Machine "pfsense" removed after reboot

[pvillmann]

Hi,

i'am using crowdsec on my pfsense as central LAPI. (6 Log processors for different applications).

The problem is, after each reboot of pfsense the crowdsec service starts not automatically because the local "machine" cannot connect to "local lapi". On the Machine list there is no "pfsense" machine listed.

If I run after each startup the command "cscli machine add pfsense -a --force" and start then the crowdsec service manually, everthing works fine.

Any ideas?

Thanks a lot :)

[p-schneider]

I have the same issue. I already mentioned that in a comment on another issue https://github.com/crowdsecurity/pfSense-pkg-crowdsec/issues/84#issuecomment-1873790678

But other than that workaround after every boot I don't know how to fix it.

Maybe it's related to the fact that the setting for "LAPI host" is set to something that's not the default. (not 127.0.0.1)

[mmetc]

For this issue, I think the reason is you have /var in a ram disk. If that's not the case, please try the latest version

https://github.com/crowdsecurity/pfSense-pkg-crowdsec/releases/tag/v0.1.4-1.6.3_2

[pvillmann]

Hi... sorry i forgot to give feeback here... After i have updated to 1.6.2 and register my local pfsense instance again to 127.0.0.1 everything works fine... So at the end, for me, issue can be closed.

[p-schneider]

For me that issue still persists with the latest v0.1.4-1.6.3_2 (having local lapi host set to my LAN IP instead of 127.0.0.1). But the workaround I've been using for a long time also still works, so I'll keep doing that for now.

[mmetc]

If you do so, check the bouncer logs for any surprise. It's also stored in the local db and if it can't connect, there is no protection. If you have /var in ram see if you can change that