2.5.0, authentication working, but wpa_supplicant stuck at 100% CPU (single core)

[Aerowinder]

I installed 2.5.0 snapshots to test Wireguard, and the supplicant bypass still works. Only problem is that after authentication, wpa_supplicant sits at 100% CPU forever. Killing the process fixes the issue, authentication is not affected.

Add this code into the authentication loop, just before the 'break' command to kill the process automatically without having to open an SSH session:

#A bug in pfSense 2.5 causes wpa_supplicant to run at 100% CPU after authentication. It will not stop unless the process is killed. PID=$(pgrep -f "wpa_supplicant") if [ ${PID} > 0 ]; then /usr/bin/logger -st "pfatt" "a bug in pfsense 2.5 makes wpa_supplicant run at 100% cpu after authentication, terminating process PID ${PID}..." RES=$(kill ${PID}) fi

[Aerowinder]

Final update for now. I've been tshooting this on and off for days.

If you kill wpa_supplicant process, pfSense will not re-authenticate when it needs to (<24h), and the Internet will simply die as a result. The workaround for this is to 'pgrep -f wpa_supplicant' then 'kill ' and re-run the script. This will re-authenticate you properly without the CPU usage bug. Annoying, but at least its working.

But there's another problem I've experienced on my Protectli Vault 6P. Whenever I start pulling down a file "quickly", say <20MB/s, the WAN (ngeth0) flakes out and drops connection after some seconds/minutes. After a few seconds of wetting itself, it will re-establish a connection. It does this until you stop downloading. I ruled out my cabling and devices. I reintroduce the AT&T RG (IP Passthru) into the mix and reset my pfSense settings to "normal", and everything is fine. No issues.

There's not much information about the supplicant bypass and 2.5.DEVEL, but there are some major issues. I suspect once 2.5 is final and people start trying to upgrade, they will notice the massive breakages. Anyhow, I hope this information helps somebody.