OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« previous next »
  • Print
Pages: [1] 2 3

Author Topic: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min  (Read 22041 times)

chemlud

  • Hero Member
  • *****
  • Posts: 2483
  • Karma: 112
    • View Profile
kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« on: September 28, 2020, 10:33:34 am »
Hi again!

Last year we had this every 15 min, a reload due to schedules rules,

https://forum.opnsense.org/index.php?topic=13792.0

but lately (since 20.7? I'm still on 20.7.1, reluctant to update...) it's every few minutes and kills off all states between LAN interfaces, tunnels, etc. Quite annoying...

Code: [Select]
2020-09-28T10:16:01 kernel pflog0: promiscuous mode enabled
2020-09-28T10:16:01 kernel pflog0: promiscuous mode disabled
2020-09-28T10:16:00 root[45899] reload filter for configured schedules
...
2020-09-28T10:15:35 kernel pflog0: promiscuous mode enabled
2020-09-28T10:15:35 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:11:15 kernel pflog0: promiscuous mode enabled
2020-09-28T10:11:15 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:10:13 kernel pflog0: promiscuous mode enabled
2020-09-28T10:10:13 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:05:04 kernel pflog0: promiscuous mode enabled
2020-09-28T10:05:04 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:04:03 kernel pflog0: promiscuous mode enabled
2020-09-28T10:04:03 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:02:40 kernel pflog0: promiscuous mode enabled
2020-09-28T10:02:40 kernel pflog0: promiscuous mode disabled
...
2020-09-28T10:01:33 kernel pflog0: promiscuous mode enabled
2020-09-28T10:01:33 kernel pflog0: promiscuous mode disabled
2020-09-28T10:01:01 kernel pflog0: promiscuous mode enabled
2020-09-28T10:01:01 kernel pflog0: promiscuous mode disabled
2020-09-28T10:01:00 root[61420] reload filter for configured schedules
...
2020-09-28T09:51:27 kernel pflog0: promiscuous mode enabled
2020-09-28T09:51:27 kernel pflog0: promiscuous mode disabled
...
2020-09-28T09:50:23 kernel pflog0: promiscuous mode enabled
2020-09-28T09:50:23 kernel pflog0: promiscuous mode disabled
...
2020-09-28T09:46:03 kernel pflog0: promiscuous mode enabled
2020-09-28T09:46:03 kernel pflog0: promiscuous mode disabled
2020-09-28T09:46:01 kernel pflog0: promiscuous mode enabled
2020-09-28T09:46:01 kernel pflog0: promiscuous mode disabled
2020-09-28T09:46:00 root[79453] reload filter for configured schedules
In backend log I have:

