Error msg when updating URL blocklst
-
pfSense+ 24.11 beta Oct 31 build. Upgrade from 24.3 was smooth.
When updating a URL blocklist alias, I see the following in my system logs:
Nov 8 06:17:31 php-cgi 96331 rc.update_urltables: /etc/rc.update_urltables: Updated ET_Block content from https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt: 11 addresses added. Nov 8 06:17:31 php-cgi 96331 rc.update_urltables: The command '/usr/bin/tar -czf '/cf/conf/RAM_Disk_Store/ET_Block.txt.tgz' -C / '/var/db/aliastables/ET_Block.txt'' returned exit code '1', the output was 'tar: Failed to open '/cf/conf/RAM_Disk_Store/ET_Block.txt.tgz''
The table does get updated, so perhaps this is cosmetic. FWIW, I use RAM disks for /tmp and /var, each set for 256MB.
-
Are you manually updating it to trigger this?
Does it happen at every update or only when there are updates to the alias?
Steve
-
To me, this looks like the /cf/conf/RAM_Disk_Store directory hasn't been created, so while the table is updated on the live system the archive hasn't been stored to the ram disk. I will make a small correction.
-
@stephenw10 For that example, I manually triggered a table update. But it happens when the updates occur on schedule. I have four blocklists defined - here is from earlier today:
Nov 8 12:30:14 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Updated Threatview content from https://threatview.io/Downloads/IP-High-Confidence-Feed.txt: 11 addresses added. Nov 8 12:30:14 php-cgi 37922 rc.update_urltables: The command '/usr/bin/tar -czf '/cf/conf/RAM_Disk_Store/Threatview.txt.tgz' -C / '/var/db/aliastables/Threatview.txt'' returned exit code '1', the output was 'tar: Failed to open '/cf/conf/RAM_Disk_Store/Threatview.txt.tgz'' Nov 8 12:30:13 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Updated FireHOLweb content from https://iplists.firehol.org/files/firehol_webclient.netset: 25 addresses added. Nov 8 12:30:13 php-cgi 37922 rc.update_urltables: The command '/usr/bin/tar -czf '/cf/conf/RAM_Disk_Store/FireHOLweb.txt.tgz' -C / '/var/db/aliastables/FireHOLweb.txt'' returned exit code '1', the output was 'tar: Failed to open '/cf/conf/RAM_Disk_Store/FireHOLweb.txt.tgz'' Nov 8 12:30:08 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Updated ET_Compromised content from https://rules.emergingthreats.net/blockrules/compromised-ips.txt: 162 addresses added. Nov 8 12:30:08 php-cgi 37922 rc.update_urltables: The command '/usr/bin/tar -czf '/cf/conf/RAM_Disk_Store/ET_Compromised.txt.tgz' -C / '/var/db/aliastables/ET_Compromised.txt'' returned exit code '1', the output was 'tar: Failed to open '/cf/conf/RAM_Disk_Store/ET_Compromised.txt.tgz'' Nov 8 12:30:08 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: ET_Block does not need updating. Nov 8 12:30:08 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Starting URL table alias updates Nov 8 12:30:01 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Sleeping for 7 seconds. Nov 8 12:30:01 php-cgi 37922 rc.update_urltables: /etc/rc.update_urltables: Starting up.
Thanks for looking at this - much appreciated.
-
Ah, so it is only when addresses are added to the alias. Let me try to replicate it...
-
@artenpie can you verify for me whether or not the /cf/conf/RAM_Disk_Store directory actually exists?
-
@rlinnemann No, the only subdirectory there is /cf/conf/backup/
-
For reference:
https://redmine.pfsense.org/issues/15830 -
@marcosm Is this the same?
I get an error message, when I reboot my machine at night times via cron. Because of all the fuzz about disk writes, I use the RAM Disk in pfSense lately and haven't seen this message before, I think. Think, because I constantly change things...
-
Hmm, how are you rebooting? Those should get backed and restored at boot when you have ram disks.
I'm running that combination here and don't see that error.
-
@marcosm This patch worked in the beta, and the issue is not present in the RC. Here is the target directory with the backup files present after upgrading the beta to RC and then running the update of the URL blocklists. Everything appears correct.
/cf/conf/RAM_Disk_Store ET_Block.txt.tgz 6.06 KiB ET_Compromised.txt.tgz 4.24 KiB FireHOLweb.txt.tgz 14.22 KiB Threatview.txt.tgz 5.98 KiB
-
@artenpie thanks for confirming!