Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Suricata XMLRPC errors

    HA/CARP/VIPs
    1
    1
    88
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      ws6 last edited by ws6

      Hi, If this is in the wrong section please move it.

      I am running 2.4.5-p1. I am using 2 older dell desktop in an HA config for the firewalls. The onboard nic on each system is dedicated to HA and connected with a crossover cable. HA seems to work but i have recently been getting some XMLRPC errors that are tied to suricata:

      Feb 11 05:32:35 php-fpm 30921 /rc.start_packages: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:32:35 php-fpm 30921 /rc.start_packages: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:32:35 php-fpm 30921 /rc.start_packages: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.merge_installedpackages_section).
      Feb 11 05:32:35 php-fpm 30921 /rc.start_packages: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:32:36 php-fpm 30921 /rc.start_packages: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:32:36 php-fpm 30921 /rc.start_packages: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:32:36 php-fpm 30921 /rc.start_packages: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:32:36 php-fpm 30921 [suricata] XMLRPC sync completed.
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: A communications error occurred while attempting to call XMLRPC method exec_php:
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: New alert found: A communications error occurred while attempting to call XMLRPC method exec_php:
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:33:22 php-fpm 67379 /suricata/suricata_rulesets.php: A communications error occurred while attempting to call XMLRPC method exec_php:
      Feb 11 05:33:22 php-fpm 67379 /suricata/suricata_rulesets.php: New alert found: A communications error occurred while attempting to call XMLRPC method exec_php:
      Feb 11 05:33:22 php-fpm 67379 /suricata/suricata_rulesets.php: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: Beginning XMLRPC sync data to https://---Host2-HA-IP---:443/xmlrpc.php.
      Feb 11 05:33:22 php-fpm 67379 /suricata/suricata_rulesets.php: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:33:22 php-fpm 67379 [suricata] XMLRPC sync completed.
      Feb 11 05:33:22 php-fpm 30510 /suricata/suricata_rulesets.php: XMLRPC reload data success with https://---Host2-HA-IP---:443/xmlrpc.php (pfsense.exec_php).
      Feb 11 05:33:22 php-fpm 30510 [suricata] XMLRPC sync completed.

      Suricata is enabled on all the inside network interfaces but not the HA interfaces. HA rules are ipv4 any to any. IPS mode is legacy with promiscuous mode off on all.

      any suggestions on what to look at next to resolve this?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy