@stephenw10
No further crashes since carrying out those repairs etc so that's great.
36 lan in errors for 1.8 TiB of data of which the majority have come from that annoying intel wifi adapter!😤....

Hmm, nothing terribly exciting there. Sure seems like it must be OpenVPN doing something. 🤔

@stephenw10 Thank you very much !!

@bassplayaman re: latest, see https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting

[SOLVED] by mellanox cards change from Infiniband to Ethernet

@stephenw10 said in [Crash Report] - Crash after update from 2.6.0 to 2.7.0:

Which is fixed in 2.7.2.

Cool - thank you. As I just wrote in my edit I managed to upgrade it to 2.7.2, so it probably won't happen again.

@bitslammer said in pfSense Suricata Crashes on Malformed Block List Entry:

@bmeeks I'm guessing the rules that I enabled have grown over time so I'll try to trim them. Oddly this doesn't happen every time which you'd kind of expect. It's a Netgate 3100 so it looks like I need to look at some other options since this isn't upgradeable. Thanks for the quick reply adn happy holidays.

Several memory parameters have new increased minimums in Suricata 7.x. You are probably seeing the impact of those on the SG-3100. Same issue exists for SG-1100 users, too. 4GB is the new minimum, and even that might get cramped with lots of rules (more than 15,000).

If I were spec'ing a box today for someone who wanted to run IDS/IPS (and most folks want to run pfBlockerNG with DNSBL, too), then I would set 8 GB as a new minimum RAM requirement. The new default ZFS install will also chew up much more RAM than the old UFS setup.

Edit: also looking once again at your log snippet post, I see it seemed to be updating the rules as I see a "rule reload" message. RAM usage will increase during rule swaps, especially if "live rule swap" is enabled.

@stephenw10 Yes, You are right.

Only few items were left in the partition.

root@:~ # mount /dev/ada0p2 /mnt
root@:~ # ls
.k5login .profile .shrc recover_configxml.sh
root@:~ # cd /mnt
root@:/mnt # ls
.cshrc .profile .rnd .snap .sujournal dev lib libexec sbin usr var
root@:/mnt #

@giyahban said in Netmap (Suricata) cause crash:

didnt know its not recommended to have vlan with inline mode.

Inline IPS Mode has some limitations. The biggest is that VLANs and other virtual interfaces are not currently well supported. Things like a Bridge or LAGG setup will not work well. VLANs are especially problematic. There is some work happening within FreeBSD's netmap code to make things better, but none of those experimental updates are present in the pfSense kernel yet.

If you want to use Inline IPS Mode, you should only deploy it on plain-vanilla Ethernet interfaces (meaning no VLANs defined and not a member of a LAGG or Bridge). You may get by with running Suricata on the physical parent interface only and NOT on each defined VLAN interface.

Yeah, if you've removed the IPv6 traffic that was triggering it you should be fine. 23.05 is not far off now anyway.

As follow up,
the changes proposed in the topic about proxmox seems to work. The firewall has been up for 60 days without an issue.

Tyvm!

@stephenw10 Appreciate the guidance!

@thebear 2 vCPUs and 8G memory.

The sleep it's referring to there is a sleeping thread rather than a system power state.

Yes comparing multiple crash reports is the next step here. If they are consistent it's probably a bug somewhere.

Steve

Yes, it could be. I'll try to replicate and open something if there isn't anything already open.

BTW:

How do i close a Thread?

Danke - hatte ich noch nicht entdeckt! 🙈

@stephenw10 Thank you

this fixed it seems to be working fine now. no problems so far.

@fireodo said in router randomly freezes:

@elliopitas
Hi,
maybe thats a Realtek driver problem. Read this:
https://forum.netgate.com/topic/166746/realtek-re-kmod-missing-in-pfsense-2-6-repository
Could be a possible solution ...

@mrpete said in page fault kernel panics after 2.5.2 upgrade:

the fact that it is a UFS panic proves fsck is needed?

Yes, that. You would not see that panic if ZFS was used.

Steve