cant login webgui

Gertjan

If the system is ok, consider the hardware less ok.

Although I know nothing about LAGG - neither "frr", how they can make a boot fail.
When you remove this "frr" thing, and LAGG stuff, everything is ok ?

jimp

The messages from FRR are likely unrelated.

If it never gets past "configuring firewall" then something is getting stuck there, in making or loading the ruleset. Press ^T (ctrl-T) to see what it's doing on the console. If you can break out of there (^C) try checking in clog /var/log/system.log for more clues.

What other packages are on there besides FRR?

valentinius

i know by experience that id hardware is nor ok does not matter what quality hardware is, both must be perfect

yon 0

system.zip

It should not be a hardware problem of the network card or switch, because they are all newly bought hardware, and the network card is intel

yon 0

i can use ssh for normal login, only webgui cant login. show "

504 Gateway Time-out
nginx

yon 0

How to check the list of installation packages?

yon 0

i have install the snort

jimp

@yon-0 said in cant login webgui:

system.zip
It should not be a hardware problem of the network card or switch, because they are all newly bought hardware, and the network card is intel

That doesn't mean they are good. You are more likely to have faulty hardware new out of the box than most other times. Also the cards may not be legitimate -- there are tons of fake Intel cards out there, some of which misbehave in various ways which render networking (or the entire OS) unstable.

yon 0

i only can't login webgui, but i can visit internet in lan. so NIC should work.

yon 0

i have config in loader.conf

kern.cam.boot_delay=10000
kern.ipc.nmbclusters="1000000"
kern.ipc.nmbjumbop="524288"
kern.ipc.nmbjumbo9="524288"
if_em_load="YES"
h_ertt_load="YES"
ahci_load="YES"
cc_cdg_load="YES"
aesni_load="YES"
hw.igb.enable_msix="1"
hw.igb.rx_process_limit="-1"
hw.igb.tx_process_limit="-1"
hw.igb.rxd="2048"
hw.igb.txd="2048"
net.link.ifqmaxlen="4096"
hw.igb.max_interrupt_rate="16000"
net.inet.tcp.soreceive_stream="1"
net.pf.source_nodes_hashsize="1048576"
net.isr.defaultqlimit="2048"
net.inet.tcp.syncache.hashsize="1024"
net.inet.tcp.syncache.bucketlimit="100"
autoboot_delay="3"
hw.usb.no_pf="1"
net.pf.request_maxcount="500000"

valentinius

thanks to eveyone for a piece of advice, it seems i have solved the problem!!

yon 0

@valentinius whats mean?

valentinius

@yon-0
i mean that thanks to all your recommendations i have solved the problem with login webgui)

valentinius

@yon-0 SOLVED, rebooted all is well again

yon 0

@valentinius How to solve it?

yon 0

i find the bugs.

when i import a lot of firewall_aliases networks like 200 ipv4 networks and setup route or firewall rule, then PF webgui nginx 504 Gateway Time-out.

how many network line for firewall_aliases?

yon 0

Aug 24 05:45:40 nginx 2020/08/24 05:45:40 [error] 13539#100230: *14202 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.101.30, server: , request: "GET /index.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.101.254:2253", referrer: "https://192.168.101.254:2253/system_routes.php"

yon 0

it seem need fix nginx

https://stackoverflow.com/questions/18740635/nginx-upstream-timed-out-110-connection-timed-out-while-reading-response-hea

yon 0

2020/08/24 05:53:17 [error] 13539#100230: *14202 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.101.30, server: , request: "GET /index.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.101.254:2253", referrer: "https://192.168.101.254:2253/system_routes.php"
2020/08/24 05:56:48 [error] 13539#100230: *14202 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.101.30, server: , request: "GET /index.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.101.254:2253", referrer: "https://192.168.101.254:2253/system_routes.php"
2020/08/24 05:57:49 [error] 13539#100230: *14202 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.101.30, server: , request: "GET /index.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.101.254:2253", referrer: "https://192.168.101.254:2253/services_dhcpv6.php"
2020/08/24 06:16:55 [error] 7087#100230: kevent() reported about an closed connection (65: No route to host) while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: 31.13.79.17:80, certificate: "/var/etc/cert.crt"
2020/08/24 06:16:55 [error] 7087#100230: OCSP responder prematurely closed connection while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: 31.13.79.17:80, certificate: "/var/etc/cert.crt"
2020/08/24 06:16:55 [error] 7043#100233: kevent() reported about an closed connection (60: Operation timed out) while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: 69.171.233.33:80, certificate: "/var/etc/cert.crt"
2020/08/24 06:16:55 [error] 7043#100233: OCSP responder prematurely closed connection while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: 69.171.233.33:80, certificate: "/var/etc/cert.crt"
2020/08/24 06:21:12 [error] 7087#100230: *6 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.101.30, server: , request: "GET /index.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.101.254:2253", referrer: "https://192.168.101.254:2253/diag_backup.php"
2020/08/24 06:24:35 [warn] 13335#100201: "ssl_stapling" ignored, host not found in OCSP responder "ocsp.int-x3.letsencrypt.org" in the certificate "/var/etc/cert.crt"

yon 0

Find the cause of the problem, when many static routes are set, for example, more than 1000 static routes. then if you log in to the home page of the management website, you cannot open it. /index.php

data from https://bgp.space/chinanet.html