On Fri, Jan 15, 2016 at 11:59 PM, Steve Yates <st...@teamits.com> wrote: > I don't like leaving things not fully stable so I bit the bullet and > clicked "Remove Enable/Disable changes in the current Category" so it would > at least sync. To my surprise it did not help, even after doing it on > router2 as well. Then I noticed the CARP sync was also starting to fail. > > After thinking about it a bit I restarted router2 and syncing > immediately worked again. That implies something was wrong with the XMLRPC > sync that wasn't fixed by restarting webConfigurator and/or PHP-FPM. Notably > there was a config sync fix included in pfSense 2.2.6... >
That was strictly the upgrade to lighttpd to fix a regression they introduced in the updated version new in 2.2.5. http://redmine.lighttpd.net/issues/2670 The fact you're hitting at least one lighttpd crash makes me think there's some other issue there, though no one else has seen any issues in 2.2.6, the issue in 2.2.5 wasn't replicable in most cases either. There's a reason nginx is now the web server in 2.3. That could be an issue in the Suricata package, given the web server only crashed once it appears. Since you end up in a situation where you're stuck until restarting php-fpm, that points to the issue being in PHP, though an issue in lighttpd could impact PHP. Not sure offhand whether Suricata is even usable in 2.3, but that might be worth a shot. If you want to troubleshoot the sync, maybe the easiest way is to switch to HTTP temporarily, packet capture the config sync traffic, follow TCP stream in Wireshark. That's usually telling to at least narrow it down much more. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold