5. Boot issues with NanoBSD

Boot issues with NanoBSD

  • M

    The good news is I've implemented my config of having 6 load balanced OVPN connections and routed on an ALIX 2D3 and it works, though there is obviously a CPU issue which I'll come to in a moment.

    But more seriously without manually firing up certain things, the ALIX won't boot up by itself. Here are the problems:

    1. When configuring interfaces, the Ethernet interfaces are all brought up fine, but when ifconfig initialised the ovpncN interfaces, it throws errors on screen, but I can't see this in the log. I believe ifconfig is doing something with trying to configure tx offload on the ovpncN interfaces.
    2. Because the ovpncN interfaces are the WAN connections effectively, until they're up, nothing can be retrieved by pfSense and I believe it stops doing any further processing because of the pfctl burps. Going to the OpenVPN -> Clients manually and re-saving each connection then brings up the connections.
    3. DNS gateways set to pass through ovpncN gateways don't resolve until System -> General is re-saved. This is strange because that only creates static routes to the OVPN gateway, so once the OVPN connection is up it should resolve. But it doesn't.
    4. jimp's Alias urltable tries to re-download the file on boot, instead of persisting the file on NanoBSD as they are kept in /var/db/aliastables which is flushed across boots.  Since in my case the WAN connections aren't available until OVPN starts them, pfctl throws errors.
    5. As you can see from the logs below I have a hifn / vpn1411 card in the ALIX. When using AES-128-CBC, ALIX is happy with it's CPU usage. When using AES-256-CBC however, the CPU does all the crunching reducing the 25mbps available bandwidth to about 9.6mbps throughput. Now the hifn 7955 chip does have AES-256 support, so can someone have a quick chat with the FreeBSD folks to ensure the hifn driver actually offloads AES-256 as well as /dev/random, as this has been around since FreeBSD 5.0 and the driver has never been finished. Since they'll probably be fiddling with /dev/crypto, tell them to also add the Intel Core i5/i7 AES-NI extensions as well.

    Here's dmesg and system.log output at boot time:

    Copyright (c) 1992-2010 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.0-STABLE #0: Tue May  4 21:28:56 EDT 2010
    sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Geode(TM) Integrated Processor by AMD PCS (498.05-MHz 586-class CPU)
  Origin = "AuthenticAMD"  Id = 0x5a2  Family = 5  Model = a  Stepping = 2
  Features=0x88a93d <fpu,de,pse,tsc,msr,cx8,sep,pge,cmov,clflush,mmx>AMD Features=0xc0400000 <mmx+,3dnow!+,3dnow!>real memory  = 268435456 (256 MB)
avail memory = 244469760 (233 MB)
pnpbios: Bad PnP BIOS data checksum
ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_bss_fw, 0xc06bb2e0, 0) error 1
ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc06bb3a0, 0) error 1
ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc06bb460, 0) error 1
wlan: mac acl policy registered
wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/.
wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (wpi_fw, 0xc080d7f0, 0) error 1
K6-family MTRR support enabled (2 registers)
ACPI Error: A valid RSDP was not found (20100121/tbxfroot-309)
ACPI: Table initialisation failed: AE_NOT_FOUND
ACPI: Try disabling either ACPI or apic support.
cryptosoft0: <software crypto=""> on motherboard
padlock0: No ACE support.
