Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Tracking down unknown firewall problem

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      firewalluser
      last edited by

      2.1.5-RELEASE (amd64) built on Mon Aug 25 07:44:45 EDT 2014 sits in front of a sip phone system.

      Sometime during the night something happens where the connection is broken which then prevents the sip server from registering, its set up to reregister with the sip trunk every 3 mins.

      I first thought it was a problem with the sip server, but the same problem persists after restarting the sip server.

      Rebooting pfsense seems to be the only way to get the sip server talking to the trunk.

      There is also a mail server running on the same machine running the sip server and that functions just fine through out, ie it can recieve send mail when the sip server is down.

      I'm in the process of setting up a machine to packet capture all the traffic to see if any thing shows up, unfortunately the pfsense packet capture appears to stop working after a few hours running.

      I'm running snort on the firewall which is blocking but the fw has been running with blocking off and the sip server was still dropping its connections then.

      Does anyone know of any potential things to look out for, or might know of something to check out? The sip server works fine when its running, but something happens overnight which kill the connection and rebooting pfsense seems to be the only fix atm.

      TIA.

      Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

      Asch Conformity, mainly the blind leading the blind.

      1 Reply Last reply Reply Quote 0
      • C
        charliem
        last edited by

        Next time it happens, try resetting the firewall states (diagnostics -> states -> reset states tab).  If that fixes it, then you can do some reading like https://forum.pfsense.org/index.php/topic,70418.msg385188.html,
        https://redmine.pfsense.org/issues/1629 and
        https://redmine.pfsense.org/issues/3181

        I had this problem with the 2.1.x series, and had to patch each release manually.  That was one of the main reasons I went to 2.2alpha as soon as it stabilized.  I haven't had the problem on any of my 2.2 systems.

        1 Reply Last reply Reply Quote 0
        • F
          firewalluser
          last edited by

          Funnily enough, I thought about resetting the states to see if that might do anything and as it happens, resetting the states did the trick.

          Having checked out the links you have provided, it looks like the same problem in this thread.
          https://forum.pfsense.org/index.php?topic=70418.msg384411#msg384411

          Did you ever get to the bottom of the problem in your post? https://forum.pfsense.org/index.php?topic=70418.msg385188#msg385188

          I'll look into apply a patch manually if I can as it would be nice to have some stability and see how I get on.

          Thanks for the info!

          Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

          Asch Conformity, mainly the blind leading the blind.

          1 Reply Last reply Reply Quote 0
          • C
            charliem
            last edited by

            @firewalluser:

            Did you ever get to the bottom of the problem in your post? https://forum.pfsense.org/index.php?topic=70418.msg385188#msg385188

            Yes, later in that thread I confirmed that the fix did work for me, so I just kept that patch around until I moved on from 2.1.x to testing 2.2alpha (now beta) releases.  But 'get to the bottom' and solve with a more correct / elegant patch … no, I stopped looking.

            1 Reply Last reply Reply Quote 0
            • F
              firewalluser
              last edited by

              Ok thanks for the info, I'll proceed with the patch and also set up a beta to see if thats good for me.

              Could this issue with the states also affect the wan connection?

              One thing I have noticed which I have not seen in previous versions of pfsense ie 1.2, is the ISP seems able to drop the wan connection remotely so it goes from a green icon with an ip address on the dashboard to a red icon with no ip address on the dashboard.

              When this happens either a reboot or disabling, saving applying, enabling, saving, applying the wan adapter in pfsense gets it to reconnect to the net and get a new ip address. I did have the pinger on, but that didnt stop the above from happening, I also have put in a a 24hr reboot schedule to force a new ip address in an attempt to fix the wan adapter problem, but it still happens just not as often.

              I dont think the IP is short of ip addresses to hand out but as this is new hardware and a new isp, I'm still tracking down what exactly is occurring, hence the question about if the states might affect the wan connection?

              TIA.

              Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

              Asch Conformity, mainly the blind leading the blind.

              1 Reply Last reply Reply Quote 0
              • C
                charliem
                last edited by

                @firewalluser:

                Could this issue with the states also affect the wan connection?

                No, it's the other way around: dropped WAN causes stale states when it comes back up.

                One thing I have noticed which I have not seen in previous versions of pfsense ie 1.2  . . . .

                . . . . this is new hardware and a new isp, I'm still tracking down what exactly is occurring, hence the question about if the states might affect the wan connection?

                Sounds like you have issues with your new ISP.  What kind of connection is it?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.