PFSense crashing I think because reasons

not if it was wan address or wan network to anything. If it was any to any or any to lan, then probably not as you’d still need to make a NAT rule to port forward to the LAN. If it was any to any or any to wan then your pfsense machine was exposed to the internet

It was WAN net to LAN net any.

Nothing to worry about then, that rule would have done pretty much nothing.

Thought I had it nipped in the butt, over 16 hours up time, logs looked good, log in the web GUI and bam, the connected screen showing blocks does the bad ram look again. So running memtest86 now.

It might be worth doing some prime95 tests, or what ever CPU/system loading tests you can perform to see if you can get it to wig out. Is it a second hand system?

No, its an ebay J1900 box with four intel NICs built in bought in April- pretty much purpose built for pfsense, unfortunately I bought it before knowing about the AES-NI announcement. Bought it ‘bare bones’ and supplied my own RAM and HDD- maybe a mistake.

freebsd is reporting my RAM speed at 1333, but its 1600 RAM, and the lame American Megatrends BIOS does not allow me to manually change it- could this be the issue?

Getting ready to chuck this thing (meaning maybe make it an ESXi box and see how it does) and get an AES-NI box with included RAM and mSATA (so hopefully proven parts).

Ah right. I have a newer version of one of these, slightly different configuration.

The RAM speed shouldn’t matter, best to leave it as is. It won’t make much difference to the performance of the system (my opinion), and might even make it run a bit cooler and more stable. If you had a bad stick of RAM, memtest would have thrown a million errors all over the screen. You could try run memtest overnight or something, if you can handle no internet for a while. But RAM probably ok.

It sounds like the system is unstable and crashing due to other hardware issues. That’s why i suggested putting the system under load. Boot a live copy of windows off a USB drive or something like that, and see if you can stress test the system and reproduce a crash.

You could also open it up and double check the heatsink is in position correctly, replace the thermal paste, check the board for burn out components, swollen capacitors.

My system has been pretty good so far, some minor issues that I haven’t ironed out yet. (WAN drops off, cant get it back until a reboot). But you do get what you pay for. And while these are not poorly made, they aren’t the highest quality pieces of equipment out there.

Yeah might be the next move (overall load test)- likely a live linux USB that could accommodate that? Don’t want to bother with finding windows.

I disassembled the box, the heat sink is nicely done and connects via heat pad to the chassis, but I didn’t check thermal compound.

I have a misc small heat sink kit, so I slapped on a little tiny heat sink on an IC I’m assuming is the power regulator. I also busted out my laser temp gauge and want to check various chips.

I also reset the config to default, no more openVPN setup, no more DMZ, just default WAN, LAN and default rules.

Actually the J1900 SoCs maximum supported memory speed is 1333MHz so the speed FreeBSD reports is correct.

I had some similar issues in the early 2.4.x version where I had to add this to get the stability back.

Update the /boot/loader.conf file to include this line:
kern.ipc.somaxconn="8192"
Bug Report: https://forum.pfsense.org/index.php?topic=136847

Doesn’t look like the same issue, the system totally locks up, even the direct monitor connection shows totally screwed up display output (pictured filterlog, when not filterlog its a weird green’ish pixely screen).

The error happening even during a live USB install, the error also happened way faster when I had swapped in a different stick of ram not realizing it was a higher voltage ram. Gotta be hardware, I’m going to do a memtest86 overnight and also start googling what the internal power supply is, maybe will replace it.

So tempting to just get one of those new aes-ni setups haha

Post some high res pics of the board, might be interesting to look at. We might see something you don’t.

I’ll give that a shot maybe this weekend. Doubt it will be visible, the box can be up for days at a time before having an issue. I’m tempted to put it in the oven to re-seat/re-solder stuff- I fixed a GPU this way once. Also will get part numbers of components, figure which ones manage power.

Cool, I fixed a PS3 doing the same thing. Melted the power connector and broke bluetooth, but it worked. Used bluetac and foil to protect most of the plastic stuff.

Trying to fix OpenAppID, the log shows that a ) is missing from line 1262, I vi into there, fix it, :wq! out, go back in and verify my edit is there- start the LAN interface in snort, get the same fail (LAN does not start), and the same log pops up, so I go back into vi and my edit is not there! I really wish there was a Linux based pfsense like build.

You have to edit the actual source file which generates the config files otherwise it will overwrite it everytime. But that source file will also be overwritten when you update or in this case probably just update the rules.

You’re best bet is to report the bug and hope they fix it or go on the pfsense forums and complain about it.

1 Like

I updated in hopes it was fixed but it wasn’t. On that note Snort OpenAppID RULES Detectors updates crazy frequently.

How do you report a bug? I just went to the forums, found a thread with a similar issue and posted my complaint.

I’m not really sure but the forum is probably good enough

1 Like

Delete your reply, my eyes are bleeding, my reality hosed, dexter_Kane not knowing something in relation to pfsense! This is nuts, this is not how I wanted hump day to go down.

Found a thread on the forums where a guy found multiple typos causing that error and had two points I liked, a) contributor should do a test run b) snort should be like suricata and note the errors, but get past it/ignore that line and continue on. Too lazy to find that thread and link it *edit:
https://forum.pfsense.org/index.php?topic=141319.0

I ran suricata and it didn’t have as many configuration options in the gui- I guess it just runs everything? I think that because my alert logs blow up when using it.