Send() failed (40: Message too long)

Iahmad

dear,

i am running captive portal with pfsense 2.3 and getting strange logs,

May 4 13:59:10 pakistan.localdomain nginx: 2016/05/04 13:59:10 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:10 pakistan.localdomain nginx: 2016/05/04 13:59:10 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:10 pakistan.localdomain nginx: 2016/05/04 13:59:10 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:10 pakistan.localdomain nginx: 2016/05/04 13:59:10 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:10 pakistan.localdomain nginx: 2016/05/04 13:59:10 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)
May 4 13:59:09 pakistan.localdomain nginx: 2016/05/04 13:59:09 [alert] 31518#0: send() failed (40: Message too long)

skron

I'm seeing those too, they come in bursts - nothing for hours, then a few dozen of these in a few seconds:

May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15128#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:47 redqueen.x-domain-x nginx: 2016/05/06 10:22:47 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:48 redqueen.x-domain-x nginx: 2016/05/06 10:22:48 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:49 redqueen.x-domain-x nginx: 2016/05/06 10:22:49 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:50 redqueen.x-domain-x nginx: 2016/05/06 10:22:50 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:51 redqueen.x-domain-x nginx: 2016/05/06 10:22:51 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:52 redqueen.x-domain-x nginx: 2016/05/06 10:22:52 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)
May 6 10:22:53 redqueen.x-domain-x nginx: 2016/05/06 10:22:53 [alert] 15064#0: send() failed (40: Message too long)

Haven't heard any users complaining (so far) with about 400 users online.
Anyone knows how these happen and if this is a problem or not?

jeffvfren

me too :'(

Mad Professor

I'm getting them too, on 2.3, I too have a captive portal running. Any ideas what causes them?

manuelb

Me too

lugaru

+1

Iahmad

officials and seniors please address the issue.

Gertjan

@ishtiaqaj:

officials and seniors please address the issue.

They have yo know your specific system details - settings - and every other detail that might be important.

Right know, they have only this:

nginx: said: send() failed (40: Message too long)

That's not enough to start a search I guess …..

Iahmad

my system specs are
corei3
500 gb
8 gb ram

running pfsense version 2.3_1, capitive portal with voucher authentication.
with no any other package installed on system.

Gertjan

@ishtiaqaj:

my system specs are
corei3
500 gb
8 gb ram

running pfsense version 2.3_1, capitive portal with voucher authentication.
with no any other package installed on system.

That was a good start.
Don't stop now.
Add stuff like network interfaces (AP's used) etc ….

Iahmad

2 WAN Connection and one Lan
38 APs
and 180 clients mobiles and laptops

it was good but after upgrade from 2.2.6 to 2.3 and than 2.3_1 these logs start to appear.

also whenever i soft restart it does not restart means its stops and never get online again than i have to power off and than on.. to make it work.

manuelb

@ishtiaqaj:

officials and seniors please address the issue.

Hi,
my specs:
Xeon X3430
8GB RAm
500 gb HD
4 ethernet port Intel PRO/1000 ( 1 WAN - 1 LAN ( with n. 5 vlan )
120 AP
± 350 clients

Luckas

Hi, I don't use a Captive Portal, but I receive the same mistakes! My system config:
2.3.1-RELEASE (amd64) + LightSquid (3.0.4) + squid (0.4.16_2), ClamAV don't used + squidGuard (1.14_3)
Intel(R) Atom(TM) CPU D2550 @ 1.86GHz
4Gb RAM, 8Gb SSD, ~100 users, 1WAN, 1LAN, 1VLAN
proxy config:

# This file is automatically generated by pfSense
# Do not edit manually !

http_port 192.168.1.202:3128
http_port 127.0.0.1:3128 intercept
icp_port 0
dns_v4_first on
pid_filename /var/run/squid/squid.pid
cache_effective_user squid
cache_effective_group proxy
error_default_language ru
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
netdb_filename /var/squid/logs/netdb.state
pinger_enable off
pinger_program /usr/local/libexec/squid/pinger

logfile_rotate 30
debug_options rotate=30
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.0.0/21
forwarded_for on
uri_whitespace strip

acl dynamic urlpath_regex cgi-bin ?
cache deny dynamic

cache_mem 64 MB
maximum_object_size_in_memory 256 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
minimum_object_size 0 KB
maximum_object_size 4 MB
cache_dir ufs /var/squid/cache 100 16 256
offline_mode off
cache_swap_low 90
cache_swap_high 95
cache allow all
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:    1440  20%  10080
refresh_pattern ^gopher:  1440  0%  1440
refresh_pattern -i (/cgi-bin/|?) 0  0%  0
refresh_pattern .    0  20%  4320

#Remote proxies

# Setup some default acls
# From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in.
# acl localhost src 127.0.0.1/32
acl allsrc src all
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3129 1025-65535 
acl sslports port 443 563  

# From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in.
#acl manager proto cache_object

acl purge method PURGE
acl connect method CONNECT

# Define protocols used for redirects
acl HTTP proto HTTP
acl HTTPS proto HTTPS
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
# From 3.2 further configuration cleanups have been done to make things easier and safer.
# The manager, localhost, and to_localhost ACL definitions are now built-in.
# http_access allow localhost

request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allsrc

# Reverse Proxy settings

# Package Integration
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
url_rewrite_bypass off
url_rewrite_children 16 startup=8 idle=4 concurrency=0

# Custom options before auth

# Setup allowed ACLs
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

filter config:

# ============================================================
# SquidGuard configuration file
# This file generated automaticly with SquidGuard configurator
# (C)2006 Serg Dvoriancev
# email: dv_serg@mail.ru
# ============================================================

logdir /var/squidGuard/log
dbhome /var/db/squidGuard

# 
dest blk_BL_adv {
	domainlist blk_BL_adv/domains
	urllist blk_BL_adv/urls
	log block.log
}

# 
dest blk_BL_aggressive {
	domainlist blk_BL_aggressive/domains
	urllist blk_BL_aggressive/urls
	log block.log
}

# 
dest blk_BL_alcohol {
	domainlist blk_BL_alcohol/domains
	urllist blk_BL_alcohol/urls
	log block.log
}

# 
dest blk_BL_anonvpn {
	domainlist blk_BL_anonvpn/domains
	urllist blk_BL_anonvpn/urls
	log block.log
}

# 
dest blk_BL_automobile_bikes {
	domainlist blk_BL_automobile_bikes/domains
	urllist blk_BL_automobile_bikes/urls
	log block.log
}

# 
dest blk_BL_automobile_boats {
	domainlist blk_BL_automobile_boats/domains
	urllist blk_BL_automobile_boats/urls
	log block.log
}

# 
dest blk_BL_automobile_cars {
	domainlist blk_BL_automobile_cars/domains
	urllist blk_BL_automobile_cars/urls
	log block.log
}

# 
dest blk_BL_automobile_planes {
	domainlist blk_BL_automobile_planes/domains
	urllist blk_BL_automobile_planes/urls
	log block.log
}

# 
dest blk_BL_chat {
	domainlist blk_BL_chat/domains
	urllist blk_BL_chat/urls
	log block.log
}

# 
dest blk_BL_costtraps {
	domainlist blk_BL_costtraps/domains
	urllist blk_BL_costtraps/urls
	log block.log
}

# 
dest blk_BL_dating {
	domainlist blk_BL_dating/domains
	urllist blk_BL_dating/urls
	log block.log
}

# 
dest blk_BL_downloads {
	domainlist blk_BL_downloads/domains
	urllist blk_BL_downloads/urls
	log block.log
}

# 
dest blk_BL_drugs {
	domainlist blk_BL_drugs/domains
	urllist blk_BL_drugs/urls
	log block.log
}

# 
dest blk_BL_dynamic {
	domainlist blk_BL_dynamic/domains
	urllist blk_BL_dynamic/urls
	log block.log
}

# 
dest blk_BL_education_schools {
	domainlist blk_BL_education_schools/domains
	urllist blk_BL_education_schools/urls
	log block.log
}

