Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New log message

    General pfSense Questions
    2
    8
    493
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Antibiotic
      last edited by Antibiotic

      Hello, in system log starts to appear a lot of this similar msg, was not before

      /rc.newwanip: Removing static route for monitor 1.1.1.1 and adding a new route through 10.9.0.7

      What does it mean?

      pfSense plus 24.11 on Topton mini PC
      CPU: Intel N100
      NIC: Intel i-226v 4 pcs
      RAM : 16 GB DDR5
      Disk: 128 GB NVMe
      Brgds, Archi

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        I assume you are using 1.1.1.1 as the gateway monitoring IP on one WAN. It looks like that WAN went down and came back up causing the static route to that to be re-applied.
        We'd need to see more logs from that time to know more.

        A 1 Reply Last reply Reply Quote 0
        • A
          Antibiotic @stephenw10
          last edited by Antibiotic

          @stephenw10

          What kind of log? The same if will continue flooding?
          and yes, this is monitoring IP's for WAN and a few other OpenVPN clients gateways.

          Also this one

          /etc/rc.d/hostid: WARNING: hostid: unable to figure out a UUID from DMI data, generating a new one

          Before I did a rules to block ICMP ang IGMP protocols on LAN,s , but after removed them completely

          pfSense plus 24.11 on Topton mini PC
          CPU: Intel N100
          NIC: Intel i-226v 4 pcs
          RAM : 16 GB DDR5
          Disk: 128 GB NVMe
          Brgds, Archi

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            That hostid message is common and not a problem.

            @Antibiotic said in New log message:

            this is monitoring IP's for WAN and a few other OpenVPN clients gateways

            You can't use the same monitoring IP on more than one gateway because, by default, it adds a static route via that gateway.
            So you probably have a conflict there and that log is indicating the new static route via an OpenVPN gateway.

            But we'd need to see more log lines covering that time to know which interface changed link state etc.

            A 1 Reply Last reply Reply Quote 0
            • A
              Antibiotic @stephenw10
              last edited by Antibiotic

              @stephenw10
              I use a diferent IP address
              1.1.1.1
              8.8.8.8
              9.9.9.9
              and etc., but again have this :

              /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 10.8.0.41
              2024-06-17 11:20:17.232197+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.4.4 and adding a new route through 10.10.0.19
              2024-06-17 11:20:17.289986+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 9.9.9.9 and adding a new route through 10.9.0.7
              2024-06-17 11:20:17.350442+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 1.1.1.2 and adding a new route through 10.16.0.1

              This is my custom settings for OpenVPN clients:

              remote-cert-tls server;
              pull-filter ignore "ifconfig-ipv6 ";
              pull-filter ignore "route-ipv6 ";
              remote-random;
              pull-filter ignore "redirect-gateway ";
              pull-filter ignore "dhcp-option ";

              But the same msg have on WAN gateway

              This is more from log:

              2024-06-17 11:20:15.743904+03:00 php-fpm 41611 /rc.newwanip: rc.newwanip: Info: starting on igc1.
              2024-06-17 11:20:15.744250+03:00 php-fpm 41611 /rc.newwanip: rc.newwanip: on (IP address: 192.168.10.1) (interface: LAN[lan]) (real interface: igc1).
              2024-06-17 11:20:17.115466+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 92.49.x.x and adding a new route through 92.49.x.x
              2024-06-17 11:20:17.177045+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 10.8.0.41
              2024-06-17 11:20:17.232197+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.4.4 and adding a new route through 10.10.0.19
              2024-06-17 11:20:17.289986+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 9.9.9.9 and adding a new route through 10.9.0.7
              2024-06-17 11:20:17.350442+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 1.1.1.2 and adding a new route through 10.16.0.4
              2024-06-17 11:20:18.058814+03:00 php-fpm 41611 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
              2024-06-17 11:20:19.443080+03:00 php-fpm 16238 /rc.start_packages: The command '/usr/local/etc/rc.d/syslog-ng.sh stop' returned exit code '1', the output was ''
              2024-06-17 11:20:20.504916+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:20.540099+03:00 vnstatd 76524 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
              2024-06-17 11:20:20.555882+03:00 tail_pfb 77527 [pfBlockerNG] Firewall Filter Service stopped
              2024-06-17 11:20:20.559268+03:00 php_pfb 78229 [pfBlockerNG] filterlog daemon stopped
              2024-06-17 11:20:20.566596+03:00 lighttpd_pfb 79049 [pfBlockerNG] DNSBL Webserver stopped
              2024-06-17 11:20:20.586793+03:00 lighttpd_pfb 81585 [pfBlockerNG] DNSBL Webserver started
              2024-06-17 11:20:20.591463+03:00 tail_pfb 82925 [pfBlockerNG] Firewall Filter Service started
              2024-06-17 11:20:20.897417+03:00 php_pfb 83152 [pfBlockerNG] filterlog daemon started
              2024-06-17 11:20:21.760803+03:00 php-fpm 41611 /rc.newwanip: Resyncing OpenVPN instances for interface LAN.
              2024-06-17 11:20:21.864697+03:00 php-fpm 41611 /rc.newwanip: Creating rrd update script
              2024-06-17 11:20:23.923311+03:00 php-fpm 41611 /rc.newwanip: Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - 192.168.10.1 -> 192.168.10.1 - Restarting packages.
              2024-06-17 11:20:23.923473+03:00 check_reload_status 646 Starting packages
              2024-06-17 11:20:23.928552+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:23.928614+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:24.943033+03:00 php-fpm 591 /rc.start_packages: Restarting/Starting all packages.
              2024-06-17 11:20:25.831647+03:00 vnstatd 87615 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
              2024-06-17 11:20:35.924105+03:00 vnstatd 28498 SIGTERM received, exiting.
              2024-06-17 11:20:35.982320+03:00 php-fpm 591 /rc.start_packages: Reloading syslog-ng for configuration sync
              2024-06-17 11:20:36.022453+03:00 vnstatd 97771 vnStat daemon 2.11 (pid:97771 uid:0 gid:0, SQLite 3.44.0)
              2024-06-17 11:20:36.022494+03:00 vnstatd 97771 Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
              2024-06-17 11:20:36.022796+03:00 vnstatd 97771 Monitoring (11): pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpnc4 (1000 Mbit) ovpnc3 (1000 Mbit) ovpnc2 (1000 Mbit) ovpnc1 (1000 Mbit) igc3 (10 Mbit) igc2 (1000 Mbit) igc1 (1000 Mbit) igc0 (1000 Mbit) enc0 (1000 Mbit)
              2024-06-17 11:20:36.090138+03:00 supervise/syslog-ng 71045 Daemon exited gracefully, not restarting; exitcode='0'
              2024-06-17 11:20:41.044211+03:00 php-fpm 591 /rc.start_packages: The command '/usr/local/etc/rc.d/syslog-ng.sh stop' returned exit code '1', the output was ''
              2024-06-17 11:20:42.096830+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:42.117390+03:00 vnstatd 5398 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
              2024-06-17 11:20:42.122099+03:00 lighttpd_pfb 6839 [pfBlockerNG] DNSBL Webserver stopped
              2024-06-17 11:20:42.122088+03:00 tail_pfb 6739 [pfBlockerNG] Firewall Filter Service stopped
              2024-06-17 11:20:42.124202+03:00 php_pfb 7831 [pfBlockerNG] filterlog daemon stopped
              2024-06-17 11:20:42.133518+03:00 lighttpd_pfb 9833 [pfBlockerNG] DNSBL Webserver started
              2024-06-17 11:20:42.143070+03:00 tail_pfb 12280 [pfBlockerNG] Firewall Filter Service started
              2024-06-17 11:20:42.255729+03:00 php_pfb 12615 [pfBlockerNG] filterlog daemon started
              2024-06-17 12:30:00.204843+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: Starting up.
              2024-06-17 12:30:00.204990+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: Sleeping for 42 seconds.
              2024-06-17 12:30:42.219910+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: Starting URL table alias updates
              2024-06-17 12:30:42.223521+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: pfB_PRI1_v4 does not need updating.
              2024-06-17 12:30:42.224650+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: pfB_TOR_v4 does not need updating.
              2024-06-17 12:30:42.225195+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: pfB_PRI4_v4 does not need updating.
              2024-06-17 12:30:42.225738+03:00 php-cgi 19237 rc.update_urltables: /etc/rc.update_urltables: pfB_DNSBLIP_v4 does not need updating.
              2024-06-17 12:44:00.012878+03:00 sshguard 63113 Exiting on signal.
              2024-06-17 12:44:00.025157+03:00 sshguard 82511 Now monitoring attacks.
              2024-06-17 13:37:48.763618+03:00 php-fpm 591 /index.php: Successful login for user 'admin' from: 192.168.10.12 (Local Database)

              2024-06-17 11:19:53.359051+03:00 check_reload_status 646 Linkup starting igc1
              2024-06-17 11:19:53.515157+03:00 kernel - igc1: link state changed to UP
              2024-06-17 11:19:54.383802+03:00 php-fpm 41611 /rc.linkup: Hotplug event detected for LAN(lan) static IP address (4: 192.168.10.1)
              2024-06-17 11:19:54.389634+03:00 php-fpm 41611 /rc.linkup: DEVD Ethernet attached event for lan
              2024-06-17 11:19:54.389658+03:00 php-fpm 41611 /rc.linkup: HOTPLUG: Triggering address refresh on lan (igc1)
              2024-06-17 11:19:54.389799+03:00 check_reload_status 646 rc.newwanip starting igc1
              2024-06-17 11:19:54.392147+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:19:54.392181+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:19:55.434623+03:00 php-fpm 41611 /rc.newwanip: rc.newwanip: Info: starting on igc1.
              2024-06-17 11:19:55.434977+03:00 php-fpm 41611 /rc.newwanip: rc.newwanip: on (IP address: 192.168.10.1) (interface: LAN[lan]) (real interface: igc1).
              2024-06-17 11:19:56.212589+03:00 check_reload_status 646 Linkup starting igc1
              2024-06-17 11:19:56.282199+03:00 kernel - igc1: link state changed to DOWN
              2024-06-17 11:19:57.221826+03:00 php-fpm 26892 /rc.linkup: Hotplug event detected for LAN(lan) static IP address (4: 192.168.10.1)
              2024-06-17 11:19:57.226068+03:00 php-fpm 26892 /rc.linkup: DEVD Ethernet detached event for lan
              2024-06-17 11:19:57.603904+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 92.49.0.x.x and adding a new route through 92.49.x.x
              2024-06-17 11:19:57.640656+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 10.8.0.41
              2024-06-17 11:19:57.663667+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.4.4 and adding a new route through 10.10.0.19
              2024-06-17 11:19:57.686448+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 9.9.9.9 and adding a new route through 10.9.0.7
              2024-06-17 11:19:57.709144+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 1.1.1.2 and adding a new route through 10.16.0.4
              2024-06-17 11:19:58.332502+03:00 php-fpm 41611 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
              2024-06-17 11:19:58.503598+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:19:58.503691+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:19:58.834945+03:00 check_reload_status 646 Linkup starting igc1
              2024-06-17 11:19:58.959582+03:00 kernel - igc1: link state changed to UP
              2024-06-17 11:19:59.844825+03:00 php-fpm 590 /rc.linkup: Hotplug event detected for LAN(lan) static IP address (4: 192.168.10.1)
              2024-06-17 11:19:59.854416+03:00 php-fpm 590 /rc.linkup: DEVD Ethernet attached event for lan
              2024-06-17 11:19:59.854522+03:00 php-fpm 590 /rc.linkup: HOTPLUG: Triggering address refresh on lan (igc1)
              2024-06-17 11:19:59.854697+03:00 check_reload_status 646 rc.newwanip starting igc1
              2024-06-17 11:19:59.858980+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:00.485541+03:00 php-fpm 41611 /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1718612400] unbound[15737:0] error: packets timestamping is not supported on this platform [1718612400] unbound[15737:0] warning: socket timestamping is not available [1718612400] unbound[15737:0] error: bind: address already in use [1718612400] unbound[15737:0] fatal error: could not open ports'
              2024-06-17 11:20:00.493142+03:00 php-fpm 41611 /rc.newwanip: Resyncing OpenVPN instances for interface LAN.
              2024-06-17 11:20:00.584307+03:00 php-fpm 41611 /rc.newwanip: Creating rrd update script
              2024-06-17 11:20:00.911487+03:00 php-fpm 590 /rc.newwanip: rc.newwanip: Info: starting on igc1.
              2024-06-17 11:20:00.911687+03:00 php-fpm 590 /rc.newwanip: rc.newwanip: on (IP address: 192.168.10.1) (interface: LAN[lan]) (real interface: igc1).
              2024-06-17 11:20:02.637359+03:00 php-fpm 590 /rc.newwanip: Removing static route for monitor 92.49.0.5 and adding a new route through 92.49.4.1
              2024-06-17 11:20:02.663317+03:00 php-fpm 590 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 10.8.0.41
              2024-06-17 11:20:02.664404+03:00 php-fpm 41611 /rc.newwanip: Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - 192.168.10.1 -> 192.168.10.1 - Restarting packages.
              2024-06-17 11:20:02.664572+03:00 check_reload_status 646 Starting packages
              2024-06-17 11:20:02.666911+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:02.666979+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:02.686453+03:00 php-fpm 590 /rc.newwanip: Removing static route for monitor 8.8.4.4 and adding a new route through 10.10.0.19
              2024-06-17 11:20:02.709446+03:00 php-fpm 590 /rc.newwanip: Removing static route for monitor 9.9.9.9 and adding a new route through 10.9.0.7
              2024-06-17 11:20:02.732551+03:00 php-fpm 590 /rc.newwanip: Removing static route for monitor 1.1.1.2 and adding a new route through 10.16.0.4
              2024-06-17 11:20:03.351817+03:00 php-fpm 590 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
              2024-06-17 11:20:03.708768+03:00 php-fpm 16238 /rc.start_packages: Restarting/Starting all packages.
              2024-06-17 11:20:04.130609+03:00 vnstatd 22133 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
              2024-06-17 11:20:05.770986+03:00 php-fpm 590 /rc.newwanip: Resyncing OpenVPN instances for interface LAN.
              2024-06-17 11:20:05.865800+03:00 php-fpm 590 /rc.newwanip: Creating rrd update script
              2024-06-17 11:20:07.905471+03:00 php-fpm 590 /rc.newwanip: Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - 192.168.10.1 -> 192.168.10.1 - Restarting packages.
              2024-06-17 11:20:07.905638+03:00 check_reload_status 646 Starting packages
              2024-06-17 11:20:07.910586+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:07.910651+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:08.971674+03:00 php-fpm 591 /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
              2024-06-17 11:20:11.021206+03:00 check_reload_status 646 Linkup starting igc1
              2024-06-17 11:20:11.034232+03:00 kernel - igc1: link state changed to DOWN
              2024-06-17 11:20:12.066706+03:00 php-fpm 591 /rc.linkup: Hotplug event detected for LAN(lan) static IP address (4: 192.168.10.1)
              2024-06-17 11:20:12.074522+03:00 php-fpm 591 /rc.linkup: DEVD Ethernet detached event for lan
              2024-06-17 11:20:13.384729+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:13.384811+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:13.675476+03:00 check_reload_status 646 Linkup starting igc1
              2024-06-17 11:20:13.777626+03:00 kernel - igc1: link state changed to UP
              2024-06-17 11:20:14.333790+03:00 vnstatd 47142 SIGTERM received, exiting.
              2024-06-17 11:20:14.411394+03:00 php-fpm 16238 /rc.start_packages: Reloading syslog-ng for configuration sync
              2024-06-17 11:20:14.456493+03:00 vnstatd 28498 vnStat daemon 2.11 (pid:28498 uid:0 gid:0, SQLite 3.44.0)
              2024-06-17 11:20:14.456552+03:00 vnstatd 28498 Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
              2024-06-17 11:20:14.457030+03:00 vnstatd 28498 Monitoring (11): pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpnc4 (1000 Mbit) ovpnc3 (1000 Mbit) ovpnc2 (1000 Mbit) ovpnc1 (1000 Mbit) igc3 (10 Mbit) igc2 (1000 Mbit) igc1 (1000 Mbit) igc0 (1000 Mbit) enc0 (1000 Mbit)
              2024-06-17 11:20:14.526017+03:00 supervise/syslog-ng 51286 Daemon exited gracefully, not restarting; exitcode='0'
              2024-06-17 11:20:14.706582+03:00 php-fpm 41611 /rc.linkup: Hotplug event detected for LAN(lan) static IP address (4: 192.168.10.1)
              2024-06-17 11:20:14.714074+03:00 php-fpm 41611 /rc.linkup: DEVD Ethernet attached event for lan
              2024-06-17 11:20:14.714139+03:00 php-fpm 41611 /rc.linkup: HOTPLUG: Triggering address refresh on lan (igc1)
              2024-06-17 11:20:14.714404+03:00 check_reload_status 646 rc.newwanip starting igc1
              2024-06-17 11:20:14.718106+03:00 check_reload_status 646 Reloading filter
              2024-06-17 11:20:15.743904+03:00 php-fpm 41611 /rc.newwanip: rc.newwanip: Info: starting on igc1.

              pfSense plus 24.11 on Topton mini PC
              CPU: Intel N100
              NIC: Intel i-226v 4 pcs
              RAM : 16 GB DDR5
              Disk: 128 GB NVMe
              Brgds, Archi

              stephenw10S 1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator @Antibiotic
                last edited by

                @Antibiotic said in New log message:

                2024-06-17 11:20:17.115466+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 92.49.x.x and adding a new route through 92.49.x.x
                2024-06-17 11:20:17.177045+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 10.8.0.41
                2024-06-17 11:20:17.232197+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 8.8.4.4 and adding a new route through 10.10.0.19
                2024-06-17 11:20:17.289986+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 9.9.9.9 and adding a new route through 10.9.0.7
                2024-06-17 11:20:17.350442+03:00 php-fpm 41611 /rc.newwanip: Removing static route for monitor 1.1.1.2 and adding a new route through 10.16.0.4

                Are those the correct gateways for those monitoring IPs?

                If so then that's expected. What exactly is the problem here?

                A 1 Reply Last reply Reply Quote 0
                • A
                  Antibiotic @stephenw10
                  last edited by

                  @stephenw10 said in New log message:

                  Removing static route for monitor

                  I just wanna ask, is it normally that everyday this happened?

                  pfSense plus 24.11 on Topton mini PC
                  CPU: Intel N100
                  NIC: Intel i-226v 4 pcs
                  RAM : 16 GB DDR5
                  Disk: 128 GB NVMe
                  Brgds, Archi

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Yes. When gateway comes back up static routes using it are reapplied.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.