Why is the firewall filter sooo slow to access?
-
I've had this problem ever since I first loaded pfSense 2.5. Pull up the firewall logs through the system logs and getting that page up takes minutes! It gets worse when I try to spawn the firewall filter. When it works, it's taken in excess of 3 minutes to get the filter to even show, and sometimes it never does (no erros or anything). Once you finally get the filter to show, filtering the logs doesn't take that long, (maybe 1 minute), but sometimes it takes multiple attempts to get the filter to show. Repeated clicks on the (for lack of a better word) icon shows the clicks (requests) for the filter buffer so if & when they do show up, and they roll by you have to wait to see if the last command (click) was to spawn it or close it. VERY frustrating. It has steadily gotten worse with each update. 2.72.2 was very slow, in 2.8.0 it's almost unusable. It seems worse in Firefox than in Edge, but both browsers are cripplingly slow.
Has anyone else experienced this?
Does anyone have an idea of how to fix this?Thanks ahead of time,
Jabiru -
@Jabiru said in Why is the firewall filter sooo slow to access?:
Has anyone else experienced this?
Loading a page like this :
takes ... don't know, ten of milliseconds for sure. Not more.
3 minutes ? How many rules do you have ??@Jabiru said in Why is the firewall filter sooo slow to access?:
Does anyone have an idea of how to fix this?
Can you imagine, waiting for minutes for a web page with the interface firewall rules to show up, the (this) forum would be obliterated with complaints.
The bad news is the good new : this only happens to you.So, without any details that could explain this behavior, I see two possible reasons :
Reset pfSense to 100 % default settings - make LAN and WAN work and do not change anything else, and the problem is solved.
If not, get other hardware.No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
Are you running PF Sense on a USB drive?
-
@Gertjan He said logs, not rules. For me, the logs page takes maybe half a second to display the first page. OP likely has a weak CPU and/or slow storage.
-
@KOM said in Why is the firewall filter sooo slow to access?:
He said logs
Stupid me.How big are the logs files ?
Example : if you have big log files (like mine, 2097152, already way bigger as the default value) this can explain why the GUI, using PHP to read and parse the files, takes a long time doing so.
What are the log settings :
Question : do you get a lot of log lines added to this firewall log ?
Answer : check with :
tail -f /var/log/filter.logDo you have some / none / all firewall rules that logs ?
-
@Jabiru said in Why is the firewall filter sooo slow to access?:
Has anyone else experienced this?
As mentioned how big are your logs, how many entries do you display? I have my logs to show the last 5000 entries, so its not instant - but it doesn't take minutes.
Do you have compression setup?
So I just clicked into firewall logs - and doing the exact timing method of counting 1001,1002,etc.. in my head it was about 10 seconds to display.. And you will notice I display last 5000 records
Speed will for sure vary depending what your running pfsense on, number of logs, etc. etc..
I think you can have a problem if you have tiny log files, and you compress them - and then want to display a lot of records were pfsense has to open up logs that have been rotated and compressed.. If I recall there was some issue brought up with that quite some time ago about log compression. If you look on the setting it is recommended not to use compression if you are using zfs file system - which has been around for good long time.
My log files are not as big as @Gertjan at 2MB, but mine are set to 1MB.
I should prob increase mine, looks like I only go back couple of days with my current rotation
-rw------- 1 root wheel 239079 Oct 29 22:30 filter.log -rw------- 1 root wheel 1030487 Oct 29 21:54 filter.log.0 -rw------- 1 root wheel 1024324 Oct 29 15:45 filter.log.1 -rw------- 1 root wheel 1023497 Oct 29 06:58 filter.log.2 -rw------- 1 root wheel 1023468 Oct 28 23:09 filter.log.3 -rw------- 1 root wheel 1025519 Oct 28 18:20 filter.log.4 -rw------- 1 root wheel 1023953 Oct 28 12:26 filter.log.5edit: just bumped to 2MB and 8 logs vs the 6 I had.
-
My settings, filters, etc. load almost instantly (<1sec) at home. It's running on a rather old HP Intel I5 with 4GB memory.