# 
dest blk_BL_finance_banking {
	domainlist blk_BL_finance_banking/domains
	urllist blk_BL_finance_banking/urls
	log block.log
}

# 
dest blk_BL_finance_insurance {
	domainlist blk_BL_finance_insurance/domains
	urllist blk_BL_finance_insurance/urls
	log block.log
}

# 
dest blk_BL_finance_moneylending {
	domainlist blk_BL_finance_moneylending/domains
	urllist blk_BL_finance_moneylending/urls
	log block.log
}

# 
dest blk_BL_finance_other {
	domainlist blk_BL_finance_other/domains
	urllist blk_BL_finance_other/urls
	log block.log
}

# 
dest blk_BL_finance_realestate {
	domainlist blk_BL_finance_realestate/domains
	urllist blk_BL_finance_realestate/urls
	log block.log
}

# 
dest blk_BL_finance_trading {
	domainlist blk_BL_finance_trading/domains
	urllist blk_BL_finance_trading/urls
	log block.log
}

# 
dest blk_BL_fortunetelling {
	domainlist blk_BL_fortunetelling/domains
	urllist blk_BL_fortunetelling/urls
	log block.log
}

# 
dest blk_BL_forum {
	domainlist blk_BL_forum/domains
	urllist blk_BL_forum/urls
	log block.log
}

# 
dest blk_BL_gamble {
	domainlist blk_BL_gamble/domains
	urllist blk_BL_gamble/urls
	log block.log
}

# 
dest blk_BL_government {
	domainlist blk_BL_government/domains
	urllist blk_BL_government/urls
	log block.log
}

# 
dest blk_BL_hacking {
	domainlist blk_BL_hacking/domains
	urllist blk_BL_hacking/urls
	log block.log
}

# 
dest blk_BL_hobby_cooking {
	domainlist blk_BL_hobby_cooking/domains
	urllist blk_BL_hobby_cooking/urls
	log block.log
}

# 
dest blk_BL_hobby_games-misc {
	domainlist blk_BL_hobby_games-misc/domains
	urllist blk_BL_hobby_games-misc/urls
	log block.log
}

# 
dest blk_BL_hobby_games-online {
	domainlist blk_BL_hobby_games-online/domains
	urllist blk_BL_hobby_games-online/urls
	log block.log
}

# 
dest blk_BL_hobby_gardening {
	domainlist blk_BL_hobby_gardening/domains
	urllist blk_BL_hobby_gardening/urls
	log block.log
}

