1.2.1 upgrade resulted in outdated bogon list.
-
Where can we start the bogon updater manually?
-
You can find the source of the updater in /etc/crontab
-
Really?
Which of those lines does it? ;-)
* root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 ssh
* root /etc/pppoerestart
* root /usr/local/sbin/squid -k rotate
* root /usr/bin/perl /usr/local/www/lightsquid/lightparser.pl today -
Looks like you are missing some entries. Here is my /etc/crontab:
$ cat /etc/crontab
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#minute hour mday month wday who commandpfSense specific crontab entries
Created: December 26, 2008, 6:38 pm
0 * * * * root /usr/bin/nice -n20 newsyslog
1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a
1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh
*/60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update*/60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
*/60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c
*/5 * * * * root /usr/local/bin/checkreload.sh
*/5 * * * * root /etc/ping_hosts.sh
*/140 * * * * root /usr/local/sbin/reset_slbd.shIf possible do not add items to this file manually.
If you do so, this file must be terminated with a blank line (e.g. new line)
-
I copied /etc/rc.update_bogons.sh to a temporary script, removed the sleep and ran it.
-
Thanks!
Dec 30 12:04:50 root: 11 addresses deleted.
Dec 30 12:04:50 root: Bogons file downloaded: 1 addresses added.
Dec 30 12:04:48 root: rc.get_bogons.sh is beginning the update cycle.
Dec 30 12:04:48 root: rc.get_bogons.sh is starting up.Actually, I seem to be missing some cron jobs on all the machines I updates from 1.2rel or 1.2.1RCs
Could be an update glitch? Scott? ;-)Time for a fresh install…
-
Updating from 1.2.1 (with updated bogon list) to 1.2.2 resulted in the same problem with old bogons. Just a FYI.
-
I updated it in CVS a few days ago. Existing installs will always update to the latest on the first of every month, or you can run it manually to update right away.
-
If you don't have the update in /etc/crontab, it's because it's in the cron entries in your config.xml. Newer installs won't have it in /etc/crontab but older ones will. It works the same either way.
-
I've a 1.2.2 version.
My /etc/crontab is empty:
SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin HOME=/var/log #minute hour mday month wday who command #and I couln't find any cron entry in config.xml
I need a fresh install?
-
and I couln't find any cron entry in config.xml
I need a fresh install?
Shouldn't. You sure there isn't anything in your config like this:
<cron><minute>0</minute>
<hour></hour>
<mday></mday>
<month></month>
<wday></wday>
<who>root</who>
<command></command>/usr/bin/nice -n20 newsyslogThat came from a years-old install upgraded to 1.2.2.</cron>
-
@cmb:
Shouldn't. You sure there isn't anything in your config like this:
<cron><minute>0</minute>
<hour></hour>
<mday></mday>
<month></month>
<wday></wday>
<who>root</who>
<command></command>/usr/bin/nice -n20 newsyslogThat came from a years-old install upgraded to 1.2.2.</cron>
No, it isn't.
I've only
For example I've bogon filtering activated, but neither in cron or in config.xml appear the script to update them.
What I can do? -
Backup your config, open it in a text editor and replace <cron>with this:
<cron><minute>0</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 newsyslog <minute>1,31</minute> <hour>0-5</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 adjkerntz -a <minute>1</minute> <hour>3</hour> <mday>1</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout <minute>1</minute> <hour>1</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c <minute>*/5</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/local/bin/checkreload.sh <minute>*/5</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/etc/ping_hosts.sh <minute>*/300</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/local/sbin/reset_slbd.sh</cron>Will see if I can figure out how you don't have that.</cron>
-
Thank you!
Just added!
