I run OPNsense as a home router system, along with a VPN that I frequently access while not at home.
Recently, while I was away, the system at some point became inaccessible from outside. When I returned home, I did not notice any signs of past power outages (which could have caused an unclean shutdown with data corruption). I noticed that, while it still responded to ping requests from inside, the serial console was no longer responding, the web GUI was unreachable from both inside and outside, and there was no Internet connectivity.
I power-cycled the device, and it came up cleanly and everything worked again. Since logs before the system boot were lost, I have no obvious signs as to the cause of the crash – it could have been a malfunction or a DOS attack.
I have switched from pfSense only recently, and had a few instances of this kind (though some cases could be attributed to hardware failures).
Now I am wondering: is there a way to configure OPNsense to detect such a state and trigger a system reboot? If there are no built-in features, I was thinking about a script which does some basic health checks, and upon identifying a system malfunction, triggers a reboot. That script could be run as a cron job at e.g. hourly intervals (or whatever your maximum acceptable downtime is). Health checks could include running processes, responsiveness of certain network services, possibly external network connectivity (after ruling out failures on the ISP side).
Obviously, this will not help in case of a hardware failure, or any hiccup which would prevent even cronjobs (or whatever the check mechanism is) from running. Also, looking into ways to prevent DOS attacks in the first place (including timely installation of security updates) is probably a good idea as well, though not a 100% guarantee.
Are there any approaches to achieve what I want, i.e. periodic health checks with reboot on failure, on the device itself?
