4. lighttpd[]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted

lighttpd[]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted

  • L

    Hi,

    I run multiple pfsense(vms) at every remote sites we have, mainly for tunneling and as a gateway.  Always been a bliss to work with, never really had any problems. I consider myself quite familiar with pfsense and networking.

    But for awhile at our latest site, everytime I save a setting in the WebGUI. The WebGUi gets unresponsive for 10-40seconds. When I look at the system logs I see this.

    May 3 09:48:40 pfSense lighttpd[25983]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    May 3 09:48:40 pfSense lighttpd[25983]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    May 3 09:48:41 pfSense lighttpd[25983]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    May 3 09:48:41 pfSense lighttpd[25983]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted

    We are using the pfSense 2.0.3 OVA deploy in VMware, so it shouldnt be a hardware problem. I even tried reinstalling it on different host but everytime I get the same unresponsive web interface.  Our other sites with pfSense works fine.  We had this problem in 2.0.2 too.

    The thing is, I just tried to do a new install with no settings except WAN IP/GW   and if I save something (e.g. firewall rule). My log gets flooded with "pfSense lighttpd[25983]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted".

    I have no more ideas how to debug this, been trying for two weeks.  And I am wondering is this a bug/problem in the OVA deploy?  To be honest I cant remember if I used .ova or did a clean installs at my other sites :)

    Any ideas?

    Thank you.

    0
  • Rebel Alliance Developer Netgate

    If it happens when you save, it probably means that your gateway is down (Check Status > Gateways) or non-responsive and the states get killed when you trigger a filter reload, which makes lighty fail to send packets (because the state is gone).

    Either fix the gateway monitor IP, or disable state killing for down gateways under System > Advanced on the Miscellaneous tab.

    0
  • L

    Golden!

    Indeed the gateway is working but somehow always offline in Status Gateway tab. I assume uplink provider blocks out pings.

    But after disable state killing, it works for the time being until I fixed the gateway check.

    Thank you very much for your time, make much more sense now! Really like PFsense.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy