Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    pfBlockerNG 2.2.5_27 cron update and traffic loss

    pfBlockerNG
    2
    5
    151
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      asdjklfjkdslfdsaklj last edited by

      Recently updated to 2.2.5_27, and since then I've noticed traffic loss (established connections failing) during the hourly update process.

      System logs:

      Dec 8 10:06:30	php		[pfBlockerNG] No changes to Firewall rules, skipping Filter Reload
Dec 8 10:00:00	php		[pfBlockerNG] Starting cron process.

      Things start failing right around the "no changes to firewall rules" message, and after about ~30-45sec previous connections re-establish (new TCP sessions), and new connections can establish.

      Sometimes, but not always these messages are seen as well:

      sonewconn: pcb 0xfffff8022bb13000: Listen queue overflow: 8 already in queue awaiting acceptance (1 occurrences)

      Haven't noticed a spike in CPU, memory, etc. during this process.

      Any thoughts regarding where to look further?

      Gertjan 1 Reply Last reply Reply Quote 0
      • Gertjan
        Gertjan @asdjklfjkdslfdsaklj last edited by

        @asdjklfjkdslfdsaklj said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

        and after about ~30-45sec previous connections re-establish

        Let me guess, that is the time unbound (the dns cache + resolver) takes to restart ?
        And will it's going down, and restarts, during this tame : no more DND cache, no more answers to DNS requests.
        ( compare captivity of your logs mentioned above with the DNS log at the same time )

        1 Reply Last reply Reply Quote 0
        • A
          asdjklfjkdslfdsaklj last edited by

          Looks like "kill states" being enabled was killing things. This wasn't happening previously, so need to ascertain whether or not an erroneous item in a list is causing this to fail before recovering, or something to do with pfBlockerNG itself.

          As an aside, no, no issues with name resolution.

          Gertjan 1 Reply Last reply Reply Quote 1
          • Gertjan
            Gertjan @asdjklfjkdslfdsaklj last edited by

            @asdjklfjkdslfdsaklj said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

            As an aside, no, no issues with name resolution.

            Well, I'm still curious to know what the time is between "unbound stop" and "unbound started".

            A 1 Reply Last reply Reply Quote 0
            • A
              asdjklfjkdslfdsaklj @Gertjan last edited by

              @Gertjan said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

              @asdjklfjkdslfdsaklj said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

              As an aside, no, no issues with name resolution.

              Well, I'm still curious to know what the time is between "unbound stop" and "unbound started".

              None, given "Resolver Live Sync" is enabled.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy