Bind doesn't work after reinstall it

Gertjan

@Katoz said in Bind doesn't work after reinstall it:

thrown in /usr/local/pkg/bind.inc

So, it's installed, files are present - or there are leftovers.
Remove it from the GUI.

Then visit manually (console, option 8) /usr/local/pkg
Remove here any file that is bind related (id doubt, read the file with your eyes, these are all text files)
If a folder 'bind' exists here, remove it (remove files in it, and the remove the folder).

Make a copy of your config.
Use viconfig (it's an adapted version of vi, the editor) and search for any 'bind' or 'named' related sections and their content - start with the <installedpackages> section

If there are any, remove them.
Save and exit.
Reboot pfSense.

You should be fine.

@Katoz said in Bind doesn't work after reinstall it:

because for some reason

Probably the reason for all this.

Katoz

I remove it from the GUI, in /usr/local/pkg there was no file releted to bind but I searched in the backup file and the configuration for bind is still there:

Spoiler

		</service>
		<service>
			<name>nut</name>
			<rcfile>nut.sh</rcfile>
			<executable>upsmon</executable>
			<description><![CDATA[UPS monitoring daemon]]></description>
		</service>
		<bind>
			<config>
				<enable_bind></enable_bind>
				<bind_ip_version>-4</bind_ip_version>
				<listenon>lan</listenon>
				<bind_notify></bind_notify>
				<bind_hide_version>on</bind_hide_version>
				<bind_ram_limit>256M</bind_ram_limit>
				<bind_logging>on</bind_logging>
				<log_severity>warning</log_severity>
				<log_options>default</log_options>
				<rate_enabled>on</rate_enabled>
				<log_only>no</log_only>
				<rate_limit></rate_limit>
				<bind_forwarder>on</bind_forwarder>
				<bind_forwarder_ips></bind_forwarder_ips>
				<listenport>53</listenport>
				<controlport>953</controlport>
				<bind_custom_options></bind_custom_options>
				<bind_global_settings></bind_global_settings>
			</config>
		</bind>
		<bindzone></bindzone>
		<bindviews></bindviews>
		<squidcache>
			<config>

Just to be sure, I have to delete everything between <bind> and </bindviews> included? And can I use the "Edit file" function in the diagnostics tab instead of using vi/vim?

kiokoman

1 yes,

2 the best would be:
go to diagnostic - backup & restore
do a backup, open it with your preferred editor, personally i use notepad++
delete that line
save in a new file
go to the pfsense and restore that file
reboot

3 what version of pfsense is that?

Katoz

Ok I will do this later.

It's the 2.4.4 version

Gertjan

@Katoz said in Bind doesn't work after reinstall it:

in /usr/local/pkg there was no file releted to bind

A file that doesn't exist can't throw errors.
You said :

@Katoz said in Bind doesn't work after reinstall it:

thrown in /usr/local/pkg/bind.inc on line 305

thus bind.inc exists over there.

@Katoz said in Bind doesn't work after reinstall it:

between <bind> and </bindviews> included?

Iadvise you to remove everything between
<bind>
and
</bind>

Btw : viconfig is fun.
But it's vi .... so .... well ... I understand.
Plan 2 from @kiokoman is probably better.

Katoz

Maybe I misunderstood what you told me before but I did this:

-Uninstalled Bind from the GUI
-I checked if there were still files related to Bind in /usr/local/pkg
-I modified the configuration file and removed the lines
-Restore the file

Then I installed Bind again but nothing has changed and continues to throw errors, I did it immediately after the message from @kiokoman but I forgot to press "Submit"

kiokoman

i give you the list of all the files installed by bind
first uninstall from the gui f you can
then check if all this file are deleted:

pfSense-pkg-bind-9.12:
        /etc/inc/priv/bind.priv.inc
        /usr/local/pkg/bind.inc
        /usr/local/pkg/bind.xml
        /usr/local/pkg/bind_acls.xml
        /usr/local/pkg/bind_sync.xml
        /usr/local/pkg/bind_views.xml
        /usr/local/pkg/bind_zones.xml
        /usr/local/pkg/pkg_bind.inc
        /usr/local/share/licenses/pfSense-pkg-bind-9.12/APACHE20
        /usr/local/share/licenses/pfSense-pkg-bind-9.12/LICENSE
        /usr/local/share/licenses/pfSense-pkg-bind-9.12/catalog.mk
        /usr/local/share/pfSense-pkg-bind/info.xml
        /usr/local/www/widgets/widgets/bind.widget.php

pfsense-bind911-9.11.4P1_1:
        /usr/local/bin/bind9-config
        /usr/local/bin/isc-config.sh
        /usr/local/etc/mtree/BIND.chroot.dist.sample
        /usr/local/etc/mtree/BIND.chroot.local.dist.sample
        folder ->        /usr/local/etc/namedb
        /usr/local/etc/rc.d/named
        folder ->        /usr/local/include/bind9
        folder ->        /usr/local/include/dns
        folder ->        /usr/local/include/irs/
        folder ->        /usr/local/include/isc/
        /usr/local/sbin/ddns-confgen
        /usr/local/sbin/lwresd
        /usr/local/sbin/named
        /usr/local/sbin/named-checkconf
        /usr/local/sbin/named-checkzone
        /usr/local/sbin/named-compilezone
       folder ->       /usr/local/include/lwres
       folder ->      /usr/local/include/pk11/
       folder ->      /usr/local/include/pkcs11/
       /usr/local/lib/libbind9.a
       /usr/local/lib/libdns.a
       /usr/local/lib/libirs.a
       /usr/local/lib/libisc.a
       /usr/local/lib/libisccc.a
       /usr/local/lib/libisccfg.a
       /usr/local/lib/liblwres.a
        /usr/local/sbin/rndc
        /usr/local/sbin/rndc-confgen
        /usr/local/sbin/tsig-keygen
        /usr/local/share/licenses/pfsense-bind911-9.11.4P1_1/LICENSE
        /usr/local/share/licenses/pfsense-bind911-9.11.4P1_1/MPL20
        /usr/local/share/licenses/pfsense-bind911-9.11.4P1_1/catalog.mk

check for this file/folder and delete them

Katoz

I only found /usr/local/share/licenses/bind-tools-9.12.2P1 but it was not in the list, I delete it anyway?

kiokoman

bah it will be reinstalled anyway. most importantly.. the problem is not caused by bind leftover..

so let's see what that 305 lines do...

// Config Zone domain
	// Add ACLS
bla bla bla
array("name" => "none", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));

are you sure you have deleted
<bind></bind>
<bindzone></bindzone>
<bindviews></bindviews>
from the config ?
it is failing to configure the array for "BIND Built-in ACL" that should be inside the config

you should search for "bind" in all your config.

there are 2 ways to repair this. the ease one and the time consuming one

the ease one but less fun .. would be to select a previusly working config. like the one done before installing bind.
Diagnostics- > Backup & Restore -> Config History

Katoz

I'm sure I've deleted those lines, there are others but they are:

<squidguardgeneral>
			<config>
				<squidguard_enable>on</squidguard_enable>
				<ldap_enable></ldap_enable>
				<ldapbinddn></ldapbinddn>

<darkstat>
			<config>
				<enable>on</enable>
				<capture_interfaces>lan,opt1,wan</capture_interfaces>
				<bind_interfaces></bind_interfaces>
				<port>666</port>

<revision>
		<time>1567866343</time>
		<description><![CDATA[(system): Removed bind package.]]></description>
		<username>(system)</username>

I have no idea when I installed Bind, I have been trying to make it work for months and in any case Config History only goes up to today at noon.
I assume the problem is the configuration file so even if I did a clean install of Pfsense and restore the file the problem remains

kiokoman

check if you have something like this

	<bindacls>
		<config>
			<name>none</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row>
				<value></value>
				<description></description>
			</row>
			<row>
				<value></value>
				<description></description>
			</row>
		</config>
		<config>
			<name>any</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
		<config>
			<name>localhost</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
		<config>
			<name>localnets</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
	</bindacls>

Katoz

there is only <bindacls></bindacls>

kiokoman

on a clean system i have this where i never installed bind afaik
pls add this to your config

	<bindacls>
		<config>
			<name>none</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
		<config>
			<name>any</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
		<config>
			<name>localhost</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
		<config>
			<name>localnets</name>
			<description><![CDATA[BIND Built-in ACL]]></description>
			<row></row>
			<row></row>
		</config>
	</bindacls>

Katoz

It worked! I changed the configuration file and installed bind and now appears in the services