[NOOB] CSRF check failed. [SOLVED] => ReInstall

Started by MarieSophieSG, October 11, 2024, 12:10:30 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 12, 2024, 01:41:23 AM #15 Last Edit: October 12, 2024, 08:02:38 PM by MarieSophieSG
Quote from: cookiemonster on October 12, 2024, 12:07:28 AM
Previous:
> On all 5 clients all at the same time ?
No, this web dev tools is useful to delete specific cookies and to analyse the browser-server conversation. Just the one machine being used to diagnose is sufficient.

Sorry, my meaning was about the suggestion that it could be a client-side problem rather than central OPNsense, my reaction was: On all five client at the same time ? (if it was a coockie or browser problem)

Anyway, as I SSH'd reboot, which was refused, and even opt. 5 OFF, so I hard switched it off and I just took the box out of its shelf, went back to the wokbench, screen+keyboard => reinstall

I saw many weird messages at first, and a long time hanging, clamAV was still installed and running (despite being removed from the GUI), etc .. so that convinced me to do a fresh reinstall

Much quicker than the first, on the user side :-p

Now all access back up and running ... will do a backup right away in this "stock running" state, and then I will resume my tentative to have all laptops accessing both NAS as by default, LANs don't communicate with each others
Hunsn RS39 (N5105, 4x i225) 24.7.5_0 testing
LAN1 = swtch1 Laptop1 MX23, NAS, Laptop2 Win10
LAN2 = WiFi router AP, Laptop2, tablet, phone, printer, IoT, etc.
LAN3 = Swtch2 Laptop3 Suse; Laptop4 Qube-OS/Win10, printer
Pretending to be tech Savvy with a HomeLab :-p
October 12, 2024, 01:16:08 PM #16
While going through all set-up, I saw:
Code Select
Enable HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against protocol downgrade attacks and cookie hijacking.

And

Code Select
Disable HTTP_REFERER enforcement check
When this is unchecked, access to the web GUI is protected against HTTP_REFERER redirection attempts. Check this box to disable this protection if you find that it interferes with web GUI access in certain corner cases such as using external scripts to interact with this system. More information on HTTP_REFERER is available from Wikipedia.


Which I may have triggered in the previous config, not sure but it rings me some bell, I think I did the first HSTS ...
Could that be the reason ?
Hunsn RS39 (N5105, 4x i225) 24.7.5_0 testing
LAN1 = swtch1 Laptop1 MX23, NAS, Laptop2 Win10
LAN2 = WiFi router AP, Laptop2, tablet, phone, printer, IoT, etc.
LAN3 = Swtch2 Laptop3 Suse; Laptop4 Qube-OS/Win10, printer
Pretending to be tech Savvy with a HomeLab :-p
October 12, 2024, 04:45:02 PM #17
yes, I was going to suggest to change as a test that but it was a chicken and egg situation.
Glad you're fine again.
December 05, 2024, 03:12:11 PM #18
I have the same problem. Latest opnsense on hyper-v installation and it crash all. When try log in to admin panel get:
CSRF check failed. Your form session may have expired, or you may not have cookies enabled.
I have old version opnsense on second VM and never getting this error...
Any idea?
December 05, 2024, 03:18:38 PM #19
Your browser opens a cached page with the wrong CSRF token. Just flush your cache.


Cheers,
Franco
March 03, 2025, 09:06:45 PM #20
Just had same problem, this message appeared on any browser. Turned to be lack of free space, result of extreme filter.log sizes last few days due to overly active ssh bruteforcing. Found this post while attempting to get in line to ssh. As i understand in this case Opnsense was reinstalled without free space check, so it is quite possible it had same problem,
August 15, 2025, 07:51:34 PM #21 Last Edit: August 15, 2025, 08:08:35 PM by abranca
I have the same problem.
Fresh setup. Disk full.

Code Select
root@fwl:/var/log # df -h
Filesystem            Size    Used   Avail Capacity  Mounted on
zroot/ROOT/default    1.5G    1.5G      0B   100%    /
devfs                 1.0K      0B    1.0K     0%    /dev
/dev/gpt/efiboot0     260M    1.3M    259M     1%    /boot/efi
zroot/home             96K     96K      0B   100%    /home
zroot/var/mail         96K     96K      0B   100%    /var/mail
zroot                  96K     96K      0B   100%    /zroot
zroot/usr/ports        96K     96K      0B   100%    /usr/ports
zroot/tmp             416K    416K      0B   100%    /tmp
zroot/var/audit        96K     96K      0B   100%    /var/audit
zroot/var/crash        96K     96K      0B   100%    /var/crash
zroot/usr/src          96K     96K      0B   100%    /usr/src
zroot/var/log         105G    105G      0B   100%    /var/log
zroot/var/tmp          96K     96K      0B   100%    /var/tmp
devfs                 1.0K      0B    1.0K     0%    /var/dhcpd/dev
The problem is in /usr folder. The most big folders are:
Code Select
9.0M    /usr/local/share/locale
 10M    /usr/local/share/GeoIP
 16M    /usr/local/opnsense/www
 16M    /usr/local/share/man
 18M    /usr/local/share/icu
 23M    /usr/local/sbin
 25M    /usr/local/bin
 28M    /usr/local/opnsense
 41M    /usr/local/lib/perl5
 45M    /usr/local/etc/suricata
 48M    /usr/local/etc
 65M    /usr/local/share
 99M    /usr/local/include/boost
120M    /usr/local/include
294M    /usr/local/lib/python3.11
459M    /usr/local/lib
772M    /usr/local
I don't have touch the partition schema, I have setup opnsense from official iso and restored previous config backup.

August 15, 2025, 08:16:33 PM #22
Your /var/log dataset is obviously the largest one.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 15, 2025, 09:34:41 PM #23
Solved. It's Suricata. I added a second line (LTE/4G) for backup and included it in Suricata for testing. I haven't removed it from the interfaces.
Print
Go Up Pages 1 2
User actions