# 
dest blk_BL_hobby_pets {
	domainlist blk_BL_hobby_pets/domains
	urllist blk_BL_hobby_pets/urls
	log block.log
}

# 
dest blk_BL_homestyle {
	domainlist blk_BL_homestyle/domains
	urllist blk_BL_homestyle/urls
	log block.log
}

# 
dest blk_BL_hospitals {
	domainlist blk_BL_hospitals/domains
	urllist blk_BL_hospitals/urls
	log block.log
}

# 
dest blk_BL_imagehosting {
	domainlist blk_BL_imagehosting/domains
	urllist blk_BL_imagehosting/urls
	log block.log
}

# 
dest blk_BL_isp {
	domainlist blk_BL_isp/domains
	urllist blk_BL_isp/urls
	log block.log
}

# 
dest blk_BL_jobsearch {
	domainlist blk_BL_jobsearch/domains
	urllist blk_BL_jobsearch/urls
	log block.log
}

# 
dest blk_BL_library {
	domainlist blk_BL_library/domains
	urllist blk_BL_library/urls
	log block.log
}

# 
dest blk_BL_military {
	domainlist blk_BL_military/domains
	urllist blk_BL_military/urls
	log block.log
}

# 
dest blk_BL_models {
	domainlist blk_BL_models/domains
	urllist blk_BL_models/urls
	log block.log
}

# 
dest blk_BL_movies {
	domainlist blk_BL_movies/domains
	urllist blk_BL_movies/urls
	log block.log
}

# 
dest blk_BL_music {
	domainlist blk_BL_music/domains
	urllist blk_BL_music/urls
	log block.log
}

# 
dest blk_BL_news {
	domainlist blk_BL_news/domains
	urllist blk_BL_news/urls
	log block.log
}

# 
dest blk_BL_podcasts {
	domainlist blk_BL_podcasts/domains
	urllist blk_BL_podcasts/urls
	log block.log
}

# 
dest blk_BL_politics {
	domainlist blk_BL_politics/domains
	urllist blk_BL_politics/urls
	log block.log
}

# 
dest blk_BL_porn {
	domainlist blk_BL_porn/domains
	urllist blk_BL_porn/urls
	log block.log
}

# 
dest blk_BL_radiotv {
	domainlist blk_BL_radiotv/domains
	urllist blk_BL_radiotv/urls
	log block.log
}

# 
dest blk_BL_recreation_humor {
	domainlist blk_BL_recreation_humor/domains
	urllist blk_BL_recreation_humor/urls
	log block.log
}

# 
dest blk_BL_recreation_martialarts {
	domainlist blk_BL_recreation_martialarts/domains
	urllist blk_BL_recreation_martialarts/urls
	log block.log
}

# 
dest blk_BL_recreation_restaurants {
	domainlist blk_BL_recreation_restaurants/domains
	urllist blk_BL_recreation_restaurants/urls
	log block.log
}

# 
dest blk_BL_recreation_sports {
	domainlist blk_BL_recreation_sports/domains
	urllist blk_BL_recreation_sports/urls
	log block.log
}

# 
dest blk_BL_recreation_travel {
	domainlist blk_BL_recreation_travel/domains
	urllist blk_BL_recreation_travel/urls
	log block.log
}

# 
dest blk_BL_recreation_wellness {
	domainlist blk_BL_recreation_wellness/domains
	urllist blk_BL_recreation_wellness/urls
	log block.log
}

# 
dest blk_BL_redirector {
	domainlist blk_BL_redirector/domains
	urllist blk_BL_redirector/urls
	log block.log
}

# 
dest blk_BL_religion {
	domainlist blk_BL_religion/domains
	urllist blk_BL_religion/urls
	log block.log
}

# 
dest blk_BL_remotecontrol {
	domainlist blk_BL_remotecontrol/domains
	urllist blk_BL_remotecontrol/urls
	log block.log
}

# 
dest blk_BL_ringtones {
	domainlist blk_BL_ringtones/domains
	urllist blk_BL_ringtones/urls
	log block.log
}

# 
dest blk_BL_science_astronomy {
	domainlist blk_BL_science_astronomy/domains
	urllist blk_BL_science_astronomy/urls
	log block.log
}

# 
dest blk_BL_science_chemistry {
	domainlist blk_BL_science_chemistry/domains
	urllist blk_BL_science_chemistry/urls
	log block.log
}

# 
dest blk_BL_searchengines {
	domainlist blk_BL_searchengines/domains
	urllist blk_BL_searchengines/urls
	log block.log
}

# 
dest blk_BL_sex_education {
	domainlist blk_BL_sex_education/domains
	urllist blk_BL_sex_education/urls
	log block.log
}