pcib0: <host to="" pci="" bridge=""> pcibus 0 on motherboard
pci0: <pci bus=""> on pcib0
Geode LX: PC Engines ALIX.2 v0.99h tinyBIOS V1.4a (C)1997-2007
pci0: <encrypt decrypt,="" entertainment="" crypto=""> at device 1.2 (no driver attached)
vr0: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1000-0x10ff mem 0xe0000000-0xe00000ff irq 10 at device 9.0 on pci0
vr0: Quirks: 0x2
vr0: Revision: 0x96
miibus0: <mii bus=""> on vr0
ukphy0: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus0
ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vr0: [ITHREAD]
vr1: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1400-0x14ff mem 0xe0040000-0xe00400ff irq 11 at device 10.0 on pci0
vr1: Quirks: 0x2
vr1: Revision: 0x96
miibus1: <mii bus=""> on vr1
ukphy1: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus1
ukphy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vr1: [ITHREAD]
vr2: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1800-0x18ff mem 0xe0080000-0xe00800ff irq 15 at device 11.0 on pci0
vr2: Quirks: 0x2
vr2: Revision: 0x96
miibus2: <mii bus=""> on vr2
ukphy2: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus2
ukphy2:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vr2: [ITHREAD]
hifn0 mem 0xe00c0000-0xe00c0fff,0xe0100000-0xe0101fff,0xe0140000-0xe0147fff irq 9 at device 12.0 on pci0
hifn0: [ITHREAD]
hifn0: Hifn 7955, rev 0, 32KB dram, pll=0x801 <ext clk,="" 4x="" mult="">isab0: <pci-isa bridge=""> port 0x6000-0x6007,0x6100-0x61ff,0x6200-0x623f,0x9d00-0x9d7f,0x9c00-0x9c3f at device 15.0 on pci0
isa0: <isa bus=""> on isab0
atapci0: <amd cs5536="" udma100="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xff00-0xff0f at device 15.2 on pci0
ata0: <ata 0="" channel=""> on atapci0
ata0: [ITHREAD]
ata1: <ata 1="" channel=""> on atapci0
ata1: [ITHREAD]
ohci0: <ohci (generic)="" usb="" controller=""> mem 0xefffe000-0xefffefff irq 12 at device 15.4 on pci0
ohci0: [ITHREAD]
usbus0: <ohci (generic)="" usb="" controller=""> on ohci0
ehci0: <amd cs5536="" (geode)="" usb="" 2.0="" controller=""> mem 0xefffd000-0xefffdfff irq 12 at device 15.5 on pci0
ehci0: [ITHREAD]
usbus1: EHCI version 1.0
usbus1: <amd cs5536="" (geode)="" usb="" 2.0="" controller=""> on ehci0
cpu0 on motherboard
orm0: <isa option="" rom=""> at iomem 0xe0000-0xea7ff pnpid ORM0000 on isa0
atrtc0: <at real="" time="" clock=""> at port 0x70 irq 8 on isa0
ppc0: parallel port not found.
uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
uart0: [FILTER]
uart0: console (9600,n,8,1)
uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
uart1: [FILTER]
Timecounter "TSC" frequency 498052899 Hz quality 800
Timecounters tick every 10.000 msec
IPsec: Initialized Security Association Processing.
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 480Mbps High Speed USB v2.0
ugen0.1: <amd> at usbus0
uhub0: <amd 1="" 9="" ohci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
ugen1.1: <amd> at usbus1
uhub1: <amd 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr=""> on usbus1
ad0: 4009MB <innodisk corp.="" -="" icf4000="" 4gb="" 081107=""> at ata0-master PIO4
Root mount waiting for: usbus1 usbus0
uhub0: 4 ports with 4 removable, self powered
Root mount waiting for: usbus1
uhub1: 4 ports with 4 removable, self powered
Trying to mount root from ufs:/dev/ufs/pfsense0</innodisk></amd></amd></amd></amd></at></isa></amd></amd></ohci></ohci></ata></ata></amd></isa></pci-isa></ext></generic></mii></via></generic></mii></via></generic></mii></via></encrypt></pci></host></software></mmx+,3dnow!+,3dnow!></fpu,de,pse,tsc,msr,cx8,sep,pge,cmov,clflush,mmx>

    and system.log:

    May  7 08:08:15 router1 syslogd: kernel boot file is /boot/kernel/kernel
May  7 08:08:15 router1 kernel: Copyright (c) 1992-2010 The FreeBSD Project.
May  7 08:08:15 router1 kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
May  7 08:08:15 router1 kernel: The Regents of the University of California. All rights reserved.
May  7 08:08:15 router1 kernel: FreeBSD is a registered trademark of The FreeBSD Foundation.
May  7 08:08:15 router1 kernel: FreeBSD 8.0-STABLE #0: Tue May  4 21:28:56 EDT 2010
May  7 08:08:15 router1 kernel: sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386
May  7 08:08:15 router1 kernel: Timecounter "i8254" frequency 1193182 Hz quality 0
May  7 08:08:15 router1 kernel: CPU: Geode(TM) Integrated Processor by AMD PCS (498.05-MHz 586-class CPU)
May  7 08:08:15 router1 kernel: Origin = "AuthenticAMD"  Id = 0x5a2  Family = 5  Model = a  Stepping = 2
May  7 08:08:15 router1 kernel: Features=0x88a93d <fpu,de,pse,tsc,msr,cx8,sep,pge,cmov,clflush,mmx>May  7 08:08:15 router1 kernel: AMD Features=0xc0400000 <mmx+,3dnow!+,3dnow!>May  7 08:08:15 router1 kernel: real memory  = 268435456 (256 MB)
May  7 08:08:15 router1 kernel: avail memory = 244469760 (233 MB)
May  7 08:08:15 router1 kernel: pnpbios: Bad PnP BIOS data checksum
May  7 08:08:15 router1 kernel: ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
May  7 08:08:15 router1 kernel: ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
May  7 08:08:15 router1 kernel: module_register_init: MOD_LOAD (ipw_bss_fw, 0xc06bb2e0, 0) error 1
May  7 08:08:15 router1 kernel: ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
May  7 08:08:15 router1 kernel: ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
May  7 08:08:15 router1 kernel: module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc06bb3a0, 0) error 1
May  7 08:08:15 router1 kernel: ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
May  7 08:08:15 router1 kernel: ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
May  7 08:08:15 router1 kernel: module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc06bb460, 0) error 1
May  7 08:08:15 router1 kernel: wlan: mac acl policy registered
May  7 08:08:15 router1 kernel: wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/.
