So to the main question, do you guys think the sudden un-reliability of my PFsense box (would freeze up and I would have to long press power to reboot) could be due to a) very old Samsung SSD and b) trim was not enabled?
A disk thatâs dying could be the problem, TRIM shouldnât really matter. If you have another disk you can test that, otherwise Iâd suggest backing up the config and doing a fresh install, often thatâs enough to sort out any stability issues.
Bummer, I guess good practice as Iâve never backed up the config and reloaded it.
Most of the time itâs a smooth process
I hear 60% of the time, it works every time.
To make it smoother write down your physical interface names and their corresponding interfaces. Ie igb0 = wan igb1 = lan etc. You just want to be able to access the web interface once youâve installed it then you can just skip the setup and reload the config.
The only times Iâve had any real trouble getting it to work is if you have a complicated interface setup and for some reason the physical interface names change when you reinstall, that can make it tricky, but in that case you can just edit the xml file to manually set the new interface names.
I like to live dangerously (see here: stupidly), I havenât backed up the config yet, but enabled trim and updated to 2.4.0. Will see how this goes haha.
They released 2.4.1 which fixed some instabilities. I noticed 2.4.0 would fail on me after a couple of weeks.
Just an update as I started to get off my butt, did an assortment of:
Still randomly crashes where the box stays powered up, but if I plug in a monitor its a weird green âwhite snowâ like output, like many matrix movies green gibberish layered over each other so the screen is almost all green but pixels changing here and there.
So next in line:
Dexter_Kane, you changed your pic haha
I donât know what to make of my observations, but the most recent seems to be pfblockerng + pi-hole addblocker lists + Hulu = load and possibly old power supply limit.
I have a monitor connected to the pfsense box directly so while chilling watching TV I see a stream of logs next to it (option 10). As Hulu gets towards adds the logs blow up, go crazy and the TV hangs/canât get adds to play- and the pfsense box CPU starts to get loaded. The box didnât crash but Iâm running it on the new power supply.
Iâm thinking the old power supply plus the added load of pfbockerng and/or snort freaking out would then run the power supply hard and eventually the RAM would have itâs fault.
Strangely Iâve had crashes on the new power supply yesterday, but I didnât have long power off times betweent shenanigans so maybe a really good power drain was needed to properly test the new power supply?
Right now I have to keep snort and pfblocker in an IDS like mode and not actively blocking.
pfblocker should not be creating a CPU load, all it does is convert a list of IPs to a firewall rule. Blocking or passing traffic through the firewall will be the same CPU load either way. If youâre seeing loads of stuff on the screen then something is wrong. What do you logs say?
Snort can use a fair bit of CPU and RAM, and will still do so when not in blocking mode. So if youâre seeing a problem when you block stuff but not when you donât then I donât think itâs an issue of the system being pushed too hard.
I get some âsyncing firewallâ âreloading filterâ and a âstarted cron jobâ around the time I loose internat (but still have connectivity with the pfsense box and stuff on my NAT, so one step better than total freeze up).
The googles says I have a bad rule somewhere.
Try setting your pfblocker lists to alias only. (under ipv4 settings, edit an alias and under list type choose alias deny).
Now pfblocker wonât try to make any firewall rules. Instead make your own block rule and use the pfblocker alias as the destination address for the rule (or source if you make a wan rule)
Should I be seeing any pfblocker firewall rules in the rules section?
No, if you set it to alias only then it doesnât generate any rules, so you can make them manually. Sometimes the pfbloker rules can mess stuff up so I always prefer to do it manually.
maybe some other issue is going on because Iâm not seeing any rules generated from pfblocker but Iâm getting A LOT of filterlog entries of things being blocked.
Should I just remove pfblocker and re-install?
This happened again
I think I need to scorch earth and start over- disabled a firewall rule that looked like everything wan allowed to lan, did some other odds and ends and now pfblocker rules are showing up in floating, when floating used to always be empty.
I donât think this is a problem with pfblocker, itâs probably the system itself. Iâd do a fresh install but it could be a hardware probelm.
Iâve been meaning to boot memtest86.
Now Iâm wondering why the heck I had a wan to lan anything rule, and was that letting all kinds of crud in?