GUI issues?



  • Hello,

    I am doing OpenVPN into pfSense 2.1-RC1 and I am loosing GUI connection from time to time and I have to restart OpenVPN connection. I see following error in logs: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted

    What am I up against.

    Thanks,



  • I am still seeing these errors. Anyone has any clues?

    Thanks



  • The only references I see to " Operation not permitted" dialogue and pfsense include SNORT.
    Stab in the dark…  Are you running SNORT?


  • Netgate Administrator

    Do you have any more complete log entries?

    Are you trying to connect via HTTP when you have the webgui set to https? Or through a proxy?

    Steve



  • No snort, no proxy, just straight up reaching the box either through HTTPs from local or internet or using OpenVPN.

    Thanks,



  • Hmmm - I've no idea.  Sounds like you are doing nothing wrong.  So long as the client is persistent and no one is DOSing your connection?
    My openvpn on port 80 logs are like a greek tragedy.  When am I not having an attempted hack…


  • Netgate Administrator

    I expect to see something before that log entry. Is that a lighttpd error?

    Personally when I access the pfSense webgui I just type the IP. That tries to connect via http and the box redirects to https. That can generate similar errors.

    Steve



  • Nothing before lighttpd. here are logs for last two days. Where should I look for more logs?

    Sep 8 20:25:15	check_reload_status: Syncing firewall
    Sep 8 20:25:19	check_reload_status: Reloading filter
    Sep 8 20:25:57	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:25:57	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:26:27	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:26:27	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:26:28	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:26:29	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:26:59	check_reload_status: Syncing firewall
    Sep 8 20:28:07	check_reload_status: Syncing firewall
    Sep 8 20:28:14	check_reload_status: Reloading filter
    Sep 8 20:28:30	check_reload_status: Syncing firewall
    Sep 8 20:28:40	check_reload_status: Reloading filter
    Sep 8 20:29:12	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:29:12	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:29:13	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:29:13	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 8 20:29:14	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 19:43:37	php: /index.php: Successful login for user 'admin' from: 172.16.20.6
    Sep 10 19:43:37	php: /index.php: Successful login for user 'admin' from: 172.16.20.6
    Sep 10 21:36:00	check_reload_status: Syncing firewall
    Sep 10 21:36:14	check_reload_status: Syncing firewall
    Sep 10 21:36:17	check_reload_status: Reloading filter
    Sep 10 21:36:27	check_reload_status: Syncing firewall
    Sep 10 21:36:30	check_reload_status: Reloading filter
    Sep 10 21:36:42	check_reload_status: Syncing firewall
    Sep 10 21:37:27	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:37:27	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:37:27	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:37:28	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:37:29	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:55:36	check_reload_status: Reloading filter
    Sep 10 21:56:17	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:56:17	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:56:18	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 21:56:19	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 22:14:29	check_reload_status: Syncing firewall
    Sep 10 22:14:43	check_reload_status: Syncing firewall
    Sep 10 22:14:45	check_reload_status: Reloading filter
    Sep 10 22:15:17	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 22:15:17	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 22:15:18	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    Sep 10 22:15:19	lighttpd[28903]: (connections.c.1721) SSL (error): 5 -1 1 Operation not permitted
    

  • Rebel Alliance Developer Netgate

    Looks like your states are getting reset, which was an issue on snapshots a few days ago. Should be OK on the last snap and on -RELEASE when it drops very soon now.



  • I can't afford to update this box remotely now. Is there any way to fix this?

    Thanks


  • Rebel Alliance Developer Netgate

    Disable state killing for down gateways. System > Advanced, Misc. tab



  • @jimp:

    Disable state killing for down gateways. System > Advanced, Misc. tab

    Thanks. What would I be getting into by doing that? If the DSL connection goes down few times, would the live states fill up the memory?



  • I also see this - could be related as well?:

    Sep 16 19:38:54 apinger: rrdtool respawning too fast, waiting 300s.
    Sep 16 19:38:54 apinger: Error while feeding rrdtool: Broken pipe


Log in to reply