Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Diagnóstico de Hardware ou Software (pfsense travando)

    Scheduled Pinned Locked Moved Portuguese
    3 Posts 1 Posters 716 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      moisesdfelix
      last edited by

      Boa Noite Pessoal.

      Tenho um Appliance de Firewall pfsense v 2.2.2 que travou após 45 dias de estado operacional. com isso, gostaria de saber como poderia avaliar melhor o hardware (CPU, MEMÓRIA, DISCO) ou até mesmo o software já que este erro me pareceu ser fatal pois literalmente travou o equipamento.

      PS.: cheguei a verificar em "system logs" porém não tive sucesso em nenhuma informação pertinente. os últimos logs foram esses:

      ÚLTIMO LOG REGISTRADO ANTES DA FALHA.

Aug 26 14:21:54	kernel: arp: 192.168.0.49 moved from 48:59:29:e4:44:ca to 20:cf:30:e0:2b:37 on em1 

APÓS A FALHA O LOG ABAIXO DE BOOT.

Aug 27 19:58:19	kernel: random: <software, yarrow=""> initialized
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff80632f00, 0) error 1
Aug 27 19:58:19	kernel: iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80632e50, 0) error 1
Aug 27 19:58:19	kernel: iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80632da0, 0) error 1
Aug 27 19:58:19	kernel: iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff8060b730, 0) error 1
Aug 27 19:58:19	kernel: ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff8060b680, 0) error 1
Aug 27 19:58:19	kernel: ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
Aug 27 19:58:19	kernel: module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff8060b5d0, 0) error 1
Aug 27 19:58:19	kernel: ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Aug 27 19:58:19	kernel: ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
Aug 27 19:58:19	kernel: wlan: mac acl policy registered
Aug 27 19:58:19	kernel: ioapic0 <version 2.0=""> irqs 0-23 on motherboard
Aug 27 19:58:19	kernel: ioapic0: Changing APIC ID to 4
Aug 27 19:58:19	kernel: cpu3 (AP/HT): APIC ID: 3
Aug 27 19:58:19	kernel: cpu2 (AP): APIC ID: 2
Aug 27 19:58:19	kernel: cpu1 (AP/HT): APIC ID: 1
Aug 27 19:58:19	kernel: cpu0 (BSP): APIC ID: 0
Aug 27 19:58:19	kernel: FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 HTT threads
Aug 27 19:58:19	kernel: FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
Aug 27 19:58:19	kernel: ACPI APIC Table: <011613 APIC1021>
Aug 27 19:58:19	kernel: Event timer "LAPIC" quality 400
Aug 27 19:58:19	kernel: avail memory = 4087496704 (3898 MB)
Aug 27 19:58:19	kernel: real memory = 4294967296 (4096 MB)
Aug 27 19:58:19	kernel: TSC: P-state invariant, performance statistics
Aug 27 19:58:19	kernel: AMD Features2=0x1 <lahf>Aug 27 19:58:19	kernel: AMD Features=0x20100800 <syscall,nx,lm>Aug 27 19:58:19	kernel: Features2=0x40e31d <sse3,dtes64,mon,ds_cpl,tm2,ssse3,cx16,xtpr,pdcm,movbe>Aug 27 19:58:19	kernel: Features=0xbfebfbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe>Aug 27 19:58:19	kernel: Origin = "GenuineIntel" Id = 0x106ca Family = 0x6 Model = 0x1c Stepping = 10
Aug 27 19:58:19	kernel: CPU: Intel(R) Atom(TM) CPU D525 @ 1.80GHz (1800.03-MHz K8-class CPU)
Aug 27 19:58:19	kernel: FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
Aug 27 19:58:19	kernel: root@pfs22-amd64-builder:/usr/obj.amd64/usr/pfSensesrc/src/sys/pfSense_SMP.10 amd64
Aug 27 19:58:19	kernel: FreeBSD 10.1-RELEASE-p9 #0 57b23e7(releng/10.1)-dirty: Mon Apr 13 20:30:25 CDT 2015
Aug 27 19:58:19	kernel: FreeBSD is a registered trademark of The FreeBSD Foundation.
Aug 27 19:58:19	kernel: The Regents of the University of California. All rights reserved.
Aug 27 19:58:19	kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Aug 27 19:58:19	kernel: Copyright (c) 1992-2014 The FreeBSD Project.
Aug 27 19:58:19	syslogd: kernel boot file is /boot/kernel/kernel

OBS: O MBUF tá 48% (12660/26584)</fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe></sse3,dtes64,mon,ds_cpl,tm2,ssse3,cx16,xtpr,pdcm,movbe></syscall,nx,lm></lahf></version></software,>
      1 Reply Last reply Reply Quote 0
      • M
        moisesdfelix
        last edited by

        Nesse outro log o squid tá rejeitando algumas expressões da whitelist por algum motivo.

        Aug 27 19:58:45	php-fpm[87280]: /rc.start_packages: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was '2017/08/27 19:58:45| /usr/pbi/squid-amd64/local/etc/squid/squid.conf line 71: acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl" 2017/08/27 19:58:45| ERROR: invalid regular expression: '(sintegra.gov.br/)|(mail.google.com)|(google.com/mail/)|(caixa.gov.br)|(cmt.caixa.gov.br)|(obsupgdp.caixa.gov.br)|(receita.fazenda.gov.br)|(ecac.receita.fazenda.gov.br)|(dataprev.gov.br)|(previdencia.gov.br)|(serpro.gov.br)|(negociacao.caixa.gov.br)|(cafe.dataprev.gov.br)|(granulito.mte.gov.br)|(portal.mte.gov.br)|(nfse.campinas.sp.gov.br)|(embratec.com.br)|(ccd.serpro.gov.br)|(ccd2.serpro.gov.br)|(repositorio.icpbrasil.gov.br)|(caixa.gov.br)|(ecac.receita.fazenda.gov.br)|(dataprev.gov.br)|(previdencia.gov.br)|(serpro.gov.br)|(negociacao.caixa.gov.br)|(cafe.dataprev.gov.br)|(granulito.mte.gov.br)|(portal.mte.gov.
        1 Reply Last reply Reply Quote 0
        • M
          moisesdfelix
          last edited by

          Apenas para especificar melhor meu ambiente, essa é a configuração do hardware :

          .2.2-RELEASE (amd64) 
built on Mon Apr 13 20:10:22 CDT 2015 
FreeBSD 10.1-RELEASE-p9
Platform	pfSense
CPU Type	Intel(R) Atom(TM) CPU D525 @ 1.80GHz
4 CPUs: 1 package(s) x 2 core(s) x 2 HTT threads
4GB de Memória RAM

          Estou utilizando Firewall / Proxy (vários aliases)  VPN S2S (Três filiais) / VPN S2C, Snort, bandwidth e o Squid Proxy Reports

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.