Added limiter resulted in spontaneous reboots
-
pfsense 2.4.2 in HA mode.
Steps taken to create this mess.
On primary.
Added traffic limiter by:
Firewall/traffic shaper
Limiters
Added new
Name: l3df
bandwidth 15mb
mask: source address
Rest defaultThen added to a rule
Firewall/rules
OpenVPN
edit rule
Selected the limiter for In pipe.Hit save.
It made the primary firewall reboot.
Come up for about 15 seconds then reboot.
This continued none stop.It replicated the settings to the backup firewall.
The backup firewall did the same thing but it crashed the file system and never came back up at all.I managed to get into the firewall and disable the limiter and that fixed the primary. (took over an hour).
On the backup firewall I had to fix the file system and then it came backup.Its pretty scary that a simple mistake like this will shut down both your primary and secondary.
It would be nice to have a delay in replicating firewall rules that can kill your primary.
I assume there are no way to delay firewall rules/settings replication to prevent situations like this.
-
you and me both brother… I have the same symptoms in 2.4.2_1
Just have to leave my limiters off right now….
-
Long-standing bug. Fixed in 2.4.3.
https://redmine.pfsense.org/issues/4310
-
Sweeeeeet