Reset States not working for me [solved]
-
v2.4.4-p2 running on a SG-2440. I cannot reset States. There are no errors showing in System.log
When I select reset States and wait 15 minutes, I am unable to refresh the browser. If I close the browser tab and open pfSense GUI the window progress bar stops after a short time and the GUI does not load, finally showing connection lost. When I reopen GUI a second time it is working and the States are all still there.
I performed a Halt from Diagnostic menu and repeated the above with same result.
I tried the same thing on a different client, different OS, different browser. Same results
I tried ssh to pfSense console and using pfctl -F states and that too failed to clear the States. After 20 minutes I close the terminal window because I ctl-C does not stop the process. The States have not been deleted.
I note a post a few months ago with similar problem except that post had an error in the System log. I have no error.
I can manually delete individual States from the States display but that will take me some time - but less than I've spent on it so far...
I have never before experienced a problem resetting the States but I have only done it a few times over the past 2 yrs. I don't recall the last time I did a reset, it was probably while using v2.3.x
Is waiting 15 min not long enough? I don't recall that it's ever taken more that a minute or two. Is there a file that may be corrupted? Is there a way to clear the States by deleting a file?
Is there anything else I can try since both a restart and a halt did not help.
-
The states should reset almost immediately. Waiting a few seconds is all that's required there.
How many states do you have open normally?
Do you see anything logged when you try to reset them?
Steve
-
At this moment the state table size (on left edge of main screen) is 0% 804/404000. The table currently has 470 separate entries, counting each line. (note: in the time it has taken my to put together this reply the number has gone down to 380).
What made me feel it was not resetting is that the browser would not refresh. I had to close the tab and when reopening pfSense I got a blank screen with a browser loading bar of approx 15-20% across the top and after a few minutes it timed out. At that point I could close the tab and then I could get pfSense to reopen.
In prior versions I had no issues refreshing the browser when the States were reset.
I have never observed the 'normal' States because it just works, and worked well.
The system log has these entries at the times I am trying to reset states:
check_reload_status Syncing firewall
check_reload_status Reloading filter
kernel pid 4012 (ntopng), uid 0: exited on signal 11 (core dumped)
kernel igb2: promiscuous mode disabledI presume ntopng crashes because of the way I am restarting pfSense by closing browser & reopening.
In the past few weeks I've noticed a lot of firewall entries for lo0->127.0.0.1:953
There are 70 entries in my States table for those connections. I'm not running bind and have no idea why that entry is happening.In the past few weeks I've upgraded pfBlockerNG from version 2.1.4_16 to the current 2.2.5-21 and I've made some adjustments to the Resolver settings based on J.Poz posting regarding DNSSEC & Forwarding. I'm using Quad9 as my DNS.
I'll try another reset in a little while and wait only 1 minute before trying to get back into pfSense. Maybe I waited so long that the States built up enough that I thought nothing was happening.
Thank you for your thoughts.
-
Unbound uses port 953 as a control port. You will see those states if you have the DNS status page open for example.
I wouldn't normally expect ntopng to crash out like that but I can't say I've checked it's behaviour if you close whatever states it might have been using.
Normally when you reset the states the browser will end up just spinning because the state it was using has closed. You will need to referesh the page to have it open a new state.
Steve
-
@stephenw10 said in Reset States not working for me:
Normally when you reset the states the browser will end up just spinning because the state it was using has closed. You will need to referesh the page to have it open a new state.
Thank you for the explanation of port 953. My firewall log fills up with lo0->127.0.0.1:953 entries at the rate of several a minute and initially prompted me to be concerned about it because I did not understand where it was coming from.
Regarding resetting states: My browser does not 'spin' however the last time I reset the states that did happen. However that was many months ago and quite a few upgrades of OS & browser & pfSense since that time. Now my browser (Safari) shows it's 'hung' by the lack of movement of a progress bar along the top of the address field. That field does not have a refresh in this circumstance, the only thing I have is a hung progress bar and the X to close the tab. Closing the tab and reopening pfSense does not fix it. It takes 2 or 3 itineration of closing & opening (I presume that's due to a timeout) before I can get the GUI up again. I have not had that happen to me before.
You explanation that the browser uses a state really helped me understand. Previously I was concerned that when the browser was hung and I restarted the GUI and found it full of states I thought it was not resetting. So I ssh'd into pfSense and tried flushing w/ pfctl and that still showed states plus the commandline did not return to the prompt (now I know it was due to state being closed).
Today I set up a tty connection to my SG-2440 and did "pfctl -F states" and it immediately gave me a msg of cleared and returned to the prompt. Immediately starting my normal client browser and opening the GUI shows about 350 states. I guess there is a lot of chatter on my network, many due to the above mentioned loopback.
Thanks so much for your explanation, how can I mark this post 'solved'?
-
I edited the title. Not sure if you can or not, I think that might be time limited.
Anyway glad I could help.
Steve
