              Please gitsync to latest changes i think the root cause of this has been fixed now.

                              I updated (sync'd) again. Everything has remained stable over night.

                              • David
                              1 Reply Last reply Reply Quote 0
                              • R Offline
                                rhy7s
                                last edited by

                                I did a gitsync the other day and that fixed the captive portal being stopped issue. What I've noticed since though is that clients have to either renew their IP or turn WiFi Off/On to be redirected to the captive portal after the 1 hour time out. DHCP default and maximum lease times are not set in the configuration so I'm presuming they are 720 seconds and 86400 seconds respectively, both definitely longer than the time out.

                                1 Reply Last reply Reply Quote 0
                                • W Offline
                                  wwifi1944
                                  last edited by

                                  Same here >:(…upgraded and no more capitve po

                                  1 Reply Last reply Reply Quote 0
                                  • C Offline
                                    cmb
                                    last edited by

                                    @wwifi1944:

                                    Same here >:(…upgraded and no more capitve po

                                    gitsync as described here and it will be fixed.

                                    1 Reply Last reply Reply Quote 0
                                    • M Offline
                                      myke
                                      last edited by

                                      Hi everyone,

                                      I confirm with the fix is working.

                                      But i have some logs that i don't understand like :

                                      lighttpd[34598]: (mod_fastcgi.c.2676) FastCGI-stderr: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'redirurl' (attacker '172.16.1.37', file '/usr/local/captiveportal/index.php')

                                      lighttpd[34598]: (mod_fastcgi.c.2676) FastCGI-stderr: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'sessionkey' (attacker '172.16.1.141', file '/usr/local/captiveportal/index.php')

                                      lighttpd[34598]: (connections.c.137) (warning) close: 73 Connection reset by peer

                                      Best regards.
                                      Myke.

                                      1 Reply Last reply Reply Quote 0
                                      • N Offline
                                        niebla
                                        last edited by

                                        Using 2.02 in a production environment so I am reluctant to do a gitsync. I may come in this weekend and give it a try.

                                        Interesting that although under service status the captiveportal service says Stopped captive portal is running and users are being asked to login.

                                        1 Reply Last reply Reply Quote 0
                                        • K Offline
                                          kolomalo
                                          last edited by

                                          Hello.

                                          I have the "same issue" Since I upgrade my installation, captive portal don't works as expected. I have had to disable it.

                                          My problem is that the ip roules stop working suddenly.

                                          f.e. my rule "both any->10.2.0.0/16" stop working and the only way to work around was enable certains IPs on the captive portal (so they have access to internet too, and i don't want this).

                                          Thanks!

                                          Now i'm gitsyncing.. I'll try after

                                          1 Reply Last reply Reply Quote 0
                                          • D Offline
                                            debremarkos
                                            last edited by

                                            Hi after gitsyncing and going to 2.0.3 I had a number of other issues, such as under heavy load the firewall blocking everything with nothing entered into the syslog. we have 800 captive portal users and everything was working well in 2.0.1 . I have reverted back to 2.0.1 . The main reason was due to the crashing and the fact that the web gui became really slow, and crashed alot. I run 2 other pfsense devices and I have not gone back to 2.0.2 on them as they do not use captive portal. On all the devices that I have upgraded i have found the performance of the webgiu gets much worse after the upgrade with me having to remove the status widget from the dashboard to make some small improvements.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.