Gateway down - no notification received via SMTP

phaze75 · Apr 27, 2019, 7:30 AM

Hi,
I have configured pfsense to send SMTP notifications via my LAN SMTP server. It works perfectly for the test notification and also for dyndns ip changes. However, pfsense does not notify me if my gateway goes down:

Apr 27 03:45:35 rc.gateway_alarm 59722 >>> Gateway alarm: WAN_DHCP (Addr:80.109.220.1 Alarm:1 RTT:10.218ms RTTsd:4.909ms Loss:21%)
Apr 27 03:45:35 check_reload_status updating dyndns WAN_DHCP
Apr 27 03:45:35 check_reload_status Restarting ipsec tunnels
Apr 27 03:45:35 check_reload_status Restarting OpenVPN tunnels/interfaces
Apr 27 03:45:35 check_reload_status Reloading filter
Apr 27 03:45:36 check_reload_status Linkup starting igb0
Apr 27 03:45:36 kernel igb0: link state changed to DOWN

Do I need to activate that somewhere?

I am using:

2.4.4-RELEASE-p2 (amd64)
built on Wed Dec 12 07:40:18 EST 2018
FreeBSD 11.2-RELEASE-p6

Best regards!

MoonKnight · Apr 27, 2019, 7:39 AM

Hi,

I think you need to install "mailreport" under Package Manager.

phaze75 · Apr 27, 2019, 7:45 AM

Hi, I checked it out, but "mailreport" just sends out periodic reports. I would like to be instantly notified if the gateway goes down. I read in other articles that this is working for other users with SMTP notifications turned on. Thus I am wondering why it does not work for me...

mrsunfire · Apr 27, 2019, 8:15 AM

If WAN is down, it can't be sent... You need a failover connection for that.

phaze75 · May 4, 2019, 6:41 AM

Hmm, why? The LAN interface (still up) and the SMTP server are in the same private subnet. I even configured the static IP of the SMTP server instead of the FQDN to prevent any DNS related issues.

johnpoz · Apr 27, 2019, 8:59 AM

Do you have pfsense set to reset states on gateway down?

system / adv / misc

State Killing on Gateway Failure
Flush all states when a gateway goes down The monitoring process will flush all states when a gateway goes down if this box is checked.

Wonder if that could conflict with talking to your smtp server?

phaze75 · Apr 27, 2019, 1:34 PM

Nope.

mrsunfire · Apr 27, 2019, 3:18 PM

Normally you don‘t need that. If your WAN is down, even a smtp on LAN can‘t send the mail.

phaze75 · Apr 27, 2019, 6:50 PM

@mrsunfire said in Gateway down - no notification received via SMTP:

Normally you don‘t need that. If your WAN is down, even a smtp on LAN can‘t send the mail.

So why is it then possible to successfully send and receive a test notification (within the LAN) with a disabled WAN interface?

chpalmer · Apr 27, 2019, 7:25 PM

@phaze75

Assuming that your email server logs never log the email attempt?

phaze75 · May 3, 2019, 9:06 AM

@chpalmer
No, the SMTP server didn't log an email attempt at the incident "Apr 27 03:45:36 kernel igb0: link state changed to DOWN". But it logged my manually triggered SMTP test notifications properly.

I suspect pfsense did not try to send an email at all (bug?). What supports this suspicion is that pfsense properly logged my test notification (see below), but it did not log a notification of the "igb0: link state changed to DOWN" incident:

Apr 27 09:04:19 php-fpm /system_advanced_notifications.php: Message sent to @****. OK

mrsunfire · Apr 28, 2019, 7:32 AM

Under System/Advanced/Notifications you're sure you did not check the first box "Disable SMTP"? Sometimes this happens because you think check a box enables something.

phaze75 · Apr 28, 2019, 7:34 AM

@mrsunfire
No.

stephenw10 · Apr 28, 2019, 6:09 PM

Do you see notifications when the WAN comes back up?

Do you see gateway alarms logged when the WAN is down? If you just disable the WAN removing the gateway monitor on it I don't believe you will see an alert.

Steve

phaze75 · Apr 29, 2019, 6:03 AM

@stephenw10 said in Gateway down - no notification received via SMTP:

Do you see notifications when the WAN comes back up?

No.

Do you see gateway alarms logged when the WAN is down?

Yes, see my first post. The first line of the log contains the gateway alarm.

If you just disable the WAN removing the gateway monitor on it I don't believe you will see an alert.

That is clear. I just disabled the WAN manually to prove that SMTP (test) notifications can still be sent by pfsense even if the WAN adapter is down/disabled.

I suspect there might be an issue of pfsense preventing a gateway alarm to trigger the corresponding SMTP notification.

stephenw10 · Apr 30, 2019, 4:50 AM

You don't have gateway action disabled in the gateway setup?

Though I would still expect the alarm to trigger an alert in that case. Not sure I've ever tested that though.

Steve

phaze75 · Apr 30, 2019, 4:50 AM

@stephenw10 said in Gateway down - no notification received via SMTP:

You don't have gateway action disabled in the gateway setup?

No. See below.

phaze75 · May 3, 2019, 6:05 AM

@stephenw10 So, where do we go from here? Should I file a bug?

Gertjan · May 3, 2019, 9:06 AM

I guess this is it :
@phaze75 said in Gateway down - no notification received via SMTP:

I suspect pfsense did not try to send an email at all (bug?)

I took a look at what happens when a gateway (WAN) goes down.
I'm pretty sure that there are no mail notifications attempts in that case.

johnpoz · May 3, 2019, 9:10 AM

This is kind of been a gray area for a while - I am not aware of any docs that spell out what triggers a notification.

Would be a nice if there was some doc listing what exactly will trigger a smtp notification... Better yet would be a way to toggle different notifications on or off..

Notification of wan down is prob never thought of since more than likely smtp notification would be going to outside smtp server. I just use a "free" outside monitoring service that send me email when it can not ping my wan IP..