# 
dest blk_BL_sex_lingerie {
	domainlist blk_BL_sex_lingerie/domains
	urllist blk_BL_sex_lingerie/urls
	log block.log
}

# 
dest blk_BL_shopping {
	domainlist blk_BL_shopping/domains
	urllist blk_BL_shopping/urls
	log block.log
}

# 
dest blk_BL_socialnet {
	domainlist blk_BL_socialnet/domains
	urllist blk_BL_socialnet/urls
	log block.log
}

# 
dest blk_BL_spyware {
	domainlist blk_BL_spyware/domains
	urllist blk_BL_spyware/urls
	log block.log
}

# 
dest blk_BL_tracker {
	domainlist blk_BL_tracker/domains
	urllist blk_BL_tracker/urls
	log block.log
}

# 
dest blk_BL_updatesites {
	domainlist blk_BL_updatesites/domains
	urllist blk_BL_updatesites/urls
	log block.log
}

# 
dest blk_BL_urlshortener {
	domainlist blk_BL_urlshortener/domains
	urllist blk_BL_urlshortener/urls
	log block.log
}

# 
dest blk_BL_violence {
	domainlist blk_BL_violence/domains
	urllist blk_BL_violence/urls
	log block.log
}

# 
dest blk_BL_warez {
	domainlist blk_BL_warez/domains
	urllist blk_BL_warez/urls
	log block.log
}

# 
dest blk_BL_weapons {
	domainlist blk_BL_weapons/domains
	urllist blk_BL_weapons/urls
	log block.log
}

# 
dest blk_BL_webmail {
	domainlist blk_BL_webmail/domains
	urllist blk_BL_webmail/urls
	log block.log
}

# 
dest blk_BL_webphone {
	domainlist blk_BL_webphone/domains
	urllist blk_BL_webphone/urls
	log block.log
}

# 
dest blk_BL_webradio {
	domainlist blk_BL_webradio/domains
	urllist blk_BL_webradio/urls
	log block.log
}

# 
dest blk_BL_webtv {
	domainlist blk_BL_webtv/domains
	urllist blk_BL_webtv/urls
	log block.log
}

# 
dest Whitelist {
	domainlist Whitelist/domains
	urllist Whitelist/urls
}

# 
rew safesearch {
	s@(google..*/search?.*q=.*)@&safe=active@i
	s@(google..*/images.*q=.*)@&safe=active@i
	s@(google..*/groups.*q=.*)@&safe=active@i
	s@(google..*/news.*q=.*)@&safe=active@i
	s@(yandex..*/yandsearch?.*text=.*)@&fyandex=1@i
	s@(search.yahoo..*/search.*p=.*)@&vm=r&v=1@i
	s@(search.live..*/.*q=.*)@&adlt=strict@i
	s@(search.msn..*/.*q=.*)@&adlt=strict@i
	s@(.bing..*/.*q=.*)@&adlt=strict@i
	log block.log
}

# 
acl  {
	# 
	default  {
		pass Whitelist !in-addr !blk_BL_adv !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_automobile_bikes !blk_BL_automobile_boats !blk_BL_automobile_cars !blk_BL_automobile_planes !blk_BL_chat !blk_BL_costtraps !blk_BL_dating !blk_BL_downloads !blk_BL_dynamic !blk_BL_education_schools !blk_BL_finance_insurance !blk_BL_finance_moneylending !blk_BL_finance_other !blk_BL_finance_realestate !blk_BL_finance_trading !blk_BL_fortunetelling !blk_BL_forum !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_cooking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_hobby_gardening !blk_BL_hobby_pets !blk_BL_homestyle !blk_BL_imagehosting !blk_BL_isp !blk_BL_jobsearch !blk_BL_military !blk_BL_models !blk_BL_movies !blk_BL_music !blk_BL_podcasts !blk_BL_porn !blk_BL_radiotv !blk_BL_recreation_humor !blk_BL_recreation_martialarts !blk_BL_recreation_restaurants !blk_BL_recreation_sports !blk_BL_recreation_travel !blk_BL_recreation_wellness !blk_BL_redirector !blk_BL_religion !blk_BL_remotecontrol !blk_BL_ringtones !blk_BL_science_astronomy !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_shopping !blk_BL_socialnet !blk_BL_spyware !blk_BL_tracker !blk_BL_urlshortener !blk_BL_violence !blk_BL_warez !blk_BL_weapons !blk_BL_webmail !blk_BL_webphone !blk_BL_webradio !blk_BL_webtv blk_BL_finance_banking blk_BL_hospitals blk_BL_library blk_BL_news blk_BL_politics blk_BL_science_chemistry blk_BL_searchengines blk_BL_updatesites all
		redirect http://192.168.1.202:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
		log block.log
	}
}

mwilliamsr

Also getting the same messages…

With new build 2.3.1_1

digital_janitor

I am also getting these since upgrade. Are there any logs that give more info?

hardy_rafael17

Hi…. Yes Im getting the exact same log... after upgrade...
system specs... below

![system info.JPG](/public/imported_attachments/1/system info.JPG)
![system info.JPG_thumb](/public/imported_attachments/1/system info.JPG_thumb)

tosman61

i need help please.

