kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min

Started by chemlud, September 28, 2020, 10:33:34 AM

Previous topic - Next topic
Print
Go Down Pages1 2 3
User actions
September 28, 2020, 10:33:34 AM
Hi again!

Last year we had this every 15 min, a reload due to schedules rules,

https://forum.opnsense.org/index.php?topic=13792.0

but lately (since 20.7? I'm still on 20.7.1, reluctant to update...) it's every few minutes and kills off all states between LAN interfaces, tunnels, etc. Quite annoying...

Code Select
2020-09-28T10:16:01 kernel pflog0: promiscuous mode enabled
2020-09-28T10:16:01 kernel pflog0: promiscuous mode disabled
2020-09-28T10:16:00 root[45899] reload filter for configured schedules
...
2020-09-28T10:15:35 kernel pflog0: promiscuous mode enabled
2020-09-28T10:15:35 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:11:15 kernel pflog0: promiscuous mode enabled
2020-09-28T10:11:15 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:10:13 kernel pflog0: promiscuous mode enabled
2020-09-28T10:10:13 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:05:04 kernel pflog0: promiscuous mode enabled
2020-09-28T10:05:04 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:04:03 kernel pflog0: promiscuous mode enabled
2020-09-28T10:04:03 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:02:40 kernel pflog0: promiscuous mode enabled
2020-09-28T10:02:40 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:01:33 kernel pflog0: promiscuous mode enabled
2020-09-28T10:01:33 kernel pflog0: promiscuous mode disabled
2020-09-28T10:01:01 kernel pflog0: promiscuous mode enabled
2020-09-28T10:01:01 kernel pflog0: promiscuous mode disabled
2020-09-28T10:01:00 root[61420] reload filter for configured schedules
...
2020-09-28T09:51:27 kernel pflog0: promiscuous mode enabled
2020-09-28T09:51:27 kernel pflog0: promiscuous mode disabled
...
2020-09-28T09:50:23 kernel pflog0: promiscuous mode enabled
2020-09-28T09:50:23 kernel pflog0: promiscuous mode disabled
...
2020-09-28T09:46:03 kernel pflog0: promiscuous mode enabled
2020-09-28T09:46:03 kernel pflog0: promiscuous mode disabled
2020-09-28T09:46:01 kernel pflog0: promiscuous mode enabled
2020-09-28T09:46:01 kernel pflog0: promiscuous mode disabled
2020-09-28T09:46:00 root[79453] reload filter for configured schedules

In backend log I have:

Code Select
2020-09-28T10:16:25 configd.py[31334] [88ef6a4c-852e-4c2d-9e9c-e80f68f19043] request filter log output
2020-09-28T10:16:23 configd.py[31334] [1616101d-c321-4686-87dc-6e8c35f1e0bc] request filter log output
2020-09-28T10:16:23 configd.py[31334] [ded9d7ec-0afe-4496-993a-a9291b0ddf8b] request pfctl byte/packet counters
2020-09-28T10:16:21 configd.py[31334] [ae0e98a4-6989-4aab-9e69-8bf663921ace] request filter log output
2020-09-28T10:16:19 configd.py[31334] [b92ed1aa-9564-4307-a083-87cea652604b] request filter log output
2020-09-28T10:16:18 configd.py[31334] [6fd12758-9661-47f3-903e-b33bb4a6e17b] request pfctl byte/packet counters
2020-09-28T10:16:17 configd.py[31334] [978e34da-1603-43db-8a73-43fffee75e7b] request filter log output
2020-09-28T10:16:17 configd.py[31334] [0ddb16e1-3625-4f03-a6f1-8c279333bbe7] list installed devices
2020-09-28T10:16:01 configd.py[31334] message dc6d2c1d-4c4e-44ae-a51a-fbebc462a689 [filter.refresh_aliases] returned
2020-09-28T10:16:00 configd.py[31334] [dc6d2c1d-4c4e-44ae-a51a-fbebc462a689] refresh url table aliases
2020-09-28T10:16:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:16:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:16:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:16:00 configd.py[31334] [83acc2e7-2109-460e-a715-1195d6e6b58b] generate template OPNsense/Filter
2020-09-28T10:15:36 configd.py[31334] message 6d10a7e2-22f5-4b64-81d5-19e536b48056 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:15:35 configd.py[31334] [4d4939e8-16dc-44f0-ac91-2c0a859b5667] updating dyndns WAN_DHCP
2020-09-28T10:15:35 configd.py[31334] [6d10a7e2-22f5-4b64-81d5-19e536b48056] refresh url table aliases
2020-09-28T10:15:35 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:15:35 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:15:35 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:15:35 configd.py[31334] [9c85d546-b2db-4062-864c-403a0102bded] generate template OPNsense/Filter
2020-09-28T10:15:34 configd.py[31334] [008732dd-da96-4489-931f-a0ba8cd09c5d] Reloading filter
2020-09-28T10:15:07 configd.py[31334] [dca11649-55cc-4efa-b51b-b3a59666fc24] Show log
2020-09-28T10:14:57 configd.py[31334] [eed4e98d-2ceb-4b2a-998d-5e27bc5677bb] Show log
2020-09-28T10:14:14 configd.py[31334] [a889176c-b98c-4712-9558-7b7d48cf0721] Show log
2020-09-28T10:14:14 configd.py[31334] [aa2f75cc-2265-477d-8538-c8b82cd89c1a] request filter log output
2020-09-28T10:14:12 configd.py[31334] [9baec4af-1f4b-447b-a60d-0ee83d2924d5] request pfctl byte/packet counters
2020-09-28T10:14:12 configd.py[31334] [e8977602-ff53-43b7-a2f0-4a63af641614] request filter log output
2020-09-28T10:14:10 configd.py[31334] [3d9aca19-f0c9-4cda-923b-ad5528cf6acc] request filter log output
2020-09-28T10:14:08 configd.py[31334] [cd62429c-2120-465b-9eaf-c145704310cb] request filter log output
2020-09-28T10:14:07 configd.py[31334] [0a55478b-40e0-43fc-9d91-49f12289497f] request pfctl byte/packet counters
2020-09-28T10:14:06 configd.py[31334] [50bb6653-ee72-4b3e-a10a-5a27ce08a1ee] request filter log output
2020-09-28T10:14:05 configd.py[31334] [2853ddde-6fca-4db5-bc1a-ec4219f23591] list installed devices
2020-09-28T10:11:16 configd.py[31334] message 48a40980-2eca-4712-93fb-2d59538e583d [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:11:15 configd.py[31334] [94f318ef-643e-418e-b13c-5ae57ed0d3fb] updating dyndns WAN_DHCP
2020-09-28T10:11:15 configd.py[31334] [48a40980-2eca-4712-93fb-2d59538e583d] refresh url table aliases
2020-09-28T10:11:15 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:11:15 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:11:15 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:11:15 configd.py[31334] [e5bc8a6f-ad68-48cc-b170-6e2477668ff8] generate template OPNsense/Filter
2020-09-28T10:11:14 configd.py[31334] [c8e242dc-da51-4bc6-8cdf-1d4610bc7f55] Reloading filter
2020-09-28T10:10:13 configd.py[31334] message 3caa6ee7-7fd4-44c2-8400-76766e009e78 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:10:13 configd.py[31334] [8bf9a6db-4dc8-4106-8843-47b7c33d4160] updating dyndns WAN_DHCP
2020-09-28T10:10:13 configd.py[31334] [3caa6ee7-7fd4-44c2-8400-76766e009e78] refresh url table aliases
2020-09-28T10:10:13 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:10:13 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:10:13 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:10:13 configd.py[31334] [14612f9c-7655-4cab-90e6-c59daf65f3b6] generate template OPNsense/Filter
2020-09-28T10:10:12 configd.py[31334] [2d6ef1f0-df90-4c0a-b8d6-e832fadae10f] Reloading filter
2020-09-28T10:05:04 configd.py[31334] [b887b828-c1ca-46d3-b3f5-802321a233b9] updating dyndns WAN_DHCP
2020-09-28T10:05:04 configd.py[31334] message 6793272a-b2ff-4c05-aa3f-0a1662c36c50 [filter.refresh_aliases] returned
2020-09-28T10:05:04 configd.py[31334] [6793272a-b2ff-4c05-aa3f-0a1662c36c50] refresh url table aliases
2020-09-28T10:05:04 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:05:04 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:05:04 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:05:04 configd.py[31334] [ea23a6d7-523b-4977-a4fd-496b0487b08d] generate template OPNsense/Filter
2020-09-28T10:05:03 configd.py[31334] [dcabf918-34cf-41a2-8fd4-0eaa73160b94] Reloading filter
2020-09-28T10:04:03 configd.py[31334] [b3f42468-b0d2-43c8-90f9-28787fd2ed8d] updating dyndns WAN_DHCP
2020-09-28T10:04:03 configd.py[31334] message bd000dc1-76aa-482a-a0ce-106fdff832f6 [filter.refresh_aliases] returned
2020-09-28T10:04:03 configd.py[31334] [bd000dc1-76aa-482a-a0ce-106fdff832f6] refresh url table aliases
2020-09-28T10:04:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:04:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:04:03 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:04:02 configd.py[31334] [f3a8d093-709c-4b24-b12e-7959d2f4277b] generate template OPNsense/Filter
2020-09-28T10:04:02 configd.py[31334] [8d9c8c2b-967f-4e55-aa2e-c7b86fae045e] Reloading filter
2020-09-28T10:03:00 configd.py[31334] [fcab3f7f-5410-409f-aac1-742a3de30b7e] refresh url table aliases
2020-09-28T10:02:46 configd.py[31334] message 7e52f3e0-cb64-4422-a6a1-12ccb5e50120 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:02:40 configd.py[31334] [e9b8b04a-08ba-418f-ba70-0810ff424c34] updating dyndns WAN_DHCP
2020-09-28T10:02:40 configd.py[31334] [7e52f3e0-cb64-4422-a6a1-12ccb5e50120] refresh url table aliases
2020-09-28T10:02:40 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:02:40 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:02:40 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:02:40 configd.py[31334] [cc8c6c91-ef48-43a6-bd81-f4a0a60bfddd] generate template OPNsense/Filter
2020-09-28T10:02:39 configd.py[31334] [c394844c-e4aa-4e6e-bcab-bbd57c7b8871] Reloading filter
2020-09-28T10:01:33 configd.py[31334] message e0985857-d45e-4c57-97a1-b3c384543341 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:01:33 configd.py[31334] [a6e4031b-3c80-4157-8bd9-69be6abb06d7] updating dyndns WAN_DHCP
2020-09-28T10:01:33 configd.py[31334] [e0985857-d45e-4c57-97a1-b3c384543341] refresh url table aliases
2020-09-28T10:01:33 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:01:33 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:01:33 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:01:32 configd.py[31334] [08809828-a922-4ed3-be6f-1a1fff075273] generate template OPNsense/Filter
2020-09-28T10:01:31 configd.py[31334] [2fb6abaa-9dc8-4281-9a2f-1b7f97be99fd] Reloading filter
2020-09-28T10:01:00 configd.py[31334] message ac89d7fa-efde-45fe-aaaf-131ee4d10c9b [filter.refresh_aliases] returned
2020-09-28T10:01:00 configd.py[31334] [ac89d7fa-efde-45fe-aaaf-131ee4d10c9b] refresh url table aliases
2020-09-28T10:01:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:01:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:01:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:01:00 configd.py[31334] [98a9cff9-c3d4-436c-8934-566a6783193e] generate template OPNsense/Filter
2020-09-28T09:51:28 configd.py[31334] message d076cfd6-b27f-49ab-b7c6-37c1eca6efc9 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T09:51:27 configd.py[31334] [f99cd913-0908-4ab5-9333-6258395ee92b] updating dyndns WAN_DHCP
2020-09-28T09:51:27 configd.py[31334] [d076cfd6-b27f-49ab-b7c6-37c1eca6efc9] refresh url table aliases
2020-09-28T09:51:27 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:51:27 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:51:27 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:51:27 configd.py[31334] [c310d0b9-b3f6-4661-83c6-9cd857827083] generate template OPNsense/Filter
2020-09-28T09:51:26 configd.py[31334] [771c72e6-93ee-45ce-9d9d-97df30546cf7] Reloading filter
2020-09-28T09:50:23 configd.py[31334] message 7ca07c05-850e-44b6-8e65-6f93251ca8f2 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T09:50:23 configd.py[31334] [9e0f1de7-41f3-4420-b90d-b611098fcaed] updating dyndns WAN_DHCP
2020-09-28T09:50:23 configd.py[31334] [7ca07c05-850e-44b6-8e65-6f93251ca8f2] refresh url table aliases
2020-09-28T09:50:23 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:50:23 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:50:23 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:50:23 configd.py[31334] [41d6234e-7636-4b05-b83c-a00ebeb1a94c] generate template OPNsense/Filter
2020-09-28T09:50:22 configd.py[31334] [04b6d84d-319c-4ff7-bcf6-a4f223740dd7] Reloading filter
2020-09-28T09:46:03 configd.py[31334] [cf44e5f4-1f22-4251-b395-5c6ad7ce5ab3] updating dyndns WAN_DHCP
2020-09-28T09:46:03 configd.py[31334] message 5e12ff25-9898-4efd-8097-53ee164f1070 [filter.refresh_aliases] returned
2020-09-28T09:46:03 configd.py[31334] [5e12ff25-9898-4efd-8097-53ee164f1070] refresh url table aliases
2020-09-28T09:46:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:46:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:46:03 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:46:03 configd.py[31334] [1bcafca0-8262-4a53-b553-8c49c77b767a] generate template OPNsense/Filter
2020-09-28T09:46:02 configd.py[31334] [837d90b8-feba-4206-858c-cb7ff3d28177] Reloading filter
2020-09-28T09:46:00 configd.py[31334] message c8ce6a52-1851-4d9d-bfb6-643e5719f515 [filter.refresh_aliases] returned
2020-09-28T09:46:00 configd.py[31334] [c8ce6a52-1851-4d9d-bfb6-643e5719f515] refresh url table aliases
2020-09-28T09:46:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:46:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:46:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:46:00 configd.py[31334] [997b102a-10da-479b-a031-b2591e603092] generate template OPNsense/Filter

Has apparently nothing to do with IPS alerts, no correlation at all.

All hardware offloading disabled, WAN is em0, LANs igb0 to igb3...
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
September 29, 2020, 09:55:47 AM #1
...updated to 20.7.3 last night, apparently stable now, will follow-up... ;-)
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
September 29, 2020, 10:33:22 AM #2
Now it's back again:

Code Select
2020-09-29T10:30:21 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:30:21 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__1.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:30:19 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:30:19 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__0.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:30:19 kernel pflog0: promiscuous mode enabled
2020-09-29T10:30:19 kernel pflog0: promiscuous mode disabled
2020-09-29T10:29:20 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:29:20 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__1.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:29:19 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:29:19 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__0.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:29:18 kernel pflog0: promiscuous mode enabled
2020-09-29T10:29:18 kernel pflog0: promiscuous mode disabled
2020-09-29T10:16:01 kernel pflog0: promiscuous mode enabled
2020-09-29T10:16:01 kernel pflog0: promiscuous mode disabled

Meanwhile in "Backend log"

Code Select
2020-09-29T10:30:19 configd.py[1835] [d0bd4b03-3f9c-43e9-a6cf-a04325e3d59e] updating dyndns WAN_DHCP
2020-09-29T10:30:19 configd.py[1835] [35b01774-b332-40d9-a174-a2a8aaef8325] refresh url table aliases
2020-09-29T10:30:19 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-29T10:30:19 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-29T10:30:18 configd.py[1835] generate template container OPNsense/Filter
2020-09-29T10:30:18 configd.py[1835] [a0d5e5b2-1a5a-431f-9273-e3d8d361d8d8] generate template OPNsense/Filter
2020-09-29T10:30:17 configd.py[1835] [979f8bf4-2fef-4e5b-8d5d-6c0349c29f1b] Reloading filter
2020-09-29T10:29:18 configd.py[1835] message 526db3a9-1d8d-4dbc-b7ff-0d7e0854110d [filter.refresh_aliases] returned {"status": "ok"}
2020-09-29T10:29:18 configd.py[1835] [fc0b263a-8661-495f-8fcc-f76fdfc78479] updating dyndns WAN_DHCP
2020-09-29T10:29:18 configd.py[1835] [526db3a9-1d8d-4dbc-b7ff-0d7e0854110d] refresh url table aliases
2020-09-29T10:29:18 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-29T10:29:18 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-29T10:29:18 configd.py[1835] generate template container OPNsense/Filter
2020-09-29T10:29:17 configd.py[1835] [a72dabfe-ee5f-4f7f-a926-27b7899112d5] generate template OPNsense/Filter
2020-09-29T10:29:17 configd.py[1835] [c34361e2-628d-4b26-96a1-5cb839315eba] Reloading filter

:-(
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
October 24, 2020, 11:31:48 AM #3
Hello,

I'm facing to similar behaviour since switched to 20.7 (currently running on 20.7.4):

Code Select

2020-10-24T11:16:04 kernel pflog0: promiscuous mode enabled
2020-10-24T11:16:04 kernel pflog0: promiscuous mode disabled
2020-10-24T11:16:00 root[38622] reload filter for configured schedules
2020-10-24T11:01:04 kernel pflog0: promiscuous mode enabled
2020-10-24T11:01:04 kernel pflog0: promiscuous mode disabled
2020-10-24T11:01:00 root[3511] reload filter for configured schedules
2020-10-24T10:46:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:46:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:46:00 root[25318] reload filter for configured schedules
2020-10-24T10:31:05 kernel pflog0: promiscuous mode enabled
2020-10-24T10:31:05 kernel pflog0: promiscuous mode disabled
2020-10-24T10:31:00 root[79202] reload filter for configured schedules
2020-10-24T10:16:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:16:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:16:00 root[75897] reload filter for configured schedules
2020-10-24T10:01:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:01:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:01:00 root[16756] reload filter for configured schedules


Would be great to know why that is happening.

Thank you for your support, Martin
December 04, 2020, 09:49:43 AM #4
Having the same Problem running on 20.7.5.

Kills the connection and tunnels. But it's totally random. We can not see any pattern.
December 04, 2020, 09:50:59 AM #5
Also got this on 2 separate machines with nothing changed on the hardware side, so I would rule out a hardware thing.

@chemlud @poupin: I would like to rule out a provider thing, we are running on vodafone
December 04, 2020, 11:34:35 AM #6 Last Edit: December 04, 2020, 11:39:05 AM by poupin
Hi Thomas,

I'm connected via local community provider via 5ghz network and the problem is present since I've migrated from 19.7.10 to 20.7 (so skipped 20.1). Currently I'm running using wan load balancing (connected via community provider and T-mobile LTE). On my machine the issue persists and happen periodically exactly each 15 minutes:

2020-12-04T11:16:05    pflog0: promiscuous mode enabled
2020-12-04T11:16:05    pflog0: promiscuous mode disabled
2020-12-04T11:16:00    reload filter for configured schedules
2020-12-04T11:01:05    pflog0: promiscuous mode enabled
2020-12-04T11:01:05    pflog0: promiscuous mode disabled
2020-12-04T11:01:00    reload filter for configured schedules

I'm using schedules to disable/enable traffic for selected users (e.g. block in late evening, etc). The schedules have 15min granularity in OPNsense, so thing if it could be somehow related to the schedules.

Thomas, are you using schedules?

Edit: finally I've found that in my case it happens due to how the schedules are implemented:
See reply from Franco in this thread: https://forum.opnsense.org/index.php?topic=13792.0

BR, Martin

Note: During migration I've did clean install of 20.7 and imported configuration via xml file, when migrated from 19.7.
December 04, 2020, 02:28:36 PM #7
No, we are not using any schedules no cronjobs or firewall schedules.

Can you please check (after a few days) if the problem is gone or if it occurs less often.
December 04, 2020, 03:58:35 PM #8
For the uninformed masses (that'd be me), can someone explain (in short, or a URL to a proper longer version) what that pflog0 interfqce does in fact, and why its switching back and forth to promiscuous? Ps. I know what promisc mode for a normal NIC does, but for such virtual device I dont get it.
December 04, 2020, 09:24:35 PM #9 Last Edit: December 04, 2020, 09:27:05 PM by Scanline
Having the same problem. Connections drop every now and then, somtimes multiple times per minute, sometimes it takes some more minutes.

OPNsense 20.7.5-amd64 // up to date packages

Code Select
General:
2020-12-04T21:08:25 kernel pflog0: promiscuous mode enabled
2020-12-04T21:08:25 kernel pflog0: promiscuous mode disabled

Backend:
2020-12-04T21:08:26 configd.py[932] message 2249bace-f1ab-4951-ab10-34003008d972 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-04T21:08:25 configd.py[932] [ac4a9a66-1ff7-429d-8401-f85ae1b45c5b] updating dyndns <snip>
2020-12-04T21:08:25 configd.py[932] [2249bace-f1ab-4951-ab10-34003008d972] refresh url table aliases
2020-12-04T21:08:25 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-04T21:08:25 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-04T21:08:25 configd.py[932] generate template container OPNsense/Filter
2020-12-04T21:08:25 configd.py[932] [0b58104c-3461-4f29-9185-6be7ce99fd93] generate template OPNsense/Filter
2020-12-04T21:08:24 configd.py[932] [d28eca11-c501-4f0a-8385-295bd7efbf54] Reloading filter

https://pastebin.com/K7GPEhN0
December 05, 2020, 07:06:38 AM #10
@Scanline
Quotehttps://pastebin.com/K7GPEhN0
can you please share backend log for the same period?

@Ricardo
Quotethat pflog0 interfqce does in fact
firewall (pf) logging (log) interface. pf sends packets that you choose to log to this interface (adding some its headers)
Quoteand why its switching back and forth to promiscuous
it must be switched to promiscuous to grab packets from it. so you can see firewall logs in file or gui.
you can see filterlog process in activity
December 05, 2020, 08:30:24 AM #11 Last Edit: December 05, 2020, 02:27:23 PM by Scanline
I don't have the log anymore.

After I shut down my workstation the behavior stopped and hasn't returned since I turned my workstation back on.

/Edit: I can confirm that when the config interface isn't opened inside a browser, the issue doesn't appear, so far.

Code Select
Dec  4 22:45:09 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:45:09 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:46:00 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:46:00 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:47:08 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:47:08 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:57:09 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:57:09 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:57:22 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:57:22 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:00:18 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:00:18 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:01:17 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:01:17 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:03 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:03 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:04 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:04 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:06 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:06 OPNsense kernel: pflog0: promiscuous mode enabled[/code
10:10 I closed the tab, it is now 13:00

/Edit2

It returned :(

Code Select
2020-12-05T14:23:30 configd.py[932] [3e58f1c1-c342-4232-8a86-2eb1a10d2276] Show log
2020-12-05T14:23:28 configd.py[932] message d851624f-959f-433c-914d-4f5a9f98e48a [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:23:27 configd.py[932] [bad6ac7a-e482-4fc9-9bd3-92712d30124d] updating dyndns WG_MULLVAD_GW
2020-12-05T14:23:27 configd.py[932] [d851624f-959f-433c-914d-4f5a9f98e48a] refresh url table aliases
2020-12-05T14:23:27 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:23:27 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:23:27 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:23:26 configd.py[932] [9c1e580f-0f4c-417d-b3b1-c6e91e18aa48] generate template OPNsense/Filter
2020-12-05T14:23:26 configd.py[932] [46cc3743-03f3-41bc-ad71-d1e56308cf07] Reloading filter
2020-12-05T14:23:17 configd.py[932] [548e5ab7-3531-4626-b02c-b59e542cdc88] Show log
2020-12-05T14:23:16 configd.py[932] message bb9b39c7-5de1-48d1-ad69-cf8ec06dc41f [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:23:15 configd.py[932] [9b70e446-811e-453f-a8f6-9080b7970cc6] updating dyndns WG_MULLVAD_GW
2020-12-05T14:23:15 configd.py[932] [bb9b39c7-5de1-48d1-ad69-cf8ec06dc41f] refresh url table aliases
2020-12-05T14:23:15 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:23:15 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:23:15 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:23:15 configd.py[932] [09e0421f-0234-4a64-83c3-ea7b724a1b16] generate template OPNsense/Filter
2020-12-05T14:23:14 configd.py[932] [64538364-3f9d-4e7f-abd7-bd53c40f5c8e] Reloading filter
2020-12-05T14:23:11 configd.py[932] [cdfbf8f1-c37e-4925-a20e-888dcddf2e8a] Reading system temperature values
2020-12-05T14:23:11 configd.py[932] [b15ff43a-9e15-4ff1-af19-85b6cd11bea6] request pfctl byte/packet counters
2020-12-05T14:23:05 configd.py[932] [675b97f2-a13c-43a6-a1d8-7f15d5419810] Reading system temperature values
2020-12-05T14:23:04 configd.py[932] [ad933e3b-2087-4ccf-9273-e8eae74b2dca] request pfctl byte/packet counters
2020-12-05T14:21:54 configd.py[932] message e24066b6-3639-45a2-ae3e-87a7e115aa94 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:21:53 configd.py[932] [f7dbdaa5-97f5-45c2-a8c7-d84d1e622cec] updating dyndns WG_MULLVAD_GW
2020-12-05T14:21:53 configd.py[932] [e24066b6-3639-45a2-ae3e-87a7e115aa94] refresh url table aliases
2020-12-05T14:21:53 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:21:53 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:21:53 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:21:53 configd.py[932] [262dbfda-0787-488d-9bfd-711df39c16c7] generate template OPNsense/Filter
2020-12-05T14:21:52 configd.py[932] [5382f17d-9631-4214-abbd-4b3f188e12d4] Reloading filter
2020-12-05T14:21:38 configd.py[932] message 1528e4cf-deab-437e-ab7e-642befea130b [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:21:37 configd.py[932] [3c92a705-a7d3-4f1c-97dd-c42c2c611c00] updating dyndns WG_MULLVAD_GW
2020-12-05T14:21:37 configd.py[932] [1528e4cf-deab-437e-ab7e-642befea130b] refresh url table aliases
2020-12-05T14:21:37 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:21:37 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:21:37 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:21:37 configd.py[932] [69a767ac-fa99-4434-8212-14eab983bf7c] generate template OPNsense/Filter
2020-12-05T14:21:36 configd.py[932] [bb52bea8-6036-49e6-805f-12fdf1fda36c] Reloading filter
2020-12-05T14:20:37 configd.py[932] message 1ea589b6-aac6-405b-8d91-52415f8965da [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:20:36 configd.py[932] [8604bf9d-9a8e-41f6-8bc9-d473172fdeb3] updating dyndns WG_MULLVAD_GW
2020-12-05T14:20:36 configd.py[932] [1ea589b6-aac6-405b-8d91-52415f8965da] refresh url table aliases
2020-12-05T14:20:36 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:20:36 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:20:35 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:20:35 configd.py[932] [a0d8911e-60b7-48a8-8e96-7747d332d130] generate template OPNsense/Filter
2020-12-05T14:20:35 configd.py[932] [a8e35c13-1faf-4bf5-ae0b-911bb2610e19] Reloading filter
2020-12-05T14:20:12 configd.py[932] message dcb11523-e364-4623-bfab-4c9a81d68409 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:20:11 configd.py[932] [93e2b77b-759f-46bb-b5cb-80be5c387212] updating dyndns WG_MULLVAD_GW
2020-12-05T14:20:11 configd.py[932] [dcb11523-e364-4623-bfab-4c9a81d68409] refresh url table aliases
2020-12-05T14:20:11 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:20:11 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:20:10 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:20:10 configd.py[932] [5514d7ad-a5c0-4f1a-b65c-f0b7989a26b2] generate template OPNsense/Filter
2020-12-05T14:20:10 configd.py[932] [a9624d75-cc33-472a-9f45-628ed007f408] Reloading filter

Code Select
2020-12-05T14:23:27 kernel pflog0: promiscuous mode enabled
2020-12-05T14:23:27 kernel pflog0: promiscuous mode disabled
2020-12-05T14:23:15 kernel pflog0: promiscuous mode enabled
2020-12-05T14:23:15 kernel pflog0: promiscuous mode disabled
2020-12-05T14:22:20 sudo[38393] *** : TTY=pts/1 ; PWD=/home/*** ; USER=root ; COMMAND=/usr/local/sbin/opnsense-shell
2020-12-05T14:22:20 sudo[38393] *** : TTY=pts/1 ; PWD=/home/*** ; USER=root ; COMMAND=/usr/local/sbin/opnsense-shell
2020-12-05T14:22:20 opnsense[18336]
2020-12-05T14:22:20 opnsense[18336] user *** authenticated successfully for sudo [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:22:16 sshd[49163] Accepted keyboard-interactive/pam for *** from 192.168.10.3 port 40538 ssh2
2020-12-05T14:22:16 sshd[49163] Postponed keyboard-interactive/pam for *** from 192.168.10.3 port 40538 ssh2 [preauth]
2020-12-05T14:22:16 opnsense[90495]
2020-12-05T14:22:16 opnsense[90495] user *** authenticated successfully for sshd [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:22:13 sshd[49163] Postponed keyboard-interactive for *** from 192.168.10.3 port 40538 ssh2 [preauth]
2020-12-05T14:22:13 sshd[49163] error: PAM: Authentication error for *** from 192.168.10.3
2020-12-05T14:22:13 sshd[49163] error: PAM: Authentication error for *** from 192.168.10.3
2020-12-05T14:22:13 opnsense[52151]
2020-12-05T14:22:13 opnsense[52151] user *** could not authenticate for sshd. [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:21:53 kernel pflog0: promiscuous mode enabled
2020-12-05T14:21:53 kernel pflog0: promiscuous mode disabled
2020-12-05T14:21:37 kernel pflog0: promiscuous mode enabled
2020-12-05T14:21:37 kernel pflog0: promiscuous mode disabled
2020-12-05T14:20:36 kernel pflog0: promiscuous mode enabled
2020-12-05T14:20:36 kernel pflog0: promiscuous mode disabled
2020-12-05T14:20:11 kernel pflog0: promiscuous mode enabled
2020-12-05T14:20:11 kernel pflog0: promiscuous mode disabled
December 06, 2020, 10:54:24 AM #12 Last Edit: December 06, 2020, 10:56:26 AM by Fright
QuoteI can confirm that when the config interface isn't opened inside a browser, the issue doesn't appear, so far.
intresting. there is some logic
QuoteIt returned
again with GUI opened?
can you determine which tab it is associated with? Dashboard?
December 06, 2020, 11:34:44 AM #13
Today I removed the cause for this entry:

2020-12-05T14:21:53   configd.py[932]   [f7dbdaa5-97f5-45c2-a8c7-d84d1e622cec] updating dyndns WG_MULLVAD_GW

WG_MULLVAD_GW didn't even exist anymore, so far I don't didn't have a single issue in > 5 h. Yesterday the issue was getting worse the later it got. Also with my PC shut down and nothing accessing the web front end. Let's see if it was the dpinger thing. So far, it looks good.
December 07, 2020, 09:57:01 AM #14
Quote from: Fright on December 05, 2020, 07:06:38 AM
@Scanline
Quotehttps://pastebin.com/K7GPEhN0
can you please share backend log for the same period?

@Ricardo
Quotethat pflog0 interfqce does in fact
firewall (pf) logging (log) interface. pf sends packets that you choose to log to this interface (adding some its headers)
Quoteand why its switching back and forth to promiscuous
it must be switched to promiscuous to grab packets from it. so you can see firewall logs in file or gui.
you can see filterlog process in activity

So if I understood you correctly, pflog0 promisc enable/disable should only happen when I watch the logs of the firewall (e.g. GUI firewall Live view)?
Print
Go Up Pages1 2 3
User actions