Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP Error / PfBlockerNG as detonator !

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 779 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alesk13Fr
      last edited by

      Hello,

      I'm encountering a problem since my update to PfSense 2.3.2.

      I've reinstalled my PfSense Box 8 times in 3 days, each time where I'm using PfSense without PfBlockerNG all is fine, and when I'm installing PfBlockerNG, after few hours (30 minutes to 6 hours) my Box begin to be unaccessible, SSH and Serial, on serial I got a lot of lines of "swap_pager_getswapspace(X): failed".

      **Material :
      I'm using Lanner Box FW-7568B (spec here in 2 words the specs are :
      Intel Atom Dual Core Pineview D-525
      8 x GbE Ports (6 x Intel 82574L and 2x Intel 82541P1)
      4 Gb DDR3 800 Mhz SODIMM (In fact it's 1 Gb on Motherboard and 4 Gb in SODIMM but the max used by system is 4 Gb)
      SSD 128 Go SATA
      Hitachi Travelstar 250 Go

      **OS :
      PfSense 2.3.2 AMD64 (built on Tue Jul 19 12:44:43 CDT 2016)
      Full Install from USB Key, with Custom options, embed Kernel

      **Interfaces setup :
      I'm using a LAGG 8 x 1 GbE with 802.3ad switch behind (2 x Netgear M5300).
      4 x WAN connection, all ADSL, 3 are fixed IP and one is dynamic.
      All interfaces are on VLAN, just LAN is on LAGG0

      **My Packages are :
      Avahi : 1.11_2
      Nut : 2.3.1
      Notes : 0.2.9-2
      Service_Watchdog : 1.8.3
      PfBlokerNG : Before reinstall it was 2.1.1 after 2.1.1_2

      **System tunables :
      I'm using system tunables since this lot of crash for this parameters : kern.ipc.nmbclusters

      I haven't modified my PfSense installation, I'm using my backuped config.xml who contains parameters for all my package listed upon, and for snort (I'm not using ii since a lot of time)

      The first time where this happen (10 days ago, with 5 days of balckout because I wasn't near of the box) on 2.3.1, with the update of PfBlokerNG 2.1.1 to 2.1.1_2, I was on vacation, and my Box become unaccessible, when I was back, I've seen my Box unable to boot after the "ldconfig" message during the boot process.

      I've changed my first drive from SSD to HDD, to be sure it wasn't a failed drive problem (same if SMART was ok).

      Can someone tell me what was wrong ? I'm not sure it's only a software problem, maybe hardware too or only, because my Box was up for 90 days (approx) without any problem and suddendly my problem begin with just PfBlokerNG update …
      I don't understand why when PfBlockerNG was installed and did reload the configuration after installation process, my Box become slow specially for Rules and PfBlockerNG page from Web GUI, and for SSH and Serial too.

      The same error appear on my SysLog Server, and it happen few lines, after disapear and is back, finally the Box became unnaccessible samely by SERIAL.

      2016-07-26	00:09:15	info		local7	dhcpd	171,16777216,,1000022611,lo0,match,pass,in,4,0x0,,64,21510,0,none,17,udp,72,127.0.0.1,127.0.0.1,21251,53,52
2016-07-26	00:09:15	info		local7	dhcpd	178,16777216,,1000022712,lagg0_vlan91,match,pass,out,4,0x0,,64,7240,0,none,17,udp,69,81.210.11.173,212.27.40.241,22626,53,49
2016-07-26	00:09:15	info		local7	dhcpd	4747,16777216,,1429561533,lagg0_vlan30,match,pass,in,4,0x0,,100,5443,0,none,17,udp,58,192.168.191.245,192.168.191.250,8161,53,38
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(12): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(16): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(12): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(16): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(12): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(7): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(8): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(8): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(4): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(9): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(16): failed
2016-07-26	00:09:02	crit		local7	dhcpd	swap_pager_getswapspace(3): failed

      In doubt I've ask help on PfBlockerNG thread to see if they can help me too…

      So if you can point me  where my problem is I would realy appreciate ...

      Thanks in advance.

      Best regards,
      Alex.**********

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        There are memory issues with that update of pfblocker.. See this thread.. Most likely that sure isn't helping any.

        https://forum.pfsense.org/index.php?topic=116307.0

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • A
          Alesk13Fr
          last edited by

          Thank you so much johnpoz, I don't understand why I haven't find this thread, I was looking for info since 10 days, and can't find anything about memory …

          Effectively,, I've just checked my Log file from SysLog Server and found :
          2016-07-25 17:18:22 err local7 dhcpd /usr/local/www/pfblockerng/pfblockerng.php: PHP ERROR: Type: 1, File: /etc/inc/config.lib.inc, Line: 202, Message: Allowed memory size of 268435456 bytes exhausted (tried to allocate 13129085 bytes)

          Why system imput this error to DHCPD instead of PfBlockerNG ?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.