Gertjan

@tosman61 : a dns with 0.0.0.0 doesn't shock you ?
The log also show up using a single WAN ?
Your are using the captive portal on LAN ?
Are you syslogging to a syslog server (on LAN) ?

quikmcw

I'm getting this error, a lot. How can you view the messages that are too long ??

Gertjan

@quikmcw:

I'm getting this error, a lot. How can you view the messages that are too long ??

tcpdump ?

krashneo

Dear all,

I was looking for someting in nginx-error.log and I found this:

2016/11/16 19:16:53 [alert] 33631#100096: send() failed (40: Message too long)
2016/11/16 19:16:53 [error] 33631#100096: *1421957 upstream sent too big header while reading response header from upstream, client: 172.16.14.192, server: , request: "GET /index.php?zone=pucpcaldas&redirurl=http%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16.0.1%2Fhttp%3A%2F%2F172.16
2016/11/16 19:16:53 [alert] 33631#100096: send() failed (40: Message too long)

I think there is the problem, many redirects from the header…

I changed my form from:

To:

to see the results… I will reply asap

quikmcw

setup a syslogd to a server and the pfSense box is dumping the same error and not the full "too long" message
"nginx: 2016/11/17 08:36:08 [alert] 38209#100232: send() failed (40: Message too long)"

What happens for me is I get many of these messages then the system will not allow gui access and affects the openvpn sessions, but other traffic works as normal.

I'm running a SG-8860 box with the lastest version, no additional packages loaded, one internet connection, 4 subnets, 20 IPSecs and an average of 5 vpn's.

I need to know what these too log messages are to see what is causing the problem.

quikmcw

just pulled this from the box:

Crash report begins. Anonymous machine information:

amd64
10.3-RELEASE-p9
FreeBSD 10.3-RELEASE-p9 #1 5fc1b19(RELENG_2_3_2): Tue Sep 27 12:25:49 CDT 2016 root@factory23-amd64-builder:/builder/factory-232/tmp/obj/builder/factory-232/tmp/FreeBSD-src/sys/pfSense

Crash report details:

PHP Errors:
[17-Nov-2016 09:46:52 America/New_York] PHP Fatal error: Allowed memory size of 536870912 bytes exhausted (tried to allocate 72 bytes) in /usr/local/www/diag_command.php on line 231
[17-Nov-2016 09:46:52 America/New_York] PHP Stack trace:
[17-Nov-2016 09:46:52 America/New_York] PHP 1. {main}() /usr/local/www/diag_command.php:0
[17-Nov-2016 09:46:52 America/New_York] PHP 2. exec() /usr/local/www/diag_command.php:231

Filename: /var/crash/minfree
2048

JDvD

My pfsense is dumping the same error after upgrade 2.3.2-RELEASE (amd64).
2WAN - 1LAN - Proxy Transp - Captive Portal


nginx: 2016/11/24 11:58:30 [error] 18508#100108: send() failed (54: Connection reset by peer)
nginx: 2016/11/24 12:02:38 [alert] 74659#100142: send() failed (40: Message too long)

What happened?

nutel.pr

Same problem in my pfsense, 2.3.2-RELEASE-p1 (amd64)
built on Tue Sep 27 12:13:07 CDT 2016
FreeBSD 10.3-RELEASE-p9

2016/11/25 15:13:07 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:13:38 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:13:40 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:14:12 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:14:27 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:14:41 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:15:36 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:15:49 [alert] 15518#100112: send() failed (40: Message too long)
2016/11/25 15:21:53 [alert] 15623#100082: send() failed (40: Message too long)
2016/11/25 15:23:19 [alert] 15623#100082: send() failed (40: Message too long)

sisko212

Same trouble with my pfsense after upgrade to 2.3.2 pi1, coming from pfsense 2.2.x
I didn't installed any Captive portal.
This issue looks related to the web interface, even if i can't be 100% sure.
I tried to remove all widgets from dashboard, switch from http to https, and taking a look from shell with "tail -f /var/log/nginx-error.log", an alert entry appears a couple times per minutes, instead once per second as before.

