Snapshot 20100401-1542 breaks captive portal



  • Im running dual wan setup with captive portal enabled on one of my vlans, upgrading to the latest snapshop produces the errors below, Ive reverted back to 1st apr build and things are back to normal.

    I'd be happy to help diagnose this further if the dev's need.

    Slam

    –snip

    Apr 2 23:23:12 check_reload_status: check_reload_status is starting.
    Apr 2 23:23:12 php: : Resyncing configuration for all packages.
    Apr 2 23:23:12 dnsmasq[44690]: read /etc/hosts - 20 addresses
    Apr 2 23:23:12 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
    Apr 2 23:23:12 dhcpd: All rights reserved.
    Apr 2 23:23:12 dhcpd: Copyright 2004-2008 Internet Systems Consortium.
    Apr 2 23:23:12 dhcpd: Internet Systems Consortium DHCP Server V3.0.7
    Apr 2 23:23:11 php: : The command '/bin/pkill updaterrd.sh' returned exit code '1', the output was ''
    Apr 2 23:23:11 php: : Creating rrd update script
    Apr 2 23:23:11 php: : All gateways are unavailable, proceeding with configured XML settings!
    Apr 2 23:23:11 php: : MONITOR: be has high latency, removing from routing group
    Apr 2 23:23:11 php: : MONITOR: o2 has high latency, removing from routing group
    Apr 2 23:23:08 php: : The command '/sbin/ipfw add 1893 set 1 skipto 50000 ip from table(2) to any out' returned exit code '69', the output was 'ipfw: getsockopt(IP_FW_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw add 1892 set 1 skipto 50000 ip from any to table(2) in' returned exit code '69', the output was 'ipfw: getsockopt(IP_FW_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw add 1891 set 1 skipto 50000 ip from any to table(1) out' returned exit code '69', the output was 'ipfw: getsockopt(IP_FW_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw add 1890 set 1 skipto 50000 ip from table(1) to any in' returned exit code '69', the output was 'ipfw: getsockopt(IP_FW_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 2 add 10.0.20.2' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 add 10.0.1.12' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 add 10.0.1.11' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 add 10.0.1.10' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 add 10.0.0.11' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 add 10.0.0.10' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_ADD): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 2 flush' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_FLUSH): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw table 1 flush' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_FLUSH): Protocol not available'
    Apr 2 23:23:08 php: : The command '/sbin/ipfw /tmp/ipfw.cp.rules' returned exit code '69', the output was 'Line 1: getsockopt(IP_FW_ADD): Protocol not available'
    Apr 2 23:23:07 sshlockout[55277]: sshlockout starting up
    Apr 2 23:23:07 sshlockout[55277]: sshlockout starting up
    Apr 2 23:23:07 sshd[55051]: Server listening on 0.0.0.0 port 22.
    Apr 2 23:23:07 sshd[55051]: Server listening on :: port 22.
    Apr 2 23:23:07 php: : The command '/sbin/ipfw -f delete set 1' returned exit code '69', the output was 'ipfw: rule 16777217: setsockopt(IP_FW_DEL): Protocol not available'
    Apr 2 23:23:07 php: : The command '/sbin/ipfw table all flush' returned exit code '71', the output was 'ipfw: Warn: Failed to get the max tables number via sysctl. Using the compiled in defaults. The reason was: No such file or directory ipfw: setsockopt(IP_FW_TABLE_FLUSH): Protocol not available'
    Apr 2 23:23:07 php: : The command 'sysctl net.inet.ip.fw.dyn_max=10000' returned exit code '1', the output was 'sysctl: unknown oid 'net.inet.ip.fw.dyn_max''
    Apr 2 23:23:07 kernel: KLD ipfw.ko: depends on libalias - not available or version mismatch
    Apr 2 23:23:07 kernel: em3_vlan11: link state changed to UP
    Apr 2 23:23:07 kernel: em3_vlan22: link state changed to UP
    Apr 2 23:23:07 kernel: em3_vlan33: link state changed to UP
    Apr 2 23:23:07 kernel: em3_vlan100: link state changed to UP
    Apr 2 23:23:07 kernel: em3: link state changed to UP
    Apr 2 23:23:07 php: : The command '/sbin/kldload ipfw' returned exit code '1', the output was 'kldload: can't load ipfw: No such file or directory'
    Apr 2 23:23:07 dnsmasq[44690]: read /etc/hosts - 13 addresses
    Apr 2 23:23:07 dnsmasq[44690]: using nameserver 208.67.220.220#53
    Apr 2 23:23:07 dnsmasq[44690]: using nameserver 208.67.222.222#53
    Apr 2 23:23:07 dnsmasq[44690]: reading /etc/resolv.conf
    Apr 2 23:23:07 dnsmasq[44690]: compile time options: no-IPv6 GNU-getopt no-DBus I18N DHCP TFTP
    Apr 2 23:23:07 dnsmasq[44690]: started, version 2.51 cachesize 10000
    Apr 2 23:23:07 kernel: em1: link state changed to UP
    Apr 2 23:23:06 kernel: em2: link state changed to UP
    Apr 2 23:23:06 kernel: em0: link state changed to UP
    Apr 2 23:23:05 apinger: Starting Alarm Pinger, apinger(27900)
    Apr 2 23:23:05 kernel: load_dn_sched dn_sched WF2Q+ loaded
    Apr 2 23:23:05 kernel: load_dn_sched dn_sched RR loaded
    Apr 2 23:23:05 kernel: load_dn_sched dn_sched QFQ loaded
    Apr 2 23:23:05 kernel: load_dn_sched dn_sched FIFO loaded
    Apr 2 23:23:04 kernel: pflog0: promiscuous mode enabled
    Apr 2 23:23:04 php: : All gateways are unavailable, proceeding with configured XML settings!
    Apr 2 23:23:04 php: : MONITOR: be has high latency, removing from routing group
    Apr 2 23:23:04 php: : MONITOR: o2 has high latency, removing from routing group
    Apr 2 23:23:04 kernel: Trying to mount root from ufs:/dev/ad0s1a
    Apr 2 23:23:04 kernel: uhub6: 6 ports with 6 removable, self powered
    Apr 2 23:23:04 kernel: uhub2: 4 ports with 4 removable, self powered
    Apr 2 23:23:04 kernel: Root mount waiting for: usbus6 usbus2
    Apr 2 23:23:04 kernel: SMP: AP CPU #1 Launched!

