Netgate SG-1000 microFirewall

Author Topic: Added limiter resulted in spontaneous reboots  (Read 134 times)

0 Members and 1 Guest are viewing this topic.

Offline Heimire

  • Full Member
  • ***
  • Posts: 119
  • Karma: +6/-0
    • View Profile
Added limiter resulted in spontaneous reboots
« on: January 16, 2018, 10:51:24 am »
pfsense 2.4.2 in HA mode.

Steps taken to create this mess.
On primary.
Added traffic limiter by:
Firewall/traffic shaper
Limiters
Added new
Name: l3df
bandwidth 15mb
mask: source address
Rest default

Then added to a rule
Firewall/rules
OpenVPN
edit rule
Selected the limiter for In pipe.

Hit save.

It made the primary firewall reboot.
Come up for about 15 seconds then reboot.
This continued none stop.

It replicated the settings to the backup firewall.
The backup firewall did the same thing but it crashed the file system and never came back up at all.

I managed to get into the firewall and disable the limiter and that fixed the primary. (took over an hour).
On the backup firewall I had to fix the file system and then it came backup.

Its pretty scary that a simple mistake like this will shut down both your primary and secondary.

It would be nice to have a delay in replicating firewall rules that can kill your primary. 

I assume there are no way to delay firewall rules/settings replication to prevent situations like this.



Offline afrojoe

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Added limiter resulted in spontaneous reboots
« Reply #1 on: February 12, 2018, 04:28:58 pm »
you and me both brother... I have the same symptoms in 2.4.2_1

Just have to leave my limiters off right now.... 

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9819
  • Karma: +1107/-311
    • View Profile
Re: Added limiter resulted in spontaneous reboots
« Reply #2 on: February 12, 2018, 05:45:30 pm »
Long-standing bug. Fixed in 2.4.3.

https://redmine.pfsense.org/issues/4310
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline afrojoe

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Added limiter resulted in spontaneous reboots
« Reply #3 on: February 17, 2018, 08:54:38 pm »
Sweeeeeet