Lampogriz

Same problem here, 2.3.4-RELEASE-p1 (amd64)

stbird

2.3.4-RELEASE-p1 (amd64)

captive portal

Any ideas for this problem?

Lampogriz

Upgraded to 2.4.2 , still spams "send() failed (40: Message too long)" in log

SouthPointHotel

@digital_janitor:

I am also getting these since upgrade. Are there any logs that give more info?

Same here. help?

Gertjan

@krashneo:

I changed my form from:

To:

to see the results… I will reply asap

Did you try to change your old redirect URL "http%3A%2F%2F172.16.0.1%2F" == "http://172.16.0.1/"
to "http://www.google.com" instead of changing the source ?

What pfSense version ? - is it patched or modified ?

pama

The same here.
After re-applying the squid settings it stopped to logs the errors, but after 2 or 3 days (depends on load) it reappears

sujyo1

2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6

Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Current: 2667 MHz, Max: 2668 MHz
4 CPUs: 1 package(s) x 4 core(s)
AES-NI CPU Crypto: No

Interfaces:
WAN 1000baseT <full-duplex>xx.xx.ccc.ccc
LAN autoselect 192.168.1.1
OFFICE 100baseTX <full-duplex>192.168.100.1
HOTSPOT 1000baseT <full-duplex>10.10.10.1 (captive portal is ON)

nginx: 2018/02/10 19:49:01 [error] 28887#100127: *4888 open() "/usr/local/www/phpmyadmin" failed (2: No such file or directory), client: 1x0.2x9.1xx.x6, server: , request: "GET /phpmyadmin HTTP/1.1", host: "xx.3x.2xx.xxx", referrer: "http://xx.xx.xxx.xxx/phpmyadmin"

I getting same a full page…

Feb 10 15:05:55 nginx: 2018/02/10 15:05:55 [alert] 43837#100173: send() failed (40: Message too long)</full-duplex></full-duplex></full-duplex>

AMD_infinium05

Hey guys, is there an update to this issue?

hasanfatih

ishtiaqaj did you solve this problem

@Lampogriz

Aug 28 10:22:38	pfsense.localdomain		nginx: 2019/08/28 10:22:38 [alert] 54908#100145: send() failed (40: Message too long)

I experienced this also in latest pfsense right now. my captive portal disconnects .I hope there is a fix for this.

wazim4u

@dyobetem I also have this issue since 2 months and its related to Captive Portal. i have 2500+ captive portal users and 2 WAN. i changed a lot of settings in nginx but useless. still i am getting these errors. I've pfsense 2.4.4-P3 Lastest version.

i have already mentioned this issue in given blow post ( last Issue )

https://forum.netgate.com/topic/144868/dell-r430-bge-built-in-port-hangs-captive-portal-stop-working/23

Gertjan

@wazim4u : Do you redirect a new, just logged-in user to an URL ( setting After authentication Redirection URL ) ?

This is what I think : when a user logged in using the IP (or URL) of the captive portal page, the users browser gets redirected to the same URL (== the captive pprtal's web server).... which will redirect again - to itself -, and again, and again etc - recursif. The URL thrown back to the browser becomes to big, nginx will finally produce the "send() failed (40: Message too long)" error.

For myself, I redirect, no matter what, to "https://www.google.com" but you can take any URL like a your companie's site.

Another explanation : you have quiet a lot of portal users. Not every user uses the latest smart devices /PC's with the latest OS and the best browsers.
Even I see still IE8 (Windows XP) connecting to my portal.
These ancient devices are not portal aware. They won't behave correctly.

Or even : not all the apps are written the same way. At least, Apple reviews (some what) each and every app before it's released - the Android society is a pure zoo. So, a bad app can throw out an URL that's to big. nginx will bail out.

So, mind you, these are all theories.
I do not have the test park to test them.

andresense

This issue has been resolved?

I have this same problem

Gertjan

@andresense

Sure.
No news after more then one year : that means : no issue.

We are also 2 (at least) version of pfSense further on.