Messages

1

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: July 25, 2022, 05:19:46 pm »

Hi Sy,

did and dropped a mail to Matt as well.
No: 4669

In the meanwhile i reinstalled it from scratch.
This time without the configuration import.
Also replaced the harddisk as the ssd was not healthy in smarttools.

2

Hardware and Performance / How to troubleshoot hardware

« on: July 24, 2022, 03:46:02 pm »

Afternoon,
well... i reinstalled OPNsense but it seems to drop a crash report every now and then.

Can you give me some tips on how to troubleshoot hardware on BSD?

fsck show me this
71464 files, 683570 used, 115473836 free (4716 frags, 14433640 blocks, 0.0% fragmentation)
** /dev/gpt/efifs (NO WRITE)
** Phase 1 - Read FAT and checking connectivity
** Phase 2 - Checking Directories
** Phase 3 - Checking for Lost Files
6 files, 254 MiB free (520804 clusters)
MARK FILE SYSTEM CLEAN? no

***** FILE SYSTEM IS LEFT MARKED AS DIRTY *****

Any way to check this deeper?
Memory to check?

thank you!
armin

3

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: July 24, 2022, 10:38:43 am »

Well, right after one day elasticsearch died again....

Reinstalled yesterday
BUT restored configuration. Not sure if this can cause an error.

Zenarmor packed engine is running.

Could this be a hardware issue?
Am i somehow able to gather more details, logs etc?

4

22.1 Legacy Series / Re: 22.1 start up error on GUI - A non-numeric value encountered

« on: July 24, 2022, 08:51:30 am »

Issue came back after reinstallation.
So installed fresh from usb (vga version)
Upgraded to latest packages.
Installed Zenarmor with Elasticsearch.

A non-numeric value encountered in /usr/local/sbin/carp_service_status on line 51

mountroot: waiting for device /dev/gpt/rootfs...
WARNING: /mnt was not properly dismounted
WARNING: /mnt: mount pending error: blocks 23000 files 5

Hardware Issue?

5

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: July 23, 2022, 01:32:23 pm »

Just like Ying & Yang - always something good on something bad.

this morning i reinstalled the firewall completely.
Was pretty straight forward with the configuration import.
Took 30 minutes..

So for now fresh system and Zenarmor is installed with the default
Elasticsearch
100 Devices
5 Days reporting data

As ADS and Tracker can be blocked by Zen i removed DNSBL.
And added all the o365 ranges for better traffic.

Lets see how it runs from now on.

6

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: July 22, 2022, 11:44:56 am »

Ok, i tried it now with
Elasticsearch
MongoDB
SQLite

All installations start failing after a while.
I guess it is time to reinstall OPNSense.

SQLite worked the longest time. 1-2 month. While the other two failed after days/weeks.
Reduce reporting to one day. Resetted, reinstalled etc...

7

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 30, 2022, 08:46:53 pm »

Hi Sy,

it is an elasticsearch issue which came with zenarmor at the time.
At the moment zenarmor runs with mongodb.

From system side of view i wrote that i might install a fresh build as the system was upgraded several times.
Just to strike out all old left over files of elasticsearch or zenarmor which cause the issue if reinstalled.

thanks for your help and support.
armin

8

22.1 Legacy Series / Re: Appliance running hotter after 22.1 update?

« on: January 29, 2022, 09:49:44 pm »

my quotom i7 -    Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz (4 cores, 8 threads)
start at 60-65 celsius and then goes down to 34.
Depending on CPU usage it stays between 30 and 50.

Yes i feel an increase as well.
But the throughout seems to be higher so i guessed it came from the suricata multi core update.
i do run suricata on wan. Lot of drop rules, DNSBL unbound and sensei on all the LAN interfaces.

9

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 29, 2022, 09:18:16 pm »

bad news..

issue came back after antoher reboot. Even worse. System resettet itself every 1-2 minutes.
was pretty hard to get it back to work.

Had to
service elasticsearch stop
rm -rf /etc/rc.conf.d/elasticsearch
rm -rf /usr/local/opnsense/service/templates/OPNsense/Sensei/rc.conf.d/elasticsearch
rm -rf /usr/local/etc/elasticsearch
rm -rf /usr/local/etc/rc.d/elasticsearch
rm -rf /usr/local/libexec/elasticsearch
rm -rf /usr/local/libexec/elasticsearch/bin/elasticsearch
rm -rf /usr/local/lib/elasticsearch
rm -rf /usr/local/lib/elasticsearch/bin/elasticsearch
rm -rf /usr/local/sensei/scripts/database/templates/rc.conf.d/elasticsearch
rm -rf /usr/local/sensei/scripts/updater/elasticsearch
rm -rf /usr/local/sensei/scripts/installers/elasticsearch
rm -rf /usr/local/datastore/elasticsearch
rm -rf /var/mail/elasticsearch
rm -rf /var/run/elasticsearch
rm -rf /var/db/elasticsearch
rm -rf /var/tmp/elasticsearch
rm -rf /var/log/elasticsearch

directly from cli. Right after the next reset it came back stable.
I am not sure what this is all about.
What i can say is that this is elasticsearch related.
I guess there is something left over which causes the trouble for elasticsearch.
So worse that it brings the system to reset all the time.
I can run the system stable with zenarmor and mongodb.

It might would be time to reinstall a 22 version and restore the backups.

10

22.1 Legacy Series / Re: 22.1 start up error on GUI - A non-numeric value encountered

« on: January 29, 2022, 09:15:18 pm »

sysctl net.inet.carp.demotion
net.inet.carp.demotion: 0

Not sure if this is zenarmor or elasticsearch related.
Since the upgrade in ran into issues.
Had to reinstall zenarmor and have to run it with mongodb now.
elasticsearch will not work.  Even a support session with the sensei guys did not resolve it.

i may take the time and reinstall with a fresh 22 version and restore the backups i got.

11

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 28, 2022, 10:11:10 pm »

Thanks Sy,

but my issue came back right after reboot.
Elasticsearch does not start. System gehts unstable and reloads services every 1-2 minutes.

tried cli uninstall / install
removed elasticsearch user/group
removed left over files and directories.
reinstalled through GUI
still no luck.

Had 2 boxes in the office 1 was OK the other failed as well.

12

22.1 Legacy Series / 22.1 start up error on GUI - A non-numeric value encountered

« on: January 28, 2022, 09:35:22 pm »

A non-numeric value encountered in /usr/local/sbin/carp_service_status on line 51

Hi all
the above error keeps poping up on the GUI.
Not sure how to handle it.

Any recommendations?

thanks
cheers A

OPNsense 22.1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021

13

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 28, 2022, 03:26:09 pm »

Thanks hfvk

that did the trick.

pkg remove elasticsearh5
pkg install elasticsearch5

then enable and restore config&rules

14

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 28, 2022, 01:56:31 pm »

Can you paste the CLI command code here?
So i can give it a try.

i installed three times through GUI.. failed all the time.

thanks Armin

15

Zenarmor (Sensei) / Re: Elastic search won't start on 22.1

« on: January 28, 2022, 10:43:50 am »

twice reinstalled..

1st attempt with restore backup - elastic stopped
2ns with default config and just one interface - went OK
Started activating options, exclusion etc.
System went unstable and after reboot elasitc stopped.

besides is get this error as soon as i install sensei
[28-Jan-2022 10:38:50 Europe/Amsterdam] PHP Warning:  A non-numeric value encountered in /usr/local/sbin/carp_service_status on line 51