Web gui unresponsive



  • The HTTPS page for pfsense 2.0 is not accepting any connections. Before I reboot to pull logs and the build info, is there anything I should try or do?

    FYI: I'm running a pretty basic setup, VLAN's, Captive Portal, DHCP, Squid, DNS Forwarding, IPv6, and PPTP VPN server.



  • @cconk01:

    . . . is there anything I should try or do?

    Does the HTTP page work?

    SSH into the box and verify the web server process is running (# ps ax | grep ttp should show something like

    ps ax | grep ttp

    2275  ??  SN    1:20.49 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
    57683  0  RV    0:00.00 grep ttp (tcsh)



  • Thanks for your response wallabybob.

    Does the HTTP page work?

    I am unable to access the web gui over http or https.

    I am running PFSense 2.0 BETA5

    SSH into the box and verify the web server process is running (# ps ax | grep ttp should show something like

    I ran the command you described from ssh in the shell and this is whats outputted;

     ps ax | grep ttp
    60568  ??  SN     0:13.10 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurato
    

    I also wanted to post the entire output in case I missed something.

    PID  TT  STAT      TIME COMMAND
        0  ??  DLs   60:05.03 [kernel]
        1  ??  ILs    0:00.30 /sbin/init --
        2  ??  DL     0:30.13 [g_event]
        3  ??  DL     1:00.55 [g_up]
        4  ??  DL     0:56.18 [g_down]
        5  ??  DL     0:00.00 [crypto]
        6  ??  DL     0:00.00 [crypto returns]
        7  ??  DL     0:03.74 [fdc0]
        8  ??  DL     0:00.00 [sctp_iterator]
        9  ??  DL     0:12.85 [pfpurge]
       10  ??  DL     0:00.00 [audit]
       11  ??  RL   18141:46.85 [idle]
       12  ??  WL   103:56.20 [intr]
       13  ??  DL     0:00.57 [ng_queue]
       14  ??  DL     1:50.68 [yarrow]
       15  ??  DL     0:21.57 [usb]
       16  ??  DL     0:00.00 [xpt_thrd]
       17  ??  DL     0:00.93 [pagedaemon]
       18  ??  DL     0:00.00 [vmdaemon]
       19  ??  DL     0:00.01 [pagezero]
       20  ??  DL     0:01.12 [idlepoll]
       21  ??  DL     0:04.01 [bufdaemon]
       22  ??  DL     0:04.23 [vnlru]
       23  ??  DL    14:06.88 [syncer]
       24  ??  DL     0:05.54 [softdepflush]
       40  ??  DL     0:01.04 [md0]
      249  ??  INs    0:00.40 /usr/local/sbin/check_reload_status
      251  ??  IN     0:00.00 check_reload_status: Monitoring daemon of check_reloa
      262  ??  Is     0:00.01 /sbin/devd
     6004  ??  Is     0:00.96 /usr/local/bin/minicron 240 /var/run/ping_hosts.pid /
     6323  ??  Is     0:00.07 /usr/local/bin/minicron 3600 /var/run/expire_accounts
     6664  ??  Is     0:00.00 /usr/local/bin/minicron 86400 /var/run/update_alias_u
    11152  ??  Is     0:00.01 dhclient: em1 [priv] (dhclient)
    15807  ??  Is     0:00.00 /usr/local/sbin/squid -D
    16243  ??  S     10:55.44 (squid) -D (squid)
    16338  ??  I      0:05.92 (unlinkd) (unlinkd)
    16389  ??  Is     0:04.26 dhclient: em1 (dhclient)
    17014  ??  Is     0:00.02 /usr/local/sbin/sshlockout_pf 15
    18840  ??  IN     0:00.01 /usr/bin/top -d 2 -s 1 0
    19124  ??  IN     0:00.00 tail -n7
    28768  ??  SN     0:12.53 /sbin/ping6 -c3 2001:470:1f06:100e::1
    29582  ??  Ss     0:12.85 /usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f 
    30307  ??  IN     0:17.27 /usr/local/sbin/dnsmasq --local-ttl 1 --all-servers -
    34149  ??  Is     0:01.44 /usr/sbin/cron -s
    40651  ??  IN     0:03.53 /usr/local/bin/rrdtool -
    40910  ??  SNs    0:39.15 /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroo
    41895  ??  I      0:00.00 sleep 55
    42635  ??  Is     0:00.04 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.
    44292  ??  S      0:00.00 sleep 55
    45994  ??  Is     0:00.00 /usr/sbin/sshd
    48010  ??  SNs    3:03.26 /usr/local/sbin/apinger -c /var/etc/apinger.conf
    48585  ??  Is     0:04.01 /usr/local/bin/minicron 60 /var/run/minicron.pid /etc
    52781  ??  Is     0:00.07 /usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/
    55630  ??  IN     0:00.02 /bin/sh /var/db/rrd/updaterrd.sh
    60568  ??  SN     0:13.10 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfig
    61234  ??  INs    0:00.08 /usr/local/bin/php
    61988  ??  IN     0:00.29 /usr/local/bin/php
    61997  ??  IN     0:00.29 /usr/local/bin/php
    62146  ??  Ss     0:00.08 sshd: root@pts/0 (sshd)
    62455  ??  Ss     0:00.84 ntpd: [priv] (ntpd)
    62607  ??  INs    0:00.08 /usr/local/bin/php
    63573  ??  IN     0:07.09 /usr/local/bin/php
    63874  ??  IN     0:05.66 /usr/local/bin/php
     2671  u0- S      0:19.92 /bin/sh /usr/local/etc/rc.d/proxy_monitor.sh
     4996  u0- I      0:20.03 sh /usr/local/etc/rc.d/proxy_monitor.sh start
    30352  u0- S      0:13.76 /usr/sbin/tcpdump -s 256 -v -l -n -e -ttt -i pflog0
    30386  u0- I      0:00.79 logger -t pf -p local0.info
    34072  u0  Is+    0:00.00 /usr/libexec/getty bootupcli ttyu0
    58262  u0- I      0:01.96 ntpd: ntp engine (ntpd)
    22211  v0  Is     0:00.02 login [pam] (login)
    22515  v0  I      0:00.00 -sh (sh)
    24262  v0  I+     0:00.01 /bin/sh /etc/rc.initial
    39548   0  R      0:00.02 /bin/tcsh
    45220   0  R+     0:00.00 ps ax
    62574   0  Is     0:00.01 -sh (sh)
    63475   0  I      0:00.01 /bin/sh /etc/rc.initial
    

