New 502 Bad Gateway
-
mine crashes right away if enabled but with pfblockerng disabled it crashes a lot later like 24-28 hrs after.
Is this fixed if I select the developer update ? or is this still a work in progress>
-
mine crashes right away if enabled but with pfblockerng disabled it crashes a lot later like 24-28 hrs after.
Is this fixed if I select the developer update ? or is this still a work in progress>
If you have this same issue with pfBlocker and DNSbl disabled, then please provide the information requested to see if it is really the same behavior in the background, that might help tell what causes it. And once the root cause is known, a fix can be made, not before..
-
As per jimp's suggestion, please try these two patched files which use a pfSense function called try_lock() as opposed to flock().
Run the following commands to download the patched version of the two files from my Github Gist:
fetch -o /usr/local/www/pfblockerng/www/index.php "https://gist.githubusercontent.com/BBcan177/9f9c8e62b166cee07ad16cd4ff59103c/raw" fetch -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/raw"Recommend a reboot after downloading the patches.
You can review the Gist revisions here:
index.php
https://gist.github.com/BBcan177/9f9c8e62b166cee07ad16cd4ff59103c/revisionspfblockerng.inc
https://gist.github.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/revisionsNote: The try_lock() function calls might require increasing the timeout setting from the default setting of "5" (seconds)
-
Made a couple changes to the code… So if you have downloaded these files prior to this post, please re-download the same URLs above to get the new changes.... Thanks!
-
Made a couple changes to the code… So if you have downloaded these files prior to this post, please re-download the same URLs above to get the new changes.... Thanks!
Hi BBcan177
Can you make a PR?
-
Added some temp file removal to the patches. So please re-download this new code if you have downloaded these files prior to this post, please re-download the same URLs above to get the new changes…. Thanks!
A reboot is recommended following these patches.
Once the code has been tested, I will submit this as a PR.
Please report back your feedback.
Thanks!
-
hee Jim,
https://pastebin.com/JVMQTWbY
bad gateway 502 issue
That looks like it was taken just after a reboot, not when the problem was happening. No sign of anything getting backed up in there.
Hee Jim,
im 99,99999% certain the issue was happening at that time.
Ill do it again.this one is from an other firewall.
it hangs on "sockstat" 15 minutes now so i think those wont come anymore.https://pastebin.com/Ek9R0qkh
-
Here is more data with 502 err:
https://pastebin.com/TqSBTKEK
OpenVPN clients cannot connect also, which is mine major problem for now.
hope will help.
-
Here is more data with 502 err:
https://pastebin.com/TqSBTKEK
OpenVPN clients cannot connect also, which is mine major problem for now.
hope will help.
it starts to become a major issue as well for us. Im about to restore backups..
All virtual firewall's that we upgraded have the same problem…
we have to reboot them multiple times per day to get it working, otherwise ipsec's and openvpn stop working. -
https://pastebin.com/Ek9R0qkh
it starts to become a major issue as well for us. Im about to restore backups..
All virtual firewall's that we upgraded have the same problem…
we have to reboot them multiple times per day to get it working, otherwise ipsec's and openvpn stop working.If that is the output when you have the problem, then it's NOT this problem. No sign of pfBlocker or anything blocking PHP. Start a new thread, it's probably something already solved on 2.4.1 if it's a VM issue. Check the release notes.
-
Here is more data with 502 err:
https://pastebin.com/TqSBTKEK
OpenVPN clients cannot connect also, which is mine major problem for now.
That's the same as others here, pfBlocker DNSBL getting stuck waiting. Try to apply the fixed files from bbcan a few posts above yours.
-
Just another "me too" post. I have just applied the fixes above and will report back tomorrow morning if it doesn't lock up. It has locked up within 24 hours ever since the 2.4 upgrade so hopefully a clean system in the morning will show success.
-
https://pastebin.com/Ek9R0qkh
it starts to become a major issue as well for us. Im about to restore backups..
All virtual firewall's that we upgraded have the same problem…
we have to reboot them multiple times per day to get it working, otherwise ipsec's and openvpn stop working.If that is the output when you have the problem, then it's NOT this problem. No sign of pfBlocker or anything blocking PHP. Start a new thread, it's probably something already solved on 2.4.1 if it's a VM issue. Check the release notes.
ok, i will first upgrade to 2.4.1 and report back then!
-
Here is more data with 502 err:
https://pastebin.com/TqSBTKEK
OpenVPN clients cannot connect also, which is mine major problem for now.
That's the same as others here, pfBlocker DNSBL getting stuck waiting. Try to apply the fixed files from bbcan a few posts above yours.
I just did. Will revert with output if hangs.
Cheers!
-
I'm still learning. Can I just enter the two files from reply 165 into the command box via Diagnostics, Command? I am a GUI user.
I have not had any issues yet but following along to prevent any issues. I do use DNSBL and I am on 2.4.1. Was on 2.4 and the related RC's. -
I'm still learning. Can I just enter the two files from reply 165 into the command box via Diagnostics, Command? I am a GUI user.
I have not had any issues yet but following along to prevent any issues. I do use DNSBL and I am on 2.4.1. Was on 2.4 and the related RC's.Use putty as stated here, and when you log in choose shell and copy paste one row after another. Reboot unit and thats it. And use login "root" not "admin" as stated in video.
https://www.youtube.com/watch?v=krNuKDGEjvQ
Cheers!
-
https://pastebin.com/Ek9R0qkh
it starts to become a major issue as well for us. Im about to restore backups..
All virtual firewall's that we upgraded have the same problem…
we have to reboot them multiple times per day to get it working, otherwise ipsec's and openvpn stop working.If that is the output when you have the problem, then it's NOT this problem. No sign of pfBlocker or anything blocking PHP. Start a new thread, it's probably something already solved on 2.4.1 if it's a VM issue. Check the release notes.
since upgrade tot 2.4.1 no problems yet!
-
So far so good with the updated files.
-
I'm still learning. Can I just enter the two files from reply 165 into the command box via Diagnostics, Command? I am a GUI user.
I have not had any issues yet but following along to prevent any issues. I do use DNSBL and I am on 2.4.1. Was on 2.4 and the related RC's.Use putty as stated here, and when you log in choose shell and copy paste one row after another. Reboot unit and thats it. And use login "root" not "admin" as stated in video.
https://www.youtube.com/watch?v=krNuKDGEjvQ
Cheers!
MAC user so I used terminal. Thank you for the point in the right direction, patched this morning after waking up to 502 Bad Gateway.
-
As per jimp's suggestion, please try these two patched files which use a pfSense function called try_lock() as opposed to flock().
Run the following commands to download the patched version of the two files from my Github Gist:
fetch -o /usr/local/www/pfblockerng/www/index.php "https://gist.githubusercontent.com/BBcan177/9f9c8e62b166cee07ad16cd4ff59103c/raw" fetch -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/raw"Recommend a reboot after downloading the patches.
You can review the Gist revisions here:
index.php
https://gist.github.com/BBcan177/9f9c8e62b166cee07ad16cd4ff59103c/revisionspfblockerng.inc
https://gist.github.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/revisionsNote: The try_lock() function calls might require increasing the timeout setting from the default setting of "5" (seconds)
So Far running for more than 24 hrs without problems on pfsense 2.4.0 - I would say it looks pretty good.
I will upgrade to pfsense 2.4.1 tonight.
