Web gui unresponsive

cconk01

The HTTPS page for pfsense 2.0 is not accepting any connections. Before I reboot to pull logs and the build info, is there anything I should try or do?

FYI: I'm running a pretty basic setup, VLAN's, Captive Portal, DHCP, Squid, DNS Forwarding, IPv6, and PPTP VPN server.

wallabybob

@cconk01:

. . . is there anything I should try or do?

Does the HTTP page work?

SSH into the box and verify the web server process is running (# ps ax | grep ttp should show something like

ps ax | grep ttp

2275  ??  SN    1:20.49 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
57683  0  RV    0:00.00 grep ttp (tcsh)

cconk01

Thanks for your response wallabybob.

Does the HTTP page work?

I am unable to access the web gui over http or https.

I am running PFSense 2.0 BETA5

SSH into the box and verify the web server process is running (# ps ax | grep ttp should show something like

I ran the command you described from ssh in the shell and this is whats outputted;

 ps ax | grep ttp
60568  ??  SN     0:13.10 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurato

I also wanted to post the entire output in case I missed something.

PID  TT  STAT      TIME COMMAND
    0  ??  DLs   60:05.03 [kernel]
    1  ??  ILs    0:00.30 /sbin/init --
    2  ??  DL     0:30.13 [g_event]
    3  ??  DL     1:00.55 [g_up]
    4  ??  DL     0:56.18 [g_down]
    5  ??  DL     0:00.00 [crypto]
    6  ??  DL     0:00.00 [crypto returns]
    7  ??  DL     0:03.74 [fdc0]
    8  ??  DL     0:00.00 [sctp_iterator]
    9  ??  DL     0:12.85 [pfpurge]
   10  ??  DL     0:00.00 [audit]
   11  ??  RL   18141:46.85 [idle]
   12  ??  WL   103:56.20 [intr]
   13  ??  DL     0:00.57 [ng_queue]
   14  ??  DL     1:50.68 [yarrow]
   15  ??  DL     0:21.57 [usb]
   16  ??  DL     0:00.00 [xpt_thrd]
   17  ??  DL     0:00.93 [pagedaemon]
   18  ??  DL     0:00.00 [vmdaemon]
   19  ??  DL     0:00.01 [pagezero]
   20  ??  DL     0:01.12 [idlepoll]
   21  ??  DL     0:04.01 [bufdaemon]
   22  ??  DL     0:04.23 [vnlru]
   23  ??  DL    14:06.88 [syncer]
   24  ??  DL     0:05.54 [softdepflush]
   40  ??  DL     0:01.04 [md0]
  249  ??  INs    0:00.40 /usr/local/sbin/check_reload_status
  251  ??  IN     0:00.00 check_reload_status: Monitoring daemon of check_reloa
  262  ??  Is     0:00.01 /sbin/devd
 6004  ??  Is     0:00.96 /usr/local/bin/minicron 240 /var/run/ping_hosts.pid /
 6323  ??  Is     0:00.07 /usr/local/bin/minicron 3600 /var/run/expire_accounts
 6664  ??  Is     0:00.00 /usr/local/bin/minicron 86400 /var/run/update_alias_u
11152  ??  Is     0:00.01 dhclient: em1 [priv] (dhclient)
15807  ??  Is     0:00.00 /usr/local/sbin/squid -D
16243  ??  S     10:55.44 (squid) -D (squid)
16338  ??  I      0:05.92 (unlinkd) (unlinkd)
16389  ??  Is     0:04.26 dhclient: em1 (dhclient)
17014  ??  Is     0:00.02 /usr/local/sbin/sshlockout_pf 15
18840  ??  IN     0:00.01 /usr/bin/top -d 2 -s 1 0
19124  ??  IN     0:00.00 tail -n7
28768  ??  SN     0:12.53 /sbin/ping6 -c3 2001:470:1f06:100e::1
29582  ??  Ss     0:12.85 /usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f 
30307  ??  IN     0:17.27 /usr/local/sbin/dnsmasq --local-ttl 1 --all-servers -
34149  ??  Is     0:01.44 /usr/sbin/cron -s
40651  ??  IN     0:03.53 /usr/local/bin/rrdtool -
40910  ??  SNs    0:39.15 /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroo
41895  ??  I      0:00.00 sleep 55
42635  ??  Is     0:00.04 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.
44292  ??  S      0:00.00 sleep 55
45994  ??  Is     0:00.00 /usr/sbin/sshd
48010  ??  SNs    3:03.26 /usr/local/sbin/apinger -c /var/etc/apinger.conf
48585  ??  Is     0:04.01 /usr/local/bin/minicron 60 /var/run/minicron.pid /etc
52781  ??  Is     0:00.07 /usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/
55630  ??  IN     0:00.02 /bin/sh /var/db/rrd/updaterrd.sh
60568  ??  SN     0:13.10 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfig
61234  ??  INs    0:00.08 /usr/local/bin/php
61988  ??  IN     0:00.29 /usr/local/bin/php
61997  ??  IN     0:00.29 /usr/local/bin/php
62146  ??  Ss     0:00.08 sshd: root@pts/0 (sshd)
62455  ??  Ss     0:00.84 ntpd: [priv] (ntpd)
62607  ??  INs    0:00.08 /usr/local/bin/php
63573  ??  IN     0:07.09 /usr/local/bin/php
63874  ??  IN     0:05.66 /usr/local/bin/php
 2671  u0- S      0:19.92 /bin/sh /usr/local/etc/rc.d/proxy_monitor.sh
 4996  u0- I      0:20.03 sh /usr/local/etc/rc.d/proxy_monitor.sh start
30352  u0- S      0:13.76 /usr/sbin/tcpdump -s 256 -v -l -n -e -ttt -i pflog0
30386  u0- I      0:00.79 logger -t pf -p local0.info
34072  u0  Is+    0:00.00 /usr/libexec/getty bootupcli ttyu0
58262  u0- I      0:01.96 ntpd: ntp engine (ntpd)
22211  v0  Is     0:00.02 login [pam] (login)
22515  v0  I      0:00.00 -sh (sh)
24262  v0  I+     0:00.01 /bin/sh /etc/rc.initial
39548   0  R      0:00.02 /bin/tcsh
45220   0  R+     0:00.00 ps ax
62574   0  Is     0:00.01 -sh (sh)
63475   0  I      0:00.01 /bin/sh /etc/rc.initial

CConk01

wallabybob

Do you get different results if you attempt to connect by hostname vs IP address?

Do you get different results if you attempt to connect by IPv6 address?

Are any of the access attempts logged in the firewall log?

Are any of the access attempts logged in the squid log?

Does a suitable packet trace show the access attempt received in the pfSense box?

cconk01

Do you get different results if you attempt to connect by hostname vs IP address?

No luck using the host name or IP - neither connects.

Do you get different results if you attempt to connect by IPv6 address?

My IPv6 tunnel is configured, but I haven't configured any clients.

Are any of the access attempts logged in the firewall log?

It would appear some of my requests are being blocked, but this is the first time I have pulled the log from the shell, so im not sure if im interpreting it correctly.

10.24.8.100 - Laptop
10.24.8.1 - PFSense Gateway - EM0 VLAN2

Feb  7 22:09:35 fw1 pf:     10.24.8.1.62605 > 10.24.8.100.443: Flags [.], cksum 0x0816 (correct), ack 966762987, win 520, length 0
Feb  7 22:09:39 fw1 pf: 00:00:03.043997 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 42564, offset 0, flags [DF], proto TCP (6), length 40)
Feb  7 22:09:39 fw1 pf:     10.24.8.1.62606 > 10.24.8.100.443: Flags [.], cksum 0x1060 (correct), ack 3962080452, win 520, length 0
Feb  7 22:09:46 fw1 pf: 00:00:07.852971 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 2420, offset 0, flags [DF], proto TCP (6), length 40)
Feb  7 22:09:46 fw1 pf:     10.24.8.1.62607 > 10.24.8.100.443: Flags [.], cksum 0xad74 (correct), ack 2421345212, win 520, length 0
Feb  7 22:10:04 fw1 pf: 00:00:18.096897 rule 2/0(match): block out on em0_vlan2: (tos 0x0, ttl 64, id 53916, offset 0, flags [DF], proto TCP (6), length 40)
Feb  7 22:10:04 fw1 pf:     10.24.8.1.62609 > 10.24.8.100.443: Flags [.], cksum 0x9425 (correct), ack 1981129461, win 520, length 0
Feb  7 22:10:12 fw1 pf: 00:00:07.151419 rule 1/0(match): block in on em1: (tos 0x20, ttl 107, id 256, offset 0, flags [DF], proto TCP (6), length 40)

Are any of the access attempts logged in the squid log?

What is the command to pull the squid log via SSH?

Does a suitable packet trace show the access attempt received in the pfSense box?

Not sure what I would be looking for in the pfsense logs.

Even though I cant access the web gui now, im pretty sure a reboot will resolve my issues… I just want to collect any information I can for you before I reboot....

CConk01

wallabybob

@cconk01:

Even though I cant access the web gui now, im pretty sure a reboot will resolve my issues… I just want to collect any information I can for you before I reboot....

Why do you believe a reboot will resolve your issues? Have you been modifying things before this problem came up? Did you modify firewall rules then the web access died?

Your firewall log clearly shows a https connection attempt blocked on input on em1 (LAN?) How do you think a reboot will get rid of that rule? Perhaps you are planning to reset to factory defaults on the console when you reboot.