    snip–



  • If  you can test again 'kldload ipfw' should keep you running.
    Not sure why it is failing for you.



  • Ive tried the command

    kldload: can't load ipfw: No such file or directory

    edit: I just noticed this in the log when I tried kldload ipfw

    Apr 2 23:50:08 kernel: KLD ipfw.ko: depends on libalias - not available or version mismatch



  • Hi Ermal,

    I noticed you made some more changes so I thought I would try a more recent snapshot (pfSense-Full-Update-2.0-BETA1-20100412-1748) and those errors have gone away and the captive portal isnt bypassed as it was before, however using captive portal with "Per-user bandwidth restriction" enabled breaks captive portal again unfortunetly, the captive portal page loads on the client, when the client
    authenticates successfully, the redirect page appears but just sits there in a stalled state, if the "Per-user bandwidth restriction" is disabled, the client gets redirected successfully.

    I also noticed this error in the log when I enable/disable captive portal.

    Apr 13 04:28:57 php: /services_captiveportal.php: The command '/sbin/ipfw -f delete set 1' returned exit code '69', the output was 'ipfw: rule 16777217: setsockopt(IP_FW_DEL): Invalid argument'
    Apr 13 04:28:57 kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding enabled, default to accept, logging disabled

    Thanks in advance.

    Slam


Log in to reply