Code: [Select]
2020-09-28T10:16:25 configd.py[31334] [88ef6a4c-852e-4c2d-9e9c-e80f68f19043] request filter log output
2020-09-28T10:16:23 configd.py[31334] [1616101d-c321-4686-87dc-6e8c35f1e0bc] request filter log output
2020-09-28T10:16:23 configd.py[31334] [ded9d7ec-0afe-4496-993a-a9291b0ddf8b] request pfctl byte/packet counters
2020-09-28T10:16:21 configd.py[31334] [ae0e98a4-6989-4aab-9e69-8bf663921ace] request filter log output
2020-09-28T10:16:19 configd.py[31334] [b92ed1aa-9564-4307-a083-87cea652604b] request filter log output
2020-09-28T10:16:18 configd.py[31334] [6fd12758-9661-47f3-903e-b33bb4a6e17b] request pfctl byte/packet counters
2020-09-28T10:16:17 configd.py[31334] [978e34da-1603-43db-8a73-43fffee75e7b] request filter log output
2020-09-28T10:16:17 configd.py[31334] [0ddb16e1-3625-4f03-a6f1-8c279333bbe7] list installed devices
2020-09-28T10:16:01 configd.py[31334] message dc6d2c1d-4c4e-44ae-a51a-fbebc462a689 [filter.refresh_aliases] returned
2020-09-28T10:16:00 configd.py[31334] [dc6d2c1d-4c4e-44ae-a51a-fbebc462a689] refresh url table aliases
2020-09-28T10:16:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:16:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:16:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:16:00 configd.py[31334] [83acc2e7-2109-460e-a715-1195d6e6b58b] generate template OPNsense/Filter
2020-09-28T10:15:36 configd.py[31334] message 6d10a7e2-22f5-4b64-81d5-19e536b48056 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:15:35 configd.py[31334] [4d4939e8-16dc-44f0-ac91-2c0a859b5667] updating dyndns WAN_DHCP
2020-09-28T10:15:35 configd.py[31334] [6d10a7e2-22f5-4b64-81d5-19e536b48056] refresh url table aliases
2020-09-28T10:15:35 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:15:35 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:15:35 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:15:35 configd.py[31334] [9c85d546-b2db-4062-864c-403a0102bded] generate template OPNsense/Filter
2020-09-28T10:15:34 configd.py[31334] [008732dd-da96-4489-931f-a0ba8cd09c5d] Reloading filter
2020-09-28T10:15:07 configd.py[31334] [dca11649-55cc-4efa-b51b-b3a59666fc24] Show log
2020-09-28T10:14:57 configd.py[31334] [eed4e98d-2ceb-4b2a-998d-5e27bc5677bb] Show log
2020-09-28T10:14:14 configd.py[31334] [a889176c-b98c-4712-9558-7b7d48cf0721] Show log
2020-09-28T10:14:14 configd.py[31334] [aa2f75cc-2265-477d-8538-c8b82cd89c1a] request filter log output
2020-09-28T10:14:12 configd.py[31334] [9baec4af-1f4b-447b-a60d-0ee83d2924d5] request pfctl byte/packet counters
2020-09-28T10:14:12 configd.py[31334] [e8977602-ff53-43b7-a2f0-4a63af641614] request filter log output
2020-09-28T10:14:10 configd.py[31334] [3d9aca19-f0c9-4cda-923b-ad5528cf6acc] request filter log output
2020-09-28T10:14:08 configd.py[31334] [cd62429c-2120-465b-9eaf-c145704310cb] request filter log output
2020-09-28T10:14:07 configd.py[31334] [0a55478b-40e0-43fc-9d91-49f12289497f] request pfctl byte/packet counters
2020-09-28T10:14:06 configd.py[31334] [50bb6653-ee72-4b3e-a10a-5a27ce08a1ee] request filter log output
2020-09-28T10:14:05 configd.py[31334] [2853ddde-6fca-4db5-bc1a-ec4219f23591] list installed devices
2020-09-28T10:11:16 configd.py[31334] message 48a40980-2eca-4712-93fb-2d59538e583d [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:11:15 configd.py[31334] [94f318ef-643e-418e-b13c-5ae57ed0d3fb] updating dyndns WAN_DHCP
2020-09-28T10:11:15 configd.py[31334] [48a40980-2eca-4712-93fb-2d59538e583d] refresh url table aliases
2020-09-28T10:11:15 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:11:15 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:11:15 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:11:15 configd.py[31334] [e5bc8a6f-ad68-48cc-b170-6e2477668ff8] generate template OPNsense/Filter
2020-09-28T10:11:14 configd.py[31334] [c8e242dc-da51-4bc6-8cdf-1d4610bc7f55] Reloading filter
2020-09-28T10:10:13 configd.py[31334] message 3caa6ee7-7fd4-44c2-8400-76766e009e78 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:10:13 configd.py[31334] [8bf9a6db-4dc8-4106-8843-47b7c33d4160] updating dyndns WAN_DHCP
2020-09-28T10:10:13 configd.py[31334] [3caa6ee7-7fd4-44c2-8400-76766e009e78] refresh url table aliases
2020-09-28T10:10:13 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:10:13 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:10:13 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:10:13 configd.py[31334] [14612f9c-7655-4cab-90e6-c59daf65f3b6] generate template OPNsense/Filter
2020-09-28T10:10:12 configd.py[31334] [2d6ef1f0-df90-4c0a-b8d6-e832fadae10f] Reloading filter
2020-09-28T10:05:04 configd.py[31334] [b887b828-c1ca-46d3-b3f5-802321a233b9] updating dyndns WAN_DHCP
2020-09-28T10:05:04 configd.py[31334] message 6793272a-b2ff-4c05-aa3f-0a1662c36c50 [filter.refresh_aliases] returned
2020-09-28T10:05:04 configd.py[31334] [6793272a-b2ff-4c05-aa3f-0a1662c36c50] refresh url table aliases
2020-09-28T10:05:04 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:05:04 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:05:04 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:05:04 configd.py[31334] [ea23a6d7-523b-4977-a4fd-496b0487b08d] generate template OPNsense/Filter
2020-09-28T10:05:03 configd.py[31334] [dcabf918-34cf-41a2-8fd4-0eaa73160b94] Reloading filter
2020-09-28T10:04:03 configd.py[31334] [b3f42468-b0d2-43c8-90f9-28787fd2ed8d] updating dyndns WAN_DHCP
