SSLH crashes randomly

Started by His.Dudeness, February 01, 2025, 11:39:18 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 01, 2025, 11:39:18 AM
Hi,
a while ago I switched from OpenVPN "port-share" to SSLH to run OpenVPN and HAProxy both on the same IP with TCP 443.
It works great but every other week or so SSLH crashes and I have to log in to OpenVPN GUI and start the service.

Does anyone know how to troubleshoot this?

cheers
Michael
February 01, 2025, 09:14:39 PM #1
Nothing in the log?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 02, 2025, 10:44:39 AM #2
Hi Patrick
thanks for your reply!

SSLH doesn't seem to have its own log file. In the "general" log I found only this:

Notice   kernel   <6>pid 50171 (sslh-select), jid 0, uid 65534: exited on signal 11 (no core dump - bad address)

cheers
Michael
February 03, 2025, 07:21:54 PM #3
You log is the answer

(no core dump - bad address) is pointing to a faulty address in memory, most likely your RAM is bad.

Regards,
S.
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
February 04, 2025, 09:44:05 PM #4
Hm, SSLH is the ONLY process that constantly crashes, and it started to do so right after I added it to a setup that had been running for several years before.
 
I really can't imagine how bad RAM could only affect one particular process and always only the same?
February 04, 2025, 10:04:01 PM #5
Have you looked at the upstream project (github?) for any open issues?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 05, 2025, 03:06:35 PM #6
Quote from: Patrick M. Hausen on February 04, 2025, 10:04:01 PMHave you looked at the upstream project (github?) for any open issues?

Just had a quick look at the open issues at their github page but I don't think that there is one that fits my symptoms.

Does anyone know when the SSLH plugin on OPNsense received the last update?
February 05, 2025, 03:16:45 PM #7
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 05, 2025, 03:57:45 PM #8
Hm, SSLH itself seems to get updates from time to time.

Should I open an issue in the opnsense/plugins github?
February 05, 2025, 04:01:50 PM #9
Cannot hurt 😉
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
February 05, 2025, 04:24:08 PM #10
OK, I'll try that.  :-)

The sad part is: I wouldn't even need SSLH if someone hadn't decided to remove the ability to add the OpenVPN "port-share" option after the switch to OpenVPN instances :-| 
February 05, 2025, 04:39:00 PM #11
sslh is so much quicker I would not bother with OpenVPN port sharing.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions