504 Gateway error after update
-
Hello,
I have pfblockerng and avahi installed and after updating I get a 504 error on my gui.
The firewall works for routing but GUI is unresponsive.SG-2100
latest firmware -
That usually implies php has stopped for some reason.
First thing I would do there is go to the console and run option 16 (Restart PHP-FPM) followed by option 11(Restart webConfigurator). Then try to access the webgui again and check the logs.
Steve
-
@stephenw10
Is there a max run for USB console cable length?
I don't have a working laptop at the moment. -
Hmm, I've never tested anything very long. I have used a 5m extension before and it was fine. I usually just cross connect it to some other nearby host, but my setup is... atypical!
Steve
-
@stephenw10
OK so I finally got the cable (15ft) with a ferrite core and plugged in and got the serial port to respond.
I tried to restart php and the web configurator but the webgui still is unresponsive afterwards.
Going to try a reboot. -
@stephenw10 ok even after a reroot things are still not working
-
You are seeing that for every page in the gui after the reboot?
Do you see any errors in the boot logs?
Otherwise check the system and nginx logs from the command line for errors:
https://docs.netgate.com/pfsense/en/latest/monitoring/logs/manage.html#viewing-log-contents-21-02-2-5-0-and-laterSteve
-
@stephenw10 when I log in the GUI it's just a white screen and it's permanently pinwheeling
-
You might try accessing a page other than the dashboard dircetly. One of the widgets there may be causing an issue. So, for example: https://192.168.1.1/status_logs.php
Otherwise check the logs.
Steve
-
@stephenw10 oh yeah that does work!
There was several errors about loading a rules list called pfctl_rules -
maybe a few more than several
-
Hmm, OK, that's a lot of errors!
I've not seen exactly that before but similar issues have been the result of an incomplete upgrade.
What is the output at the command line of?:pkg info -x pfsenseSteve
-
@stephenw10
Hi Stephen,
Yeah the update did not go smoothly.
Maybe it's something I have misconfigured or maybe it's a bug.pfSense-22.05
pfSense-Status_Monitoring-1.7.11_4
pfSense-base-22.05
pfSense-default-config-serial-22.05
pfSense-kernel-pfSense-22.05
pfSense-pkg-Avahi-2.2_1
pfSense-pkg-Status_Traffic_Totals-2.3.2_2
pfSense-pkg-acme-0.7.1_1
pfSense-pkg-bandwidthd-0.7.4_5
pfSense-pkg-darkstat-3.1.3_5
pfSense-pkg-iperf-3.0.2_5
pfSense-pkg-nmap-1.4.4_6
pfSense-pkg-pfBlockerNG-devel-3.1.0_4
pfSense-rc-22.05
pfSense-repo-22.05_2
pfSense-u-boot-1100-20220428
pfSense-u-boot-2100-20210930_1
pfSense-u-boot-env-20220429
pfSense-upgrade-1.0_26
php74-pfSense-module-0.81 -
@jvamos
none of these package show updates available
when trying to access https://192.168.1.1/firewall_rules.php there is a 502 bad gateway error. -
Hmm, do you have any 'unusual' rules?
-
@stephenw10
Maybe some poorly configured outdated vlans? -
No it would need to be some combinations of odd settings making it unique. Like maybe a gateway, schedule, IP options and one TCP flag or something equally weird.
Try running at the command line:
pfctl -vvf /tmp/rules.debugIf it's a rules issue directly that will fail but should show what it's choking on.
Steve
-
You should also check the running kernel with
uname -ain case it's booted the 22.01 kernel somehow. For example:[22.05-RELEASE][admin@2100-2.stevew.lan]/root: uname -a FreeBSD 2100-2.stevew.lan 12.3-STABLE FreeBSD 12.3-STABLE plus-RELENG_22_05-n202700-3ddaea61055 pfSense arm64Steve
-
Loaded 762 passive OS fingerprints pfctl: pfctl_rules pfctl: DIOCXROLLBACK: Invalid argumentI think you were right. The upgrade only half finished.
uname -a FreeBSD pfsense.johnst 12.3-STABLE FreeBSD 12.3-STABLE plus-RELENG_22_01-n202637-97cc5c23e13 pfSense arm64 -
pfSense-upgrade -d -c >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Your system is up to date