2020-09-28T10:04:03 configd.py[31334] message bd000dc1-76aa-482a-a0ce-106fdff832f6 [filter.refresh_aliases] returned
2020-09-28T10:04:03 configd.py[31334] [bd000dc1-76aa-482a-a0ce-106fdff832f6] refresh url table aliases
2020-09-28T10:04:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:04:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:04:03 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:04:02 configd.py[31334] [f3a8d093-709c-4b24-b12e-7959d2f4277b] generate template OPNsense/Filter
2020-09-28T10:04:02 configd.py[31334] [8d9c8c2b-967f-4e55-aa2e-c7b86fae045e] Reloading filter
2020-09-28T10:03:00 configd.py[31334] [fcab3f7f-5410-409f-aac1-742a3de30b7e] refresh url table aliases
2020-09-28T10:02:46 configd.py[31334] message 7e52f3e0-cb64-4422-a6a1-12ccb5e50120 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:02:40 configd.py[31334] [e9b8b04a-08ba-418f-ba70-0810ff424c34] updating dyndns WAN_DHCP
2020-09-28T10:02:40 configd.py[31334] [7e52f3e0-cb64-4422-a6a1-12ccb5e50120] refresh url table aliases
2020-09-28T10:02:40 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:02:40 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:02:40 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:02:40 configd.py[31334] [cc8c6c91-ef48-43a6-bd81-f4a0a60bfddd] generate template OPNsense/Filter
2020-09-28T10:02:39 configd.py[31334] [c394844c-e4aa-4e6e-bcab-bbd57c7b8871] Reloading filter
2020-09-28T10:01:33 configd.py[31334] message e0985857-d45e-4c57-97a1-b3c384543341 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T10:01:33 configd.py[31334] [a6e4031b-3c80-4157-8bd9-69be6abb06d7] updating dyndns WAN_DHCP
2020-09-28T10:01:33 configd.py[31334] [e0985857-d45e-4c57-97a1-b3c384543341] refresh url table aliases
2020-09-28T10:01:33 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:01:33 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:01:33 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:01:32 configd.py[31334] [08809828-a922-4ed3-be6f-1a1fff075273] generate template OPNsense/Filter
2020-09-28T10:01:31 configd.py[31334] [2fb6abaa-9dc8-4281-9a2f-1b7f97be99fd] Reloading filter
2020-09-28T10:01:00 configd.py[31334] message ac89d7fa-efde-45fe-aaaf-131ee4d10c9b [filter.refresh_aliases] returned
2020-09-28T10:01:00 configd.py[31334] [ac89d7fa-efde-45fe-aaaf-131ee4d10c9b] refresh url table aliases
2020-09-28T10:01:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T10:01:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T10:01:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T10:01:00 configd.py[31334] [98a9cff9-c3d4-436c-8934-566a6783193e] generate template OPNsense/Filter
2020-09-28T09:51:28 configd.py[31334] message d076cfd6-b27f-49ab-b7c6-37c1eca6efc9 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T09:51:27 configd.py[31334] [f99cd913-0908-4ab5-9333-6258395ee92b] updating dyndns WAN_DHCP
2020-09-28T09:51:27 configd.py[31334] [d076cfd6-b27f-49ab-b7c6-37c1eca6efc9] refresh url table aliases
2020-09-28T09:51:27 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:51:27 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:51:27 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:51:27 configd.py[31334] [c310d0b9-b3f6-4661-83c6-9cd857827083] generate template OPNsense/Filter
2020-09-28T09:51:26 configd.py[31334] [771c72e6-93ee-45ce-9d9d-97df30546cf7] Reloading filter
2020-09-28T09:50:23 configd.py[31334] message 7ca07c05-850e-44b6-8e65-6f93251ca8f2 [filter.refresh_aliases] returned {"status": "ok"}
2020-09-28T09:50:23 configd.py[31334] [9e0f1de7-41f3-4420-b90d-b611098fcaed] updating dyndns WAN_DHCP
2020-09-28T09:50:23 configd.py[31334] [7ca07c05-850e-44b6-8e65-6f93251ca8f2] refresh url table aliases
2020-09-28T09:50:23 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:50:23 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:50:23 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:50:23 configd.py[31334] [41d6234e-7636-4b05-b83c-a00ebeb1a94c] generate template OPNsense/Filter
2020-09-28T09:50:22 configd.py[31334] [04b6d84d-319c-4ff7-bcf6-a4f223740dd7] Reloading filter
2020-09-28T09:46:03 configd.py[31334] [cf44e5f4-1f22-4251-b395-5c6ad7ce5ab3] updating dyndns WAN_DHCP
2020-09-28T09:46:03 configd.py[31334] message 5e12ff25-9898-4efd-8097-53ee164f1070 [filter.refresh_aliases] returned
2020-09-28T09:46:03 configd.py[31334] [5e12ff25-9898-4efd-8097-53ee164f1070] refresh url table aliases
2020-09-28T09:46:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:46:03 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:46:03 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:46:03 configd.py[31334] [1bcafca0-8262-4a53-b553-8c49c77b767a] generate template OPNsense/Filter
2020-09-28T09:46:02 configd.py[31334] [837d90b8-feba-4206-858c-cb7ff3d28177] Reloading filter
2020-09-28T09:46:00 configd.py[31334] message c8ce6a52-1851-4d9d-bfb6-643e5719f515 [filter.refresh_aliases] returned
2020-09-28T09:46:00 configd.py[31334] [c8ce6a52-1851-4d9d-bfb6-643e5719f515] refresh url table aliases
2020-09-28T09:46:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-28T09:46:00 configd.py[31334] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-28T09:46:00 configd.py[31334] generate template container OPNsense/Filter
2020-09-28T09:46:00 configd.py[31334] [997b102a-10da-479b-a031-b2591e603092] generate template OPNsense/Filter
Has apparently nothing to do with IPS alerts, no correlation at all.

All hardware offloading disabled, WAN is em0, LANs igb0 to igb3...
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....

chemlud

  • Hero Member
  • *****
  • Posts: 2483
  • Karma: 112
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #1 on: September 29, 2020, 09:55:47 am »
...updated to 20.7.3 last night, apparently stable now, will follow-up... ;-)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....

chemlud

  • Hero Member
  • *****
  • Posts: 2483
  • Karma: 112
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #2 on: September 29, 2020, 10:33:22 am »
Now it's back again:

Code: [Select]
2020-09-29T10:30:21 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:30:21 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__1.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:30:19 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:30:19 opnsense[73791] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__0.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:30:19 kernel pflog0: promiscuous mode enabled
2020-09-29T10:30:19 kernel pflog0: promiscuous mode disabled
2020-09-29T10:29:20 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:29:20 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__1.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:29:19 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: (Success) IP Address Updated Successfully!
2020-09-29T10:29:19 opnsense[30735] /usr/local/etc/rc.dyndns: Dynamic DNS: updating cache file /var/cache/dyndns_wan__0.cache: xx.yy.zz.aa.bb.cc
2020-09-29T10:29:18 kernel pflog0: promiscuous mode enabled
2020-09-29T10:29:18 kernel pflog0: promiscuous mode disabled
2020-09-29T10:16:01 kernel pflog0: promiscuous mode enabled
2020-09-29T10:16:01 kernel pflog0: promiscuous mode disabled
Meanwhile in "Backend log"

Code: [Select]
2020-09-29T10:30:19 configd.py[1835] [d0bd4b03-3f9c-43e9-a6cf-a04325e3d59e] updating dyndns WAN_DHCP
2020-09-29T10:30:19 configd.py[1835] [35b01774-b332-40d9-a174-a2a8aaef8325] refresh url table aliases
2020-09-29T10:30:19 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-29T10:30:19 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-29T10:30:18 configd.py[1835] generate template container OPNsense/Filter
2020-09-29T10:30:18 configd.py[1835] [a0d5e5b2-1a5a-431f-9273-e3d8d361d8d8] generate template OPNsense/Filter
2020-09-29T10:30:17 configd.py[1835] [979f8bf4-2fef-4e5b-8d5d-6c0349c29f1b] Reloading filter
2020-09-29T10:29:18 configd.py[1835] message 526db3a9-1d8d-4dbc-b7ff-0d7e0854110d [filter.refresh_aliases] returned {"status": "ok"}
2020-09-29T10:29:18 configd.py[1835] [fc0b263a-8661-495f-8fcc-f76fdfc78479] updating dyndns WAN_DHCP
2020-09-29T10:29:18 configd.py[1835] [526db3a9-1d8d-4dbc-b7ff-0d7e0854110d] refresh url table aliases
2020-09-29T10:29:18 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-09-29T10:29:18 configd.py[1835] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-09-29T10:29:18 configd.py[1835] generate template container OPNsense/Filter
2020-09-29T10:29:17 configd.py[1835] [a72dabfe-ee5f-4f7f-a926-27b7899112d5] generate template OPNsense/Filter
2020-09-29T10:29:17 configd.py[1835] [c34361e2-628d-4b26-96a1-5cb839315eba] Reloading filter
:-(
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....

poupin

  • Newbie
  • *
  • Posts: 16
  • Karma: 1
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #3 on: October 24, 2020, 11:31:48 am »
Hello,

I'm facing to similar behaviour since switched to 20.7 (currently running on 20.7.4):

Code: [Select]
2020-10-24T11:16:04 kernel pflog0: promiscuous mode enabled
2020-10-24T11:16:04 kernel pflog0: promiscuous mode disabled
2020-10-24T11:16:00 root[38622] reload filter for configured schedules
2020-10-24T11:01:04 kernel pflog0: promiscuous mode enabled
2020-10-24T11:01:04 kernel pflog0: promiscuous mode disabled
2020-10-24T11:01:00 root[3511] reload filter for configured schedules
2020-10-24T10:46:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:46:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:46:00 root[25318] reload filter for configured schedules
2020-10-24T10:31:05 kernel pflog0: promiscuous mode enabled
2020-10-24T10:31:05 kernel pflog0: promiscuous mode disabled
2020-10-24T10:31:00 root[79202] reload filter for configured schedules
2020-10-24T10:16:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:16:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:16:00 root[75897] reload filter for configured schedules
2020-10-24T10:01:04 kernel pflog0: promiscuous mode enabled
2020-10-24T10:01:04 kernel pflog0: promiscuous mode disabled
2020-10-24T10:01:00 root[16756] reload filter for configured schedules

Would be great to know why that is happening.

Thank you for your support, Martin
Logged

thomasgg

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #4 on: December 04, 2020, 09:49:43 am »
Having the same Problem running on 20.7.5.

Kills the connection and tunnels. But it's totally random. We can not see any pattern.
Logged

thomasgg

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #5 on: December 04, 2020, 09:50:59 am »
Also got this on 2 separate machines with nothing changed on the hardware side, so I would rule out a hardware thing.

@chemlud @poupin: I would like to rule out a provider thing, we are running on vodafone
Logged

poupin

  • Newbie
  • *
  • Posts: 16
  • Karma: 1
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #6 on: December 04, 2020, 11:34:35 am »
Hi Thomas,

I'm connected via local community provider via 5ghz network and the problem is present since I've migrated from 19.7.10 to 20.7 (so skipped 20.1). Currently I'm running using wan load balancing (connected via community provider and T-mobile LTE). On my machine the issue persists and happen periodically exactly each 15 minutes:

2020-12-04T11:16:05    pflog0: promiscuous mode enabled
2020-12-04T11:16:05    pflog0: promiscuous mode disabled
2020-12-04T11:16:00    reload filter for configured schedules
2020-12-04T11:01:05    pflog0: promiscuous mode enabled
2020-12-04T11:01:05    pflog0: promiscuous mode disabled
2020-12-04T11:01:00    reload filter for configured schedules

I'm using schedules to disable/enable traffic for selected users (e.g. block in late evening, etc). The schedules have 15min granularity in OPNsense, so thing if it could be somehow related to the schedules.

Thomas, are you using schedules?

Edit: finally I've found that in my case it happens due to how the schedules are implemented:
See reply from Franco in this thread: https://forum.opnsense.org/index.php?topic=13792.0

BR, Martin

Note: During migration I've did clean install of 20.7 and imported configuration via xml file, when migrated from 19.7.
« Last Edit: December 04, 2020, 11:39:05 am by poupin »
Logged

thomasgg

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #7 on: December 04, 2020, 02:28:36 pm »
No, we are not using any schedules no cronjobs or firewall schedules.

Can you please check (after a few days) if the problem is gone or if it occurs less often.
Logged

Ricardo

  • Full Member
  • ***
  • Posts: 233
  • Karma: 12
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #8 on: December 04, 2020, 03:58:35 pm »
For the uninformed masses (that'd be me), can someone explain (in short, or a URL to a proper longer version) what that pflog0 interfqce does in fact, and why its switching back and forth to promiscuous? Ps. I know what promisc mode for a normal NIC does, but for such virtual device I dont get it.
Logged

Scanline

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #9 on: December 04, 2020, 09:24:35 pm »
Having the same problem. Connections drop every now and then, somtimes multiple times per minute, sometimes it takes some more minutes.

OPNsense 20.7.5-amd64 // up to date packages

Code: [Select]
General:
2020-12-04T21:08:25 kernel pflog0: promiscuous mode enabled
2020-12-04T21:08:25 kernel pflog0: promiscuous mode disabled

Backend:
2020-12-04T21:08:26 configd.py[932] message 2249bace-f1ab-4951-ab10-34003008d972 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-04T21:08:25 configd.py[932] [ac4a9a66-1ff7-429d-8401-f85ae1b45c5b] updating dyndns <snip>
2020-12-04T21:08:25 configd.py[932] [2249bace-f1ab-4951-ab10-34003008d972] refresh url table aliases
2020-12-04T21:08:25 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-04T21:08:25 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-04T21:08:25 configd.py[932] generate template container OPNsense/Filter
2020-12-04T21:08:25 configd.py[932] [0b58104c-3461-4f29-9185-6be7ce99fd93] generate template OPNsense/Filter
2020-12-04T21:08:24 configd.py[932] [d28eca11-c501-4f0a-8385-295bd7efbf54] Reloading filter
https://pastebin.com/K7GPEhN0
« Last Edit: December 04, 2020, 09:27:05 pm by Scanline »
Logged

Fright

  • Hero Member
  • *****
  • Posts: 1777
  • Karma: 164
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #10 on: December 05, 2020, 07:06:38 am »
@Scanline
Quote
https://pastebin.com/K7GPEhN0
can you please share backend log for the same period?

@Ricardo
Quote
that pflog0 interfqce does in fact
firewall (pf) logging (log) interface. pf sends packets that you choose to log to this interface (adding some its headers)
Quote
and why its switching back and forth to promiscuous
it must be switched to promiscuous to grab packets from it. so you can see firewall logs in file or gui.
you can see filterlog process in activity
Logged

Scanline

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #11 on: December 05, 2020, 08:30:24 am »
I don't have the log anymore.

After I shut down my workstation the behavior stopped and hasn't returned since I turned my workstation back on.

/Edit: I can confirm that when the config interface isn't opened inside a browser, the issue doesn't appear, so far.

Code: [Select]
Dec  4 22:45:09 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:45:09 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:46:00 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:46:00 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:47:08 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:47:08 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:57:09 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:57:09 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  4 22:57:22 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  4 22:57:22 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:00:18 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:00:18 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:01:17 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:01:17 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:03 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:03 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:04 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:04 OPNsense kernel: pflog0: promiscuous mode enabled
Dec  5 10:04:06 OPNsense kernel: pflog0: promiscuous mode disabled
Dec  5 10:04:06 OPNsense kernel: pflog0: promiscuous mode enabled[/code
10:10 I closed the tab, it is now 13:00
/Edit2

It returned :(

Code: [Select]
2020-12-05T14:23:30 configd.py[932] [3e58f1c1-c342-4232-8a86-2eb1a10d2276] Show log
2020-12-05T14:23:28 configd.py[932] message d851624f-959f-433c-914d-4f5a9f98e48a [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:23:27 configd.py[932] [bad6ac7a-e482-4fc9-9bd3-92712d30124d] updating dyndns WG_MULLVAD_GW
2020-12-05T14:23:27 configd.py[932] [d851624f-959f-433c-914d-4f5a9f98e48a] refresh url table aliases
2020-12-05T14:23:27 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:23:27 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:23:27 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:23:26 configd.py[932] [9c1e580f-0f4c-417d-b3b1-c6e91e18aa48] generate template OPNsense/Filter
2020-12-05T14:23:26 configd.py[932] [46cc3743-03f3-41bc-ad71-d1e56308cf07] Reloading filter
2020-12-05T14:23:17 configd.py[932] [548e5ab7-3531-4626-b02c-b59e542cdc88] Show log
2020-12-05T14:23:16 configd.py[932] message bb9b39c7-5de1-48d1-ad69-cf8ec06dc41f [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:23:15 configd.py[932] [9b70e446-811e-453f-a8f6-9080b7970cc6] updating dyndns WG_MULLVAD_GW
2020-12-05T14:23:15 configd.py[932] [bb9b39c7-5de1-48d1-ad69-cf8ec06dc41f] refresh url table aliases
2020-12-05T14:23:15 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:23:15 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:23:15 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:23:15 configd.py[932] [09e0421f-0234-4a64-83c3-ea7b724a1b16] generate template OPNsense/Filter
2020-12-05T14:23:14 configd.py[932] [64538364-3f9d-4e7f-abd7-bd53c40f5c8e] Reloading filter
2020-12-05T14:23:11 configd.py[932] [cdfbf8f1-c37e-4925-a20e-888dcddf2e8a] Reading system temperature values
2020-12-05T14:23:11 configd.py[932] [b15ff43a-9e15-4ff1-af19-85b6cd11bea6] request pfctl byte/packet counters
2020-12-05T14:23:05 configd.py[932] [675b97f2-a13c-43a6-a1d8-7f15d5419810] Reading system temperature values
2020-12-05T14:23:04 configd.py[932] [ad933e3b-2087-4ccf-9273-e8eae74b2dca] request pfctl byte/packet counters
2020-12-05T14:21:54 configd.py[932] message e24066b6-3639-45a2-ae3e-87a7e115aa94 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:21:53 configd.py[932] [f7dbdaa5-97f5-45c2-a8c7-d84d1e622cec] updating dyndns WG_MULLVAD_GW
2020-12-05T14:21:53 configd.py[932] [e24066b6-3639-45a2-ae3e-87a7e115aa94] refresh url table aliases
2020-12-05T14:21:53 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:21:53 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:21:53 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:21:53 configd.py[932] [262dbfda-0787-488d-9bfd-711df39c16c7] generate template OPNsense/Filter
2020-12-05T14:21:52 configd.py[932] [5382f17d-9631-4214-abbd-4b3f188e12d4] Reloading filter
2020-12-05T14:21:38 configd.py[932] message 1528e4cf-deab-437e-ab7e-642befea130b [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:21:37 configd.py[932] [3c92a705-a7d3-4f1c-97dd-c42c2c611c00] updating dyndns WG_MULLVAD_GW
2020-12-05T14:21:37 configd.py[932] [1528e4cf-deab-437e-ab7e-642befea130b] refresh url table aliases
2020-12-05T14:21:37 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:21:37 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:21:37 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:21:37 configd.py[932] [69a767ac-fa99-4434-8212-14eab983bf7c] generate template OPNsense/Filter
2020-12-05T14:21:36 configd.py[932] [bb52bea8-6036-49e6-805f-12fdf1fda36c] Reloading filter
2020-12-05T14:20:37 configd.py[932] message 1ea589b6-aac6-405b-8d91-52415f8965da [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:20:36 configd.py[932] [8604bf9d-9a8e-41f6-8bc9-d473172fdeb3] updating dyndns WG_MULLVAD_GW
2020-12-05T14:20:36 configd.py[932] [1ea589b6-aac6-405b-8d91-52415f8965da] refresh url table aliases
2020-12-05T14:20:36 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:20:36 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:20:35 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:20:35 configd.py[932] [a0d8911e-60b7-48a8-8e96-7747d332d130] generate template OPNsense/Filter
2020-12-05T14:20:35 configd.py[932] [a8e35c13-1faf-4bf5-ae0b-911bb2610e19] Reloading filter
2020-12-05T14:20:12 configd.py[932] message dcb11523-e364-4623-bfab-4c9a81d68409 [filter.refresh_aliases] returned {"status": "ok"}
2020-12-05T14:20:11 configd.py[932] [93e2b77b-759f-46bb-b5cb-80be5c387212] updating dyndns WG_MULLVAD_GW
2020-12-05T14:20:11 configd.py[932] [dcb11523-e364-4623-bfab-4c9a81d68409] refresh url table aliases
2020-12-05T14:20:11 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-12-05T14:20:11 configd.py[932] OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-12-05T14:20:10 configd.py[932] generate template container OPNsense/Filter
2020-12-05T14:20:10 configd.py[932] [5514d7ad-a5c0-4f1a-b65c-f0b7989a26b2] generate template OPNsense/Filter
2020-12-05T14:20:10 configd.py[932] [a9624d75-cc33-472a-9f45-628ed007f408] Reloading filter
Code: [Select]
2020-12-05T14:23:27 kernel pflog0: promiscuous mode enabled
2020-12-05T14:23:27 kernel pflog0: promiscuous mode disabled
2020-12-05T14:23:15 kernel pflog0: promiscuous mode enabled
2020-12-05T14:23:15 kernel pflog0: promiscuous mode disabled
2020-12-05T14:22:20 sudo[38393] *** : TTY=pts/1 ; PWD=/home/*** ; USER=root ; COMMAND=/usr/local/sbin/opnsense-shell
2020-12-05T14:22:20 sudo[38393] *** : TTY=pts/1 ; PWD=/home/*** ; USER=root ; COMMAND=/usr/local/sbin/opnsense-shell
2020-12-05T14:22:20 opnsense[18336]
2020-12-05T14:22:20 opnsense[18336] user *** authenticated successfully for sudo [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:22:16 sshd[49163] Accepted keyboard-interactive/pam for *** from 192.168.10.3 port 40538 ssh2
2020-12-05T14:22:16 sshd[49163] Postponed keyboard-interactive/pam for *** from 192.168.10.3 port 40538 ssh2 [preauth]
2020-12-05T14:22:16 opnsense[90495]
2020-12-05T14:22:16 opnsense[90495] user *** authenticated successfully for sshd [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:22:13 sshd[49163] Postponed keyboard-interactive for *** from 192.168.10.3 port 40538 ssh2 [preauth]
2020-12-05T14:22:13 sshd[49163] error: PAM: Authentication error for *** from 192.168.10.3
2020-12-05T14:22:13 sshd[49163] error: PAM: Authentication error for *** from 192.168.10.3
2020-12-05T14:22:13 opnsense[52151]
2020-12-05T14:22:13 opnsense[52151] user *** could not authenticate for sshd. [using OPNsense\Auth\Services\System + OPNsense\Auth\Local]
2020-12-05T14:21:53 kernel pflog0: promiscuous mode enabled
2020-12-05T14:21:53 kernel pflog0: promiscuous mode disabled
2020-12-05T14:21:37 kernel pflog0: promiscuous mode enabled
2020-12-05T14:21:37 kernel pflog0: promiscuous mode disabled
2020-12-05T14:20:36 kernel pflog0: promiscuous mode enabled
2020-12-05T14:20:36 kernel pflog0: promiscuous mode disabled
2020-12-05T14:20:11 kernel pflog0: promiscuous mode enabled
2020-12-05T14:20:11 kernel pflog0: promiscuous mode disabled
« Last Edit: December 05, 2020, 02:27:23 pm by Scanline »
Logged

