Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Settings unexpectedly rolling back

    General pfSense Questions
    2
    6
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dillbilly
      last edited by

      This has been a recurring problem of late. I don't know exactly when it started, but it's fairly recent. I'm running 2.2.4 embedded on a USB drive, but the issue was present with 2.2.3 also.

      The issue is that randomly, and without warning, all of the settings on my firewall will randomly reset themselves to a previous configuration. Firewall rules, NAT policy, aliases, configured interfaces, snort config, etc will all revert to some older configuration. It just occurred as I was connected through a VPN and I suddenly lost all connection to the other network. I logged into the web GUI and found that my VPN client was still configured, but it had lost it's interface assignment and the NAT policy had been reset to automatically generated rules.

      I've looked at the system logs but can't find much of anything that looks out of place, and I don't really know what to be looking for anyway.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Go to Diag>Backup/restore, Config History tab. Compare the revisions there. What's the description of the config change where the change happened?

        1 Reply Last reply Reply Quote 0
        • D
          dillbilly
          last edited by

          Unfortunately pfBlockerNG has made enough changes that it's no longer in the list of 5 config changes. I'll increase that number and wait for it to happen again, I suppose.

          1 Reply Last reply Reply Quote 0
          • D
            dillbilly
            last edited by

            I did just discover that while the ovpnc1 interface is still available for assignment, the actual openvpn configuration has been wiped out, so I sort of have a phantom interface that I can neither use nor delete. Just restored my previous config. We'll see how long it stays put.

            1 Reply Last reply Reply Quote 0
            • D
              dillbilly
              last edited by

              Bumping this one because it's happened again.

              Yesterday afternoon computers started losing their DHCP leases. Temporarily resolved by giving them a static, so routing was still working. Tried to log in and couldn't, so I tried the default admin account and password. I had previously disabled the admin account, and changed its password from the default pfsense, but those were the credentials that let me in. When I checked the User Manager, the account that I had created for admin access was gone, and the admin account was no longer disabled. I checked the DHCP server, and it seemed to be running, but wasn't giving out any leases, my Snort configuration was missing, and firewall rules were not as I had left them.

              I have 88 days of uptime, so this wasn't an errant reboot to a different slice, and going to Backup/Restore -> Config History shows nothing but the regular pfBlockerNG and Snort updates going back to the 25th.

              1 Reply Last reply Reply Quote 0
              • D
                dillbilly
                last edited by

                Some more investigation reveals that the admin account that I created is still present in /etc/passwd, but does not show up in or allow login to the WebCfg. Also the packages I had installed were somehow rolled back to previous versions.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.