Question on DHCP blocks in firewall log & leases



  • Hi All,

    I am very new to pfSense and am in the process of setting up a C2758 appliance. I have 2 questions.

    First, is there a way to "clean up" the firewall logs by default so that I am not seeing all of the LAN DHCP blocks? We are not using pfSense for DHCP, so the firewall is responding correctly but since we have hundreds of clients, the logs are extremely cluttered with all the DHCP broadcast blocks. I realize I can filter the logs for specifics, but I'd like something that I can set as a default view if possible.

    Second, as I mentioned above, we have an internal DHCP server. However, when I first configured pfSense, I did not realize that the DHCP server on the pfSense LAN interface was enabled by default. So when I plugged it into a network switch it started handing out reservations for a short time until I disabled it. Anyway, I now show about 60 or 70 DHCP leases on the Status->DHCP Leases page. I cannot seem to delete them. It is not causing any issues that I'm aware of, but I like to keep a clean machine. When I try to delete them using the GUI, I get the following error.

    Fatal error: Allowed memory size of 268435456 bytes exhausted (tried to allocate 8388608 bytes) in /usr/local/www/status_dhcp_leases.php on line 73

    Any ideas?

    Thanks.



  • You can just delete the leases files manually. Via Diag>Command or SSH, run:

    rm /var/dhcpd/var/db/dhcpd.leases*
    

    Just add a block rule on LAN matching the DHCP traffic with logging disabled to prevent it from being logged.



  • Thanks, I'll do that.

    Any idea on why I am getting the fatal error when trying to delete them 1 by 1 in the GUI? Since this is a brand new box, I wouldn't think I'd be running into any memory overload situations yet.



  • That was hitting the PHP memory limit for some reason, generally only happens when you have a really large leases file (thousands of hosts) that's been around for some time and it's trying to do an operation on it that requires more memory than PHP is allocated. Regardless it's safe to disregard in this case, it's not related in any way to how much resources are generally available on the system.


Log in to reply