OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: dcol on January 19, 2018, 12:04:49 am

Title: New console items
Post by: dcol on January 19, 2018, 12:04:49 am

This is something new. Or at least new to me.
Just reinstalled OPNsense from scratch. Running mostly default settings.
Now I see lots of log entries in the console.
What am I seeing here? How do I turn it off?
Is this something new with 17.7.12?

Title: Re: New console items
Post by: dcol on January 19, 2018, 12:42:17 am

OK this is weird. After maybe the 5th reboot, these console messages stopped happening. And I made no changes.
I am not feeling too confident in this installation. Had to reinstall because Unbound was constantly restarting. Seen this before when lots of changes are made to the IPS rules.
Any suggestions?

Title: Re: New console items
Post by: franco on January 19, 2018, 09:18:11 am

I've seen this... it's filterlog redirecting its output where it does not belong. This has been happening since forever and I have no idea how to reproduce. It happens very sparsely, mostly caught during a background reload sequence.

If you know how to reliably reproduce I can take a closer look.


Cheers,
Franco

Title: Re: New console items
Post by: dcol on January 19, 2018, 03:50:57 pm

I cannot reproduce because it just happens all on its own. I haven't seen it come back.
What I did see was that if I putty into the console, the filterlog did not show up there. As I watched the vga console produce the filterlog, they did not appear on the putty console.
I also saw other system events pop up too.

You know, I really don't mind if this was showing netmap activity. In fact I think that would be a nice feature. But you need the ability to turn it on or off.

The only thing that really bothers me is that there are situations that happen that can not be corrected any other way than a fresh reinstall of OPNsense. Making a lot of rule changes and repeated changes in IPS settings can cause this. OPNsense just starts locking up and restarting services. Seen this at least 4 or 5 times. I find it is best to get all your settings in place, then do a backup, then reinstall OPNsense, then restore the configuration and leave it alone. Very touchy.

Title: Re: New console items
Post by: franco on January 19, 2018, 05:22:15 pm

It's not netmap activity. It's from the pflog filter log daemon. It sometimes starts printing on the primary console for whatever may be the reason. I don't think it does this on the secondary console though.

I can only guess the system goes down during reconfigure with a netmap-related kernel panic and comes back with corrupted files? Or does it stop working without reboot? Uptime is a good indicator if you don't have a console attached to see it dump the kernel and reboot (and depending on the install there may be no swap to store that dump anyway).


Cheers,
Franco

Title: Re: New console items
Post by: dcol on January 19, 2018, 06:18:32 pm

I wasn't implying it was netmap activity, I was suggesting that this would be a nice feature, if at all even possible, to have the console show netmap drops.

I also suspect a kernel panic that corrupts files. Just haven't been able to pin it down.

All is working nicely now. Also, I had issues mainly because of too many rulesets enabled. See my recent post in IPS.