pfSense Integration

danbutter · September 20, 2023, 11:39pm

Gotcha. Yeah not all of the integrations do that and I couldn’t remember if this one did. I guess this is one that doesn’t. Hopefully you don’t end up with duplicate entities that you can’t delete like I did when I was testing the integration out. Let us know how it works for you.

travisghansen · September 26, 2023, 12:21am

I never added that as other integrations didn’t at the time of initial development. It’s something I am happy to add if that’s the current pattern.

Of note you can manually edit the hass config file and update the ip/etc.

travisghansen · September 26, 2023, 12:23am

I don’t follow the forums much sorry. If you could create an issue on github I would love to figure out what the issue is and get it solved.

As an aside, if the integration has been removed those errors in the logs should go away. Maybe something else is going on?

Astergiou · October 16, 2023, 9:53am

Hello to all,

I am using this integration to pull statistics of my pfsense to home assistant which is working but I have 1 major issue the integration is crashing pfSense!
I am on latest pf Sense version and pfSense has crashed 3 times afte integrating with home assistant with XMLRPC errors.

Anyone else has the issue? Any solution or workaround?

Just crashed again
Some logs before restarting

|Oct 16 12:42:23|radiusd|1148|(107) Login OK: [nagiostest] (from client NagiosXI port 0)|
|---|---|---|---|
|Oct 16 12:40:00|sshguard|36531|Now monitoring attacks.|
|Oct 16 12:40:00|sshguard|53820|Exiting on signal.|
|Oct 16 12:39:45|check_reload_status|405|Reloading filter|
|Oct 16 12:39:45|php-fpm|59501|/rc.ipsec: IPSEC: One or more IPsec tunnel gateways have changed. Refreshing.|
|Oct 16 12:39:30|php-fpm|75419|/rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use INTERNET_PPPOE.|
|Oct 16 12:39:30|php-fpm|75419|/rc.openvpn: Gateway, NONE AVAILABLE|
|Oct 16 12:39:30|php-fpm|75419|/rc.openvpn: Gateway, NONE AVAILABLE|
|Oct 16 12:39:29|check_reload_status|405|Reloading filter|
|Oct 16 12:39:29|check_reload_status|405|Restarting OpenVPN tunnels/interfaces|
|Oct 16 12:39:29|check_reload_status|405|Restarting IPsec tunnels|
|Oct 16 12:39:29|check_reload_status|405|updating dyndns INTERNET_PPPOE|
|Oct 16 12:39:29|rc.gateway_alarm|81418|>>> Gateway alarm: INTERNET_PPPOE (Addr:62.169.255.59 Alarm:0 RTT:34.144ms RTTsd:27.325ms Loss:20%)|
|Oct 16 12:38:54|check_reload_status|405|Reloading filter|
|Oct 16 12:38:54|php-fpm|368|/rc.ipsec: IPSEC: One or more IPsec tunnel gateways have changed. Refreshing.|
|Oct 16 12:38:39|php-fpm|60814|/rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use INTERNET_PPPOE.|
|Oct 16 12:38:39|php-fpm|60814|/rc.openvpn: Gateway, NONE AVAILABLE|
|Oct 16 12:38:39|php-fpm|60814|/rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'INTERNET_PPPOE'|
|Oct 16 12:38:38|check_reload_status|405|Reloading filter|
|Oct 16 12:38:38|check_reload_status|405|Restarting OpenVPN tunnels/interfaces|
|Oct 16 12:38:38|check_reload_status|405|Restarting IPsec tunnels|
|Oct 16 12:38:38|check_reload_status|405|updating dyndns INTERNET_PPPOE|
|Oct 16 12:38:38|rc.gateway_alarm|89621|>>> Gateway alarm: INTERNET_PPPOE (Addr:62.169.255.59 Alarm:1 RTT:31.122ms RTTsd:24.406ms Loss:21%)|
|Oct 16 12:38:06|check_reload_status|405|Reloading filter|
|Oct 16 12:38:06|check_reload_status|405|Syncing firewall|
|Oct 16 12:38:06|php-fpm|75419|/firewall_shaper_vinterface.php: Configuration Change: [email protected] (Local Database): Traffic Shaper: Changes applied|
|Oct 16 12:37:59|check_reload_status|405|Syncing firewall|
|Oct 16 12:37:59|php-fpm|367|/firewall_shaper_vinterface.php: Configuration Change: [email protected] (Local Database): Traffic Shaper: New pipe added|
|Oct 16 12:37:27|check_reload_status|405|Reloading filter|
|Oct 16 12:37:27|php-fpm|368|/rc.ipsec: IPSEC: One or more IPsec tunnel gateways have changed. Refreshing.|
|Oct 16 12:37:23|radiusd|1148|(106) Login OK: [nagiostest] (from client NagiosXI port 0)|
|Oct 16 12:37:12|php-fpm|86902|/rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed IP addresses. Reloading endpoints that may use INTERNET_PPPOE.|
|Oct 16 12:37:12|php-fpm|86902|/rc.openvpn: Gateway, NONE AVAILABLE|
|Oct 16 12:37:12|php-fpm|86902|/rc.openvpn: Gateway, NONE AVAILABLE|
|Oct 16 12:37:11|check_reload_status|405|Reloading filter|
|Oct 16 12:37:11|check_reload_status|405|Restarting OpenVPN tunnels/interfaces|
|Oct 16 12:37:11|check_reload_status|405|Restarting IPsec tunnels|
|Oct 16 12:37:11|check_reload_status|405|updating dyndns INTERNET_PPPOE|
|Oct 16 12:37:11|rc.gateway_alarm|76766|>>> Gateway alarm: INTERNET_PPPOE (Addr:62.169.255.59 Alarm:0 RTT:33.876ms RTTsd:27.323ms Loss:17%)|
|Oct 16 12:37:00|sshguard|53820|Now monitoring attacks.|

