On Tue, May 17, 2011 at 9:14 AM, Shibashish <[email protected]> wrote:
> Hi, > > I am running pfSense 2.0-RC1 (i386) as FW + LB. I saw a > weird behavior yesterday on the box, the webonfigurator was working and i > was able to add/change rules as well as load-balancing policies, but the > policies would not take effect, i.e. there was no change in the > traffic behavior although it showed that the configuration was in effect. I > tried to change the lb pool, redirect to different set of backend servers, > still no change. On digging further, i found 2 lines in "dmesg" ... > Remember that there are active sessions which are in the firewall state table, these sessions will continue to work regardless of your changes until these sessions expired. I am no expert on the server load balancer so I am not sure whether states are removed when changes are made to pool (i know states are changed when there is a server that is marked as down). So someone else will need to answer on that. > > WARNING: / was not properly dismounted > WARNING: R/W mount of / denied. Filesystem is not clean - run fsck > This indicates that there was a hard reboot and the system was not cleanly shutdown due to a power failure, OS crash or similar. So on the next boot a file system check took place to ensure the consistency of the file system which would have fixed any problems automatically. > But, I was able to create and rm a file on the file-system. There was no > hard reboot of the server and it had an uptime of 45+ days. > This would then have happened prior to the 45 days. > > 1. Why should the filesystem become dirty... how do i prevent it? > Besides a hard reboot from an OS crash, use a UPS to ensure the system is up when there is a power failure so that you can at least have time to shut it down. > 2. Shouldn't the webconfigurator show warnings/errors if this happens? > No since fsck fixes the file system on boot. If it didn't or could not fix it, the system would not boot and drop you to a shell. You would then have to manually fix it. thanks -- .warren