    CConk01



  • Do you get different results if you attempt to connect by hostname vs IP address?

    Do you get different results if you attempt to connect by IPv6 address?

    Are any of the access attempts logged in the firewall log?

    Are any of the access attempts logged in the squid log?

    Does a suitable packet trace show the access attempt received in the pfSense box?



  • Do you get different results if you attempt to connect by hostname vs IP address?

    No luck using the host name or IP - neither connects.

    Do you get different results if you attempt to connect by IPv6 address?

    My IPv6 tunnel is configured, but I haven't configured any clients.

    Are any of the access attempts logged in the firewall log?

    It would appear some of my requests are being blocked, but this is the first time I have pulled the log from the shell, so im not sure if im interpreting it correctly.

    10.24.8.100 - Laptop
    10.24.8.1 - PFSense Gateway - EM0 VLAN2

    Feb  7 22:09:35 fw1 pf:     10.24.8.1.62605 > 10.24.8.100.443: Flags [.], cksum 0x0816 (correct), ack 966762987, win 520, length 0
    Feb  7 22:09:39 fw1 pf: 00:00:03.043997 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 42564, offset 0, flags [DF], proto TCP (6), length 40)
    Feb  7 22:09:39 fw1 pf:     10.24.8.1.62606 > 10.24.8.100.443: Flags [.], cksum 0x1060 (correct), ack 3962080452, win 520, length 0
    Feb  7 22:09:46 fw1 pf: 00:00:07.852971 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 2420, offset 0, flags [DF], proto TCP (6), length 40)
    Feb  7 22:09:46 fw1 pf:     10.24.8.1.62607 > 10.24.8.100.443: Flags [.], cksum 0xad74 (correct), ack 2421345212, win 520, length 0
    Feb  7 22:10:04 fw1 pf: 00:00:18.096897 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 53916, offset 0, flags [DF], proto TCP (6), length 40)
    Feb  7 22:10:04 fw1 pf:     10.24.8.1.62609 > 10.24.8.100.443: Flags [.], cksum 0x9425 (correct), ack 1981129461, win 520, length 0
    Feb  7 22:10:12 fw1 pf: 00:00:07.151419 rule 1/0(match): block in on em1: (tos 0x20, ttl 107, id 256, offset 0, flags [DF], proto TCP (6), length 40)
    

    Are any of the access attempts logged in the squid log?

    What is the command to pull the squid log via SSH?

    Does a suitable packet trace show the access attempt received in the pfSense box?

    Not sure what I would be looking for in the pfsense logs.

    Even though I cant access the web gui now, im pretty sure a reboot will resolve my issues… I just want to collect any information I can for you before I reboot....

    CConk01



  • @cconk01:

    Even though I cant access the web gui now, im pretty sure a reboot will resolve my issues… I just want to collect any information I can for you before I reboot....

    Why do you believe a reboot will resolve your issues? Have you been modifying things before this problem came up? Did you modify firewall rules then the web access died?

    Your firewall log clearly shows a https connection attempt blocked on input on em1 (LAN?) How do you think a reboot will get rid of that rule? Perhaps you are planning to reset to factory defaults on the console when you reboot.


Log in to reply