System logs
-
I see these repeating in the system logs
Dec 11 16:16:41 php-fpm 396 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 11 16:16:41 php-fpm 396 /rc.openvpn: Gateway, NONE AVAILABLE Dec 11 16:16:40 check_reload_status 428 Reloading filter Dec 11 16:16:40 check_reload_status 428 Restarting OpenVPN tunnels/interfaces Dec 11 16:16:40 check_reload_status 428 Restarting IPsec tunnels Dec 11 16:16:40 check_reload_status 428 updating dyndns WAN_DHCPAnyone an idea were these come from? I do not use IPSec or OpenVPN or have any interfaces configured (anymore) on pfSense
-
assume you are asking about the restarting messages "check_reload_status" specifically?
they appear even if you don't run OpenVPN or IPsec or dyndns
system is just checking if it needs to do something. No harmnot related but if you are NOT running dyndns you can turn off the "Check IP Services" it will stop the system from checking your IP in at checkip.dyndns.org
-
Yeah those are expected, whether or not you are running any VPNs, when an interface bounces for any reason.
-
@jrey Did not know that, why is it default enabled?
-
Sorry No Clue, just know that it is.
Someone didn't think it should be disabled by default and then only enabled if/when dyndns is setup.
Doing that might take an extra line of code or something.. who knows. -
Mmm, that's interesting. I don't believe it actually connects out to that if there is no dyndns service configured. I don't see it doing so in a pcap.
-
according the logs previously it was, that's how I noticed it was enabled and why I turned it off
Since I don't run DynDNS and never have they only way I could have possibly known it was enabled was because of chatter in the logs.
Disabled it - no more chatter.Admittedly, that was a couple of versions ago. and it could have changed, but has been disabled here ever since with no reason for me to look back.
-
Yeah I don't think it actually checks though. It just logs that it's updating anything that is configured. That same way it still logs updates for IPSec and OpenVPN even if none are configured.
-
Not that log my friend
(I know what you are assuming I was looking at)-- the dns log, outbound traffic etc all showed the hits at the time.. that's what tipped me into tracking down the source and turning it off. Not using DynDNS, I initially didn't even know where the setting was, just that there was periodic traffic.
again awhile ago so maybe the behaviour has changed since then
for me disabled is the right choice. - that way 100% there is no chatter from it - ever -
-
Ah I see! Yeah, no reason to leave it enabled really.
-
Strange disabled it, but it keeps popping up in the system logs?
-
The Check IP being disabled has nothing to do with those messages.
same answer as before.
@jrey said in System logs:
they appear even if you don't run OpenVPN or IPsec or dyndns
system is just checking if it needs to do something. No harmcheck_reload_status == the system asking if it should be running something and saying that it has asked.
The message are misleading as they give the impression they are doing something like "restarting" / "updating"
when in fact when you are not running those services, it should likely just say something like
"Checked OpenVPN Status - disabled" or;
and when you are running them
"Checked OpenVPN Status - Restarting"Logging that implies an action is being taken when it is not, is just poor logging. IMHO
-
@jrey said in System logs:
assume you are asking about the restarting messages "check_reload_status" specifically?
they appear even if you don't run OpenVPN or IPsec or dyndns
system is just checking if it needs to do something. No harmnot related but if you are NOT running dyndns you can turn off the "Check IP Services" it will stop the system from checking your IP in at checkip.dyndns.org
Sorry, my mistake I associated the Check IP Services with the logging, so I have read it wrong, as you clearly stated; "not related, but if you are...."