May  7 08:08:15 router1 kernel: wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf.
May  7 08:08:15 router1 kernel: module_register_init: MOD_LOAD (wpi_fw, 0xc080d7f0, 0) error 1
May  7 08:08:15 router1 kernel: K6-family MTRR support enabled (2 registers)
May  7 08:08:15 router1 kernel: ACPI Error: A valid RSDP was not found (20100121/tbxfroot-309)
May  7 08:08:15 router1 kernel: ACPI: Table initialisation failed: AE_NOT_FOUND
May  7 08:08:15 router1 kernel: ACPI: Try disabling either ACPI or apic support.
May  7 08:08:15 router1 kernel: cryptosoft0: <software crypto=""> on motherboard
May  7 08:08:15 router1 kernel: padlock0: No ACE support.
May  7 08:08:15 router1 kernel: pcib0: <host to="" pci="" bridge=""> pcibus 0 on motherboard
May  7 08:08:15 router1 kernel: pci0: <pci bus=""> on pcib0
May  7 08:08:15 router1 kernel: Geode LX: PC Engines ALIX.2 v0.99h tinyBIOS V1.4a (C)1997-2007
May  7 08:08:15 router1 kernel: pci0: <encrypt decrypt,="" entertainment="" crypto=""> at device 1.2 (no driver attached)
May  7 08:08:15 router1 kernel: vr0: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1000-0x10ff mem 0xe0000000-0xe00000ff irq 10 at device 9.0 on pci0
May  7 08:08:15 router1 kernel: vr0: Quirks: 0x2
May  7 08:08:15 router1 kernel: vr0: Revision: 0x96
May  7 08:08:15 router1 kernel: miibus0: <mii bus=""> on vr0
May  7 08:08:15 router1 kernel: ukphy0: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus0
May  7 08:08:15 router1 kernel: ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
May  7 08:08:15 router1 kernel: vr0: [ITHREAD]
May  7 08:08:15 router1 kernel: vr1: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1400-0x14ff mem 0xe0040000-0xe00400ff irq 11 at device 10.0 on pci0
May  7 08:08:15 router1 kernel: vr1: Quirks: 0x2
May  7 08:08:15 router1 kernel: vr1: Revision: 0x96
May  7 08:08:15 router1 kernel: miibus1: <mii bus=""> on vr1
May  7 08:08:15 router1 kernel: ukphy1: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus1
May  7 08:08:15 router1 kernel: ukphy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
May  7 08:08:15 router1 kernel: vr1: [ITHREAD]
May  7 08:08:15 router1 kernel: vr2: <via 10="" vt6105m="" rhine="" iii="" 100basetx=""> port 0x1800-0x18ff mem 0xe0080000-0xe00800ff irq 15 at device 11.0 on pci0
May  7 08:08:15 router1 kernel: vr2: Quirks: 0x2
May  7 08:08:15 router1 kernel: vr2: Revision: 0x96
May  7 08:08:15 router1 kernel: miibus2: <mii bus=""> on vr2
May  7 08:08:15 router1 kernel: ukphy2: <generic ieee="" 802.3u="" media="" interface=""> PHY 1 on miibus2
May  7 08:08:15 router1 kernel: ukphy2:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
May  7 08:08:15 router1 kernel: vr2: [ITHREAD]
May  7 08:08:15 router1 kernel: hifn0 mem 0xe00c0000-0xe00c0fff,0xe0100000-0xe0101fff,0xe0140000-0xe0147fff irq 9 at device 12.0 on pci0
May  7 08:08:15 router1 kernel: hifn0: [ITHREAD]
May  7 08:08:15 router1 kernel: hifn0: Hifn 7955, rev 0, 32KB dram, pll=0x801 <ext clk,="" 4x="" mult="">May  7 08:08:15 router1 kernel: isab0: <pci-isa bridge=""> port 0x6000-0x6007,0x6100-0x61ff,0x6200-0x623f,0x9d00-0x9d7f,0x9c00-0x9c3f at device 15.0 on pci0
May  7 08:08:15 router1 kernel: isa0: <isa bus=""> on isab0
May  7 08:08:15 router1 kernel: atapci0: <amd cs5536="" udma100="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xff00-0xff0f at device 15.2 on pci0
May  7 08:08:15 router1 kernel: ata0: <ata 0="" channel=""> on atapci0
May  7 08:08:15 router1 kernel: ata0: [ITHREAD]
May  7 08:08:15 router1 kernel: ata1: <ata 1="" channel=""> on atapci0
May  7 08:08:15 router1 kernel: ata1: [ITHREAD]
May  7 08:08:15 router1 kernel: ohci0: <ohci (generic)="" usb="" controller=""> mem 0xefffe000-0xefffefff irq 12 at device 15.4 on pci0
May  7 08:08:15 router1 kernel: ohci0: [ITHREAD]
