PfSense stops refreshing available packages for download



  • I have a really weird problem with my pfSense box.

    My setup is pretty simple.

    Cable Modem–--pfSense Box-----Gigabit VLAN Switch-----WAP in with WAN bridged-----Wireless Client

    The installation went smooth i was able to install in addition Snort and iPerf. Web browsing works fine. Speed is also perfect.

    I can do whatever changes i need to the configuration and everything seems to be working like expected.

    Just after a while IDLE when i try to go to the menu with the packages for installation, pfSense box shows me the installed packages list and when i hit the menu for the available packages for download it says that it cant acces the online list and builds the list from its cache. When i try to install a package it says installation is aborted/halted and nothing happens. I noticed that i can not access the www.pfsense.org or the forum pages neither.

    When i do a ping from my cmd in win to whatsoever hosts it works fine i.e. www.google.com or www.yahoo.com. but ping to www.pfsense.org does not work at all.

    After i reboot the router everything comes back to normal i can download and install packages and access the www.pfsense.org page and the forums as well. Like now writing this topic but i am not sure for how long and why the pfSense box cuts the access to its source page at all.

    Anybody with the same problem or any idea !?
    Your help will be really appreciated.

    I think i found the problem when i start SNORT then i can observe this strange effect but now the other question is which rule is initiating the problems!?



  • @blastinc:

    now the other question is which rule is initiating the problems!?

    If you are looking for readers to help you answer the question you will probably need to provide more information: e.g. the rules, firewall log extracts etc.



  • You are right sorry for not giving this information.
    My hardware setup i already explained but the problems are not coming from it.
    After i deleted the Snort interface which i setup things work so below you will find a list of the rules i was using :

    snort_attack-responses.rules
    	snort_backdoor.rules
    	snort_bad-traffic.rules
    	snort_bad-traffic.so.rules
    	snort_blacklist.rules
    	snort_botnet-cnc.rules
    	snort_content-replace.rules
    	snort_ddos.rules
    	snort_exploit.rules
    	snort_exploit.so.rules
    	snort_finger.rules
    	snort_ftp.rules
    	snort_icmp-info.rules
    	snort_icmp.rules
    	snort_icmp.so.rules
    	snort_misc.rules
    	snort_misc.so.rules
    	snort_netbios.rules
    	snort_netbios.so.rules
    	snort_other-ids.rules
    	snort_phishing-spam.rules
    	snort_scan.rules
    	snort_specific-threats.rules
    	snort_spyware-put.rules
    	snort_telnet.rules
    	snort_tftp.rules
    	snort_virus.rules
    	snort_web-misc.rules
    	snort_web-misc.so.rules
    	snort_web-php.rules
    	snort_x11.rules
    

    Thanks again for any ideas.


Locked