Community Forum

Resolved
0 votes
Last night, about 3am EST, Our firewall crapped itself. We are still running 6.9.0 Final. We plan to upgrade to 7 soonish, but yeah.

Now, it does it every once in awhile if we are adding or removing IP's from the block list. So we are careful to do this after hours, because the firewall will crash. Here is a snippet of the logs when it crashed:

Mar 15 02:58:24 gateway firewall: Blocking external host: 131.147.0.0/16 ...
Mar 15 02:58:24 gateway firewall: Running firewall panic mode... ...
Mar 15 02:58:25 gateway events: software_updates - event occurred ...
Mar 15 02:58:25 gateway events: software_updates - triggered hook: central-management ...
Mar 15 02:58:29 gateway firewall: Synchronizing multipath routing tables... ...
Mar 15 02:58:29 gateway firewall: Loading environment ...
Mar 15 02:58:29 gateway firewall: Assuming device is a LAN interface: eth2 ...
Mar 15 02:58:29 gateway firewall: Detected WAN role for interface: eth0 ...
Mar 15 02:58:29 gateway firewall: Detected WAN role for interface: eth1 ...
Mar 15 02:58:29 gateway firewall: Detected LAN role for interface: eth3 ...
Mar 15 02:58:29 gateway firewall: Detected LAN role for interface: eth2 ...
Mar 15 02:58:29 gateway firewall: Execution time: 0.140s ...
Mar 15 02:59:15 gateway software-updates: log: ------------------- software update ------------------------------ ...
Mar 15 02:59:15 gateway software-updates: log: software updates installing... ...
Mar 15 02:59:15 gateway software-updates: log: Loaded plugins: clearcenter-marketplace, fastestmirror ...
Mar 15 02:59:15 gateway software-updates: log: Setting up Install Process ...
Mar 15 02:59:15 gateway software-updates: log: ClearCenter Marketplace: fetching repositories... ...

Can anyone please help or point me in the right direction so I know what to start digging for ?

Thanks,
Gary!
Thursday, March 15 2018, 03:48 PM
Share this post:
Responses (2)
  • Accepted Answer

    Thursday, April 12 2018, 04:28 PM - #Permalink
    Resolved
    0 votes
    Everything was in iptables, so the block list was HUGE.

    We have in the past 3 weeks, upgraded from Clearos 6.9 to the latest version, and are using ipset now. So we all good :P
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, March 15 2018, 10:36 PM - #Permalink
    Resolved
    0 votes
    Can I ask how big your blocklist is and how you are implementing it?
    The reply is currently minimized Show
Your Reply