May  7 08:08:15 router1 kernel: usbus0: <ohci (generic)="" usb="" controller=""> on ohci0
May  7 08:08:15 router1 kernel: ehci0: <amd cs5536="" (geode)="" usb="" 2.0="" controller=""> mem 0xefffd000-0xefffdfff irq 12 at device 15.5 on pci0
May  7 08:08:15 router1 kernel: ehci0: [ITHREAD]
May  7 08:08:15 router1 kernel: usbus1: EHCI version 1.0
May  7 08:08:15 router1 kernel: usbus1: <amd cs5536="" (geode)="" usb="" 2.0="" controller=""> on ehci0
May  7 08:08:15 router1 kernel: cpu0 on motherboard
May  7 08:08:15 router1 kernel: orm0: <isa option="" rom=""> at iomem 0xe0000-0xea7ff pnpid ORM0000 on isa0
May  7 08:08:15 router1 kernel: atrtc0: <at real="" time="" clock=""> at port 0x70 irq 8 on isa0
May  7 08:08:15 router1 kernel: ppc0: parallel port not found.
May  7 08:08:15 router1 kernel: uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
May  7 08:08:15 router1 kernel: uart0: [FILTER]
May  7 08:08:15 router1 kernel: uart0: console (9600,n,8,1)
May  7 08:08:15 router1 kernel: uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
May  7 08:08:15 router1 kernel: uart1: [FILTER]
May  7 08:08:15 router1 kernel: Timecounter "TSC" frequency 498052899 Hz quality 800
May  7 08:08:15 router1 kernel: Timecounters tick every 10.000 msec
May  7 08:08:15 router1 kernel: IPsec: Initialized Security Association Processing.
May  7 08:08:15 router1 kernel: usbus0: 12Mbps Full Speed USB v1.0
May  7 08:08:15 router1 kernel: usbus1: 480Mbps High Speed USB v2.0
May  7 08:08:15 router1 kernel: ugen0.1: <amd> at usbus0
May  7 08:08:15 router1 kernel: uhub0: <amd 1="" 9="" ohci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
May  7 08:08:15 router1 kernel: ugen1.1: <amd> at usbus1
May  7 08:08:15 router1 kernel: uhub1: <amd 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr=""> on usbus1
May  7 08:08:15 router1 kernel: ad0: 4009MB <innodisk corp.="" -="" icf4000="" 4gb="" 081107=""> at ata0-master PIO4 
May  7 08:08:15 router1 kernel: Root mount waiting for: usbus1 usbus0
May  7 08:08:15 router1 kernel: uhub0: 4 ports with 4 removable, self powered
May  7 08:08:15 router1 kernel: Root mount waiting for: usbus1
May  7 08:08:15 router1 kernel: uhub1: 4 ports with 4 removable, self powered
May  7 08:08:15 router1 kernel: Trying to mount root from ufs:/dev/ufs/pfsense0
May  7 08:08:15 router1 kernel: pflog0: promiscuous mode enabled
May  7 08:08:15 router1 php: : The command '/usr/bin/fetch -q -o '/var/db/aliastables/UK_Networks.txt.tmp' 'http://www.countryipblocks.net/e_country_data/GB_cidr.txt'' returned exit code '1', the output was 'fetch: http://www.countryipblocks.net/e_country_data/GB_cidr.txt: No address record' 
May  7 08:08:15 router1 php: : The command '/usr/bin/grep -v '^#' '/var/db/aliastables/UK_Networks.txt.tmp' > '/var/db/aliastables/UK_Networks.txt'' returned exit code '2', the output was '' 
May  7 08:08:15 router1 php: : The command '/usr/bin/fetch -q -o '/var/db/aliastables/US_Networks.txt.tmp' 'http://www.countryipblocks.net/e_country_data/US_cidr.txt'' returned exit code '1', the output was 'fetch: http://www.countryipblocks.net/e_country_data/US_cidr.txt: No address record' 
May  7 08:08:15 router1 php: : The command '/usr/bin/grep -v '^#' '/var/db/aliastables/US_Networks.txt.tmp' > '/var/db/aliastables/US_Networks.txt'' returned exit code '2', the output was '' 
May  7 08:08:15 router1 php: : MONITOR: GWSteinsel has high latency, removing from routing group
May  7 08:08:15 router1 php: : MONITOR: GWAmsterdam has high latency, removing from routing group
May  7 08:08:15 router1 php: : MONITOR: GWRotterdam has high latency, removing from routing group
May  7 08:08:15 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:15 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:08:15 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:15 router1 php: : MONITOR: GWChicago has high latency, removing from routing group