thank you

GSzabados · October 18, 2023, 4:51pm

Is it really pfSense crashing or rather your PPPOE internet is failing miserably? I see 20 and 21% loss and 1 alarm.

Astergiou · October 18, 2023, 5:16pm

No pppoe has not any problem
Packet loss was at that point because the line was 100% loaded downloading…
And yes it is crashing due to xmlrpc calls

GSzabados · October 18, 2023, 6:32pm

But your log has zero mention of xmlrpc. I see only that due to the failing gateway on the PPPOE it reloads the firewall settings, but not crashing.

Astergiou · October 18, 2023, 6:45pm

I haven’t uploaded the gui logs with xmlrpc but now that I have disabled the integration pfsense is rock solid

GSzabados · October 18, 2023, 7:00pm

Then what do you expect, if your other log does not contain any crash? And don’t you think crashing pfSense wouldn’t be a vulnerability for the system?
And just out of curiosity, which latest version of pfSense do you mean? Community Edition or Plus?

GSzabados · October 26, 2023, 12:55pm

Just a heads up:

danbutter · October 26, 2023, 11:00pm

Yeah. I never thought that would last.

GSzabados · October 27, 2023, 12:43am

That was a quick one.

spady7 · November 2, 2023, 4:32pm

Hi, is there a way to Enable/Disable “pfBlockerNG” from HA ?
I can’t see any switch or entity under HA’s pfsense integration.
Regards

brosef · November 4, 2023, 9:11am

Does anyone know what entity I need to switch to enable/disable the traffic shaper?

travisghansen · November 12, 2023, 4:49pm

I don’t think you can enable/disable currently, but you can start/stop services.

travisghansen · November 12, 2023, 4:50pm

I don’t think I have any integration with the traffic shaper currently. Open an issue on github and I can probably address it at some point.

Mastiff · December 12, 2023, 5:06pm

Hi! Suddenly the integration refuses to start. I get this error message both in the house and in the cabin:

Setup failed for custom integration pfsense: Unable to import component: cannot import name 'async_get_registry' from 'homeassistant.helpers.entity_registry' (/usr/src/homeassistant/homeassistant/helpers/entity_registry.py)

Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/setup.py", line 215, in _async_setup_component
    component = integration.get_component()
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/loader.py", line 818, in get_component
    ComponentProtocol, importlib.import_module(self.pkg_path)
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<frozen importlib._bootstrap>", line 1204, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1176, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1147, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 690, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 940, in exec_module
  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
  File "/config/custom_components/pfsense/__init__.py", line 23, in <module>
    from homeassistant.helpers.entity_registry import async_get_registry
ImportError: cannot import name 'async_get_registry' from 'homeassistant.helpers.entity_registry' (/usr/src/homeassistant/homeassistant/helpers/entity_registry.py)

I’m sure it’s something with an update of Hass, everything that goes wrong in my life, phone, car, pc, servers, happens because of updates. I am running in Docker, if that matters.

Edit: I do not have similar errors on anything else.

firstof9 · December 12, 2023, 8:31pm

Update your integration.

Mastiff · December 13, 2023, 8:15am

Thanks! And weird (not to mention embarassing…). I downloaded the latest version from the website yesterday and copied it into the custom components, choosing to overwrite everything. For some reason it didn’t, on either of the two Pi’s that are running this integration.

allischalmersman · December 19, 2023, 6:31am

Is there a way to get interface utilization in bits/sec instead of Bytes ? Preferably mb/sec. Network Engineer here and we don’t typically measure / monitor in Bytes/sec. I feel like I’m missing a setting somewhere.