Fright

  • Hero Member
  • *****
  • Posts: 1777
  • Karma: 164
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #12 on: December 06, 2020, 10:54:24 am »
Quote
I can confirm that when the config interface isn't opened inside a browser, the issue doesn't appear, so far.
intresting. there is some logic
Quote
It returned
again with GUI opened?
can you determine which tab it is associated with? Dashboard?
« Last Edit: December 06, 2020, 10:56:26 am by Fright »
Logged

Scanline

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #13 on: December 06, 2020, 11:34:44 am »
Today I removed the cause for this entry:

2020-12-05T14:21:53   configd.py[932]   [f7dbdaa5-97f5-45c2-a8c7-d84d1e622cec] updating dyndns WG_MULLVAD_GW

WG_MULLVAD_GW didn't even exist anymore, so far I don't didn't have a single issue in > 5 h. Yesterday the issue was getting worse the later it got. Also with my PC shut down and nothing accessing the web front end. Let's see if it was the dpinger thing. So far, it looks good.
Logged

Ricardo

  • Full Member
  • ***
  • Posts: 233
  • Karma: 12
    • View Profile
Re: kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
« Reply #14 on: December 07, 2020, 09:57:01 am »
Quote from: Fright on December 05, 2020, 07:06:38 am
@Scanline
Quote
https://pastebin.com/K7GPEhN0
can you please share backend log for the same period?

@Ricardo
Quote
that pflog0 interfqce does in fact
firewall (pf) logging (log) interface. pf sends packets that you choose to log to this interface (adding some its headers)
Quote
and why its switching back and forth to promiscuous
it must be switched to promiscuous to grab packets from it. so you can see firewall logs in file or gui.
you can see filterlog process in activity

So if I understood you correctly, pflog0 promisc enable/disable should only happen when I watch the logs of the firewall (e.g. GUI firewall Live view)?
Logged
  • Print
Pages: [1] 2 3
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • kernel: pflog0: promiscuous mode dis-/enabled MORE OFTEN THAN every 15 min
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2