May  7 08:08:15 router1 php: : MONITOR: GWSandiego has high latency, removing from routing group
May  7 08:08:15 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:18 router1 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded' 
May  7 08:08:18 router1 php: : New alert found: There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded The line in question reads [ /tmp/rules.debug]: 
May  7 08:08:18 router1 php: : There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [ /tmp/rules.debug]: 
May  7 08:08:18 router1 apinger: Starting Alarm Pinger, apinger(23234)
May  7 08:08:20 router1 php: : The command '/sbin/ifconfig ovpns7' returned exit code '1', the output was 'ifconfig: interface ovpns7 does not exist' 
May  7 08:08:20 router1 kernel: tun7: changing name to 'ovpns7'
May  7 08:08:21 router1 kernel: ovpns7: link state changed to UP
May  7 08:08:23 router1 php: : The command '/sbin/route add '66.90.103.27/32' '10.0.61.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net 66.90.103.27: gateway 10.0.61.1: Network is unreachable' 
May  7 08:08:23 router1 php: : The command '/sbin/route add '67.202.67.106/32' '10.0.111.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net 67.202.67.106: gateway 10.0.111.1: Network is unreachable' 
May  7 08:08:23 router1 php: : The command '/sbin/route add '83.170.114.16/32' '10.0.61.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net 83.170.114.16: gateway 10.0.61.1: Network is unreachable' 
May  7 08:08:23 router1 php: : The command '/sbin/route add '83.170.114.4/32' '10.0.32.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net 83.170.114.4: gateway 10.0.32.1: Network is unreachable' 
May  7 08:08:23 router1 php: : The command '/sbin/route add '83.170.95.133/32' '10.0.111.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net 83.170.95.133: gateway 10.0.111.1: Network is unreachable' 
May  7 08:08:23 router1 dnsmasq[37662]: started, version 2.51 cachesize 10000
May  7 08:08:23 router1 dnsmasq[37662]: compile time options: no-IPv6 GNU-getopt no-DBus I18N DHCP TFTP
May  7 08:08:23 router1 dnsmasq[37662]: reading /etc/resolv.conf
May  7 08:08:23 router1 dnsmasq[37662]: using nameserver AA.BB.CC.DD#53
May  7 08:08:23 router1 dnsmasq[37662]: using nameserver AA.BB.CC.DD#53
May  7 08:08:23 router1 dhcpleases: lease file nees to exist before starting dhcpleases
May  7 08:08:23 router1 dnsmasq[37662]: read /etc/hosts - 9 addresses
May  7 08:08:23 router1 php: : The command '/usr/local/sbin/dhcpleases -l /var/dhcpd/var/db/dhcpd.leases -d localdomain.net -p /var/run/dnsmasq.pid -h /var/etc/hosts' returned exit code '1', the output was 'lease file nees to exist before starting dhcpleases: No such file or directory' 
May  7 08:08:24 router1 php: : The command '/sbin/ifconfig ovpnc1 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc1 does not exist' 
May  7 08:08:24 router1 php: : The command '/sbin/ifconfig ovpnc2 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc2 does not exist' 
May  7 08:08:25 router1 php: : The command '/sbin/ifconfig ovpnc3 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc3 does not exist' 
May  7 08:08:25 router1 php: : The command '/sbin/ifconfig ovpnc4 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc4 does not exist' 
May  7 08:08:25 router1 php: : The command '/sbin/ifconfig ovpnc5 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc5 does not exist' 
May  7 08:08:25 router1 php: : The command '/sbin/ifconfig ovpnc6 -ipfwfilter' returned exit code '1', the output was 'ifconfig: interface ovpnc6 does not exist' 
May  7 08:08:27 router1 sshd[51760]: Server listening on :: port 22.
May  7 08:08:27 router1 sshlockout[52246]: sshlockout starting up
May  7 08:08:27 router1 sshlockout[52246]: sshlockout starting up
May  7 08:08:27 router1 sshd[51760]: Server listening on 0.0.0.0 port 22.
May  7 08:08:28 router1 apinger: ALARM: GWWAN2(192.168.2.254)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWDMZ(192.168.1.254)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWWAN3(192.168.3.254)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWWAN1(AA.BB.CC.DD)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWSteinsel(10.0.61.1)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWAmsterdam(10.0.111.1)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWRotterdam(10.0.32.1)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWLondon(10.0.86.1)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWChicago(10.0.51.1)  *** down ***
May  7 08:08:28 router1 apinger: ALARM: GWSandiego(10.0.26.1)  *** down ***
May  7 08:08:28 router1 apinger: alarm canceled: GWWAN1(AA.BB.CC.DD)  *** down ***
May  7 08:08:28 router1 php: : MONITOR: GWSteinsel has high latency, removing from routing group
May  7 08:08:28 router1 php: : MONITOR: GWAmsterdam has high latency, removing from routing group
May  7 08:08:28 router1 php: : MONITOR: GWRotterdam has high latency, removing from routing group
May  7 08:08:28 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:28 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:08:28 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:28 router1 php: : MONITOR: GWChicago has high latency, removing from routing group
May  7 08:08:28 router1 php: : MONITOR: GWSandiego has high latency, removing from routing group
May  7 08:08:28 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:08:31 router1 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded' 
May  7 08:08:31 router1 php: : New alert found: There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded The line in question reads [ /tmp/rules.debug]: 
May  7 08:08:31 router1 php: : There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:28: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:30: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [ /tmp/rules.debug]: 
May  7 08:08:43 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/wan-queues.rrd -t :wan:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:08:43 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/wan-queuedrops.rrd -t :wan:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:08:50 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/lan-queues.rrd -t :lan:qInternet:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:08:50 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/lan-queuedrops.rrd -t :lan:qInternet:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:09:05 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/opt2-queues.rrd -t :opt2:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:09:05 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/opt2-queuedrops.rrd -t :opt2:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:09:13 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/opt3-queues.rrd -t :opt3:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:09:13 router1 php: : The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/opt3-queuedrops.rrd -t :opt3:qACK:qDefault:qP2P:qVoIP:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: unknown DS name ''' 
May  7 08:09:18 router1 php: /index.php: Successful login for user 'admin' from: 10.0.0.154
May  7 08:10:12 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc1' returned exit code '1', the output was 'ifconfig: interface ovpnc1 does not exist' 
May  7 08:10:12 router1 kernel: tun1: changing name to 'ovpnc1'
May  7 08:10:31 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc2' returned exit code '1', the output was 'ifconfig: interface ovpnc2 does not exist' 
May  7 08:10:32 router1 kernel: tun2: changing name to 'ovpnc2'
May  7 08:10:32 router1 kernel: ovpnc1: link state changed to UP
May  7 08:10:40 router1 apinger: alarm canceled: GWSteinsel(10.0.61.1)  *** down ***
May  7 08:10:41 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc3' returned exit code '1', the output was 'ifconfig: interface ovpnc3 does not exist' 
May  7 08:10:41 router1 kernel: tun3: changing name to 'ovpnc3'
May  7 08:10:51 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc4' returned exit code '1', the output was 'ifconfig: interface ovpnc4 does not exist' 
May  7 08:10:51 router1 kernel: tun4: changing name to 'ovpnc4'
May  7 08:10:57 router1 kernel: ovpnc2: link state changed to UP
May  7 08:10:59 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc5' returned exit code '1', the output was 'ifconfig: interface ovpnc5 does not exist' 
May  7 08:10:59 router1 kernel: tun5: changing name to 'ovpnc5'
May  7 08:11:07 router1 apinger: alarm canceled: GWAmsterdam(10.0.111.1)  *** down ***
May  7 08:11:11 router1 php: /vpn_openvpn_client.php: The command '/sbin/ifconfig ovpnc6' returned exit code '1', the output was 'ifconfig: interface ovpnc6 does not exist' 
May  7 08:11:11 router1 kernel: tun6: changing name to 'ovpnc6'
May  7 08:11:13 router1 kernel: ovpnc3: link state changed to UP
May  7 08:11:23 router1 apinger: alarm canceled: GWRotterdam(10.0.32.1)  *** down ***
May  7 08:11:35 router1 kernel: ovpnc4: link state changed to UP
May  7 08:11:40 router1 kernel: ovpnc5: link state changed to UP
May  7 08:11:40 router1 apinger: alarm canceled: GWLondon(10.0.86.1)  *** down ***
May  7 08:11:45 router1 apinger: alarm canceled: GWChicago(10.0.51.1)  *** down ***
May  7 08:11:47 router1 kernel: ovpnc6: link state changed to UP
May  7 08:11:51 router1 apinger: alarm canceled: GWSandiego(10.0.26.1)  *** down ***
May  7 08:12:14 router1 php: : Creating rrd update script
May  7 08:12:14 router1 php: : The command '/bin/pkill -f updaterrd.sh' returned exit code '1', the output was '' 
May  7 08:12:14 router1 dhcpd: Internet Systems Consortium DHCP Server V3.0.7
May  7 08:12:14 router1 dhcpd: Copyright 2004-2008 Internet Systems Consortium.
May  7 08:12:14 router1 dhcpd: All rights reserved.
May  7 08:12:14 router1 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
May  7 08:12:15 router1 php: miniupnpd: Starting service on interface: lan
May  7 08:12:15 router1 miniupnpd[45062]: HTTP listening on port 2189
May  7 08:12:19 router1 php: : Resyncing configuration for all packages.
May  7 08:12:19 router1 check_reload_status: check_reload_status is starting.
May  7 08:12:20 router1 check_reload_status: syncing firewall
May  7 08:12:20 router1 check_reload_status: updating dyndns
May  7 08:12:23 router1 php: : Reference 1000 is going negative, not doing unreference.
May  7 08:12:23 router1 login: login on console as root
May  7 08:12:28 router1 dnsmasq[37662]: reading /etc/resolv.conf
May  7 08:12:28 router1 dnsmasq[37662]: using nameserver AA.BB.CC.DD#53
May  7 08:12:28 router1 dnsmasq[37662]: using nameserver AA.BB.CC.DD#53
May  7 08:12:28 router1 dnsmasq[37662]: read /etc/hosts - 9 addresses
May  7 08:12:29 router1 dnsmasq[37662]: read /etc/hosts - 9 addresses
May  7 08:12:29 router1 dhcpd: Internet Systems Consortium DHCP Server V3.0.7
May  7 08:12:29 router1 dhcpd: Copyright 2004-2008 Internet Systems Consortium.
May  7 08:12:29 router1 dhcpd: All rights reserved.
May  7 08:12:29 router1 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
May  7 08:12:29 router1 dnsmasq[37662]: exiting on receipt of SIGTERM
May  7 08:12:31 router1 dnsmasq[622]: started, version 2.51 cachesize 10000
May  7 08:12:31 router1 dnsmasq[622]: compile time options: no-IPv6 GNU-getopt no-DBus I18N DHCP TFTP
May  7 08:12:31 router1 dnsmasq[622]: reading /etc/resolv.conf
May  7 08:12:31 router1 dnsmasq[622]: using nameserver AA.BB.CC.DD#53
May  7 08:12:31 router1 dnsmasq[622]: using nameserver AA.BB.CC.DD#53
May  7 08:12:31 router1 dnsmasq[622]: read /etc/hosts - 9 addresses
May  7 08:12:32 router1 dhcpd: Internet Systems Consortium DHCP Server V3.0.7
May  7 08:12:32 router1 dhcpd: Copyright 2004-2008 Internet Systems Consortium.
May  7 08:12:32 router1 dhcpd: All rights reserved.
May  7 08:12:32 router1 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
May  7 08:12:34 router1 miniupnpd[45062]: ioctl(dev, DIOCGETRULES, ...): Invalid argument
May  7 08:12:40 router1 check_reload_status: reloading filter
May  7 08:12:44 router1 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'no IP address found for grep: /tmp/rules.debug:34: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded' 
May  7 08:12:44 router1 php: : New alert found: There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:34: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded The line in question reads [ /tmp/rules.debug]: 
May  7 08:12:44 router1 php: : There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:34: file "/var/db/aliastables/UK_Networks.txt" contains bad data no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [ /tmp/rules.debug]: 
May  7 08:12:52 router1 apinger: ALARM: GWSandiego(10.0.26.1)  *** delay ***
May  7 08:13:01 router1 check_reload_status: syncing firewall
May  7 08:13:04 router1 check_reload_status: reloading filter
May  7 08:13:11 router1 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded' 
May  7 08:13:11 router1 php: : New alert found: There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded The line in question reads [ /tmp/rules.debug]: 
May  7 08:13:11 router1 php: : There were error(s) loading the rules: no IP address found for grep: /tmp/rules.debug:36: file "/var/db/aliastables/US_Networks.txt" contains bad data pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [ /tmp/rules.debug]: 
May  7 08:13:21 router1 check_reload_status: reloading filter
May  7 08:13:22 router1 miniupnpd[45062]: ioctl(dev, DIOCGETRULES, ...): Invalid argument
May  7 08:13:33 router1 check_reload_status: syncing firewall
May  7 08:19:13 router1 sshd[61176]: Accepted keyboard-interactive/pam for admin from 10.0.0.154 port 52533 ssh2
May  7 08:22:58 router1 apinger: ALARM: GWLondon(10.0.86.1)  *** down ***
May  7 08:23:00 router1 apinger: alarm canceled: GWLondon(10.0.86.1)  *** down ***
May  7 08:23:08 router1 check_reload_status: reloading filter
May  7 08:23:17 router1 apinger: ALARM: GWSteinsel(10.0.61.1)  *** loss ***
May  7 08:23:20 router1 php: : MONITOR: GWSteinsel has packet loss, removing from routing group
May  7 08:24:01 router1 check_reload_status: reloading filter
May  7 08:24:16 router1 php: : MONITOR: GWSteinsel has packet loss, removing from routing group
May  7 08:24:53 router1 miniupnpd[45062]: HTTP Connection closed inexpectedly
May  7 08:26:11 router1 apinger: ALARM: GWLondon(10.0.86.1)  *** down ***
May  7 08:26:30 router1 check_reload_status: reloading filter
May  7 08:26:44 router1 php: : MONITOR: GWSteinsel has packet loss, removing from routing group
May  7 08:26:44 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:26:44 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:30:19 router1 apinger: alarm canceled: GWSteinsel(10.0.61.1)  *** loss ***
May  7 08:30:38 router1 check_reload_status: reloading filter
May  7 08:30:50 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:30:50 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:31:34 router1 apinger: ALARM: GWSteinsel(10.0.61.1)  *** delay ***
May  7 08:31:51 router1 check_reload_status: reloading filter
May  7 08:32:05 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:32:05 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:33:00 router1 apinger: ALARM: GWSteinsel(10.0.61.1)  *** loss ***
May  7 08:33:12 router1 check_reload_status: reloading filter
May  7 08:33:22 router1 php: : MONITOR: GWSteinsel has packet loss, removing from routing group
May  7 08:33:22 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:33:22 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:34:22 router1 apinger: alarm canceled: GWSteinsel(10.0.61.1)  *** delay ***
May  7 08:34:36 router1 apinger: alarm canceled: GWSteinsel(10.0.61.1)  *** loss ***
May  7 08:34:42 router1 check_reload_status: reloading filter
May  7 08:34:44 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:34:44 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:34:58 router1 check_reload_status: reloading filter
May  7 08:35:00 router1 php: : MONITOR: GWLondon has high latency, removing from routing group
May  7 08:35:00 router1 php: : All gateways are unavailable, proceeding with configured XML settings!
May  7 08:46:14 router1 apinger: alarm canceled: GWLondon(10.0.86.1)  *** down ***
May  7 08:46:26 router1 check_reload_status: reloading filter</innodisk></amd></amd></amd></amd></at></isa></amd></amd></ohci></ohci></ata></ata></amd></isa></pci-isa></ext></generic></mii></via></generic></mii></via></generic></mii></via></encrypt></pci></host></software></mmx+,3dnow!+,3dnow!></fpu,de,pse,tsc,msr,cx8,sep,pge,cmov,clflush,mmx>
    0
  • M

    With yesterday's snap this has got even worse, and this is using the LiveCD version on a VMWare machine…

    Now, the emX interfaces aren't being configured, and webConfigurator fails to start! :o

    On boot, I have to use the VMWare console to set the LAN IP address, and restart webConfigurator (option 11), then I have to save each interface individually from the web, and finally save each OVPN client to get the thing to startup. What's worse, is there aren't even any logs as the services (ie logtrap and RRD) aren't even attempting to start!

    There is something seriously wrong when an OpenVPN client is assigned as an interface, yet in the late March / early April snaps, this was all fine.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy