Firewall rules disabling after few minutes



  • Hi Forum
    Just testet and installed my New PFsense XG7100-1U this night after struggling with several issiues for some time.
    Nut not I have it up and running - unfortunably I can see when I reboot the Firewall
    My portforwards are active - and you can login to mailservers etc.
    BUT after a few minutes - the ports are closing and not awaiulable to login.

    My Test
    Rebooted the firewall - From external PC - SSH to my servers works fine

    After 5 minutes - no portforwards are open any,more - No connection on those ports that should be opened!
    Where to look and find this error - since I cannot see errors in dashboards
    Latest logs after this gone down?

    Aug 8 10:29:54	php-fpm	348	/rc.newwanip: The command '/sbin/route delete -host 1.0.0.1' returned exit code '1', the output was 'route: route has not been found delete host 1.0.0.1 fib 0: not in table'
    Aug 8 10:29:54	rtsold	23077	<sendpacket> sendmsg on lagg0.4090: Permission denied
    Aug 8 10:29:55	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:29:56	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:29:56	rtsold	34590	<sendpacket> sendmsg on lagg0.4090: Permission denied
    Aug 8 10:29:57	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:29:58	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:29:58	rtsold	23077	<sendpacket> sendmsg on lagg0.4090: Permission denied
    Aug 8 10:29:59	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:30:00	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:30:00	rtsold	34590	<sendpacket> sendmsg on lagg0.4090: Permission denied
    Aug 8 10:30:01	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:30:02	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:30:03	php-cgi		rc.bootup: Unbound start waiting on dhcp6c.
    Aug 8 10:30:04	php-cgi		rc.bootup: sync unbound done.
    Aug 8 10:30:04	kernel		done.
    Aug 8 10:30:05	kernel		done.
    Aug 8 10:30:06	kernel		done.
    Aug 8 10:30:06	kernel		done.
    Aug 8 10:30:06	php-cgi		rc.bootup: NTPD is starting up.
    Aug 8 10:30:06	kernel		done.
    Aug 8 10:30:06	check_reload_status		Updating all dyndns
    Aug 8 10:30:06	kernel		.
    Aug 8 10:30:06	kernel		....
    Aug 8 10:30:07	kernel		.done.
    Aug 8 10:30:11	php-cgi		rc.bootup: Creating rrd update script
    Aug 8 10:30:11	kernel		done.
    Aug 8 10:30:11	root		/etc/rc.d/hostid: WARNING: hostid: unable to figure out a UUID from DMI data, generating a new one
    Aug 8 10:30:13	syslogd		exiting on signal 15
    Aug 8 10:30:13	syslogd		kernel boot file is /boot/kernel/kernel
    Aug 8 10:30:13	kernel		done.
    Aug 8 10:30:13	kernel		done.
    Aug 8 10:30:14	php-fpm	349	/rc.start_packages: Restarting/Starting all packages.
    Aug 8 10:30:14	php		[pfBlockerNG] DNSBL parser daemon started
    Aug 8 10:30:14	check_reload_status		Syncing firewall
    Aug 8 10:30:14	check_reload_status		Reloading filter
    Aug 8 10:30:14	php-fpm	349	[pfBlockerNG] Restarting firewall filter daemon
    Aug 8 10:30:15	php_pfb		[pfBlockerNG] filterlog daemon started
    Aug 8 10:30:15	SnortStartup	38668	Snort START for WAN(15816_lagg0.4090)...
    Aug 8 10:30:15	php_pfb		[pfBlockerNG] filterlog daemon started
    Aug 8 10:30:15	aladin.localdomain		nginx: 2019/08/08 10:30:15 [error] 36842#100148: send() failed (54: Connection reset by peer)
    Aug 8 10:30:15	php		[pfBlockerNG] DNSBL parser daemon started
    Aug 8 10:30:15	kernel		ix2: promiscuous mode enabled
    Aug 8 10:30:15	kernel		ix3: promiscuous mode enabled
    Aug 8 10:30:15	kernel		lagg0: promiscuous mode enabled
    Aug 8 10:30:15	kernel		lagg0.4090: promiscuous mode enabled
    Aug 8 10:30:16	login		login on ttyu0 as root
    Aug 8 10:30:16	login		login on ttyv0 as root
    Aug 8 10:38:33	check_reload_status		Syncing firewall
    Aug 8 10:38:38	check_reload_status		Reloading filter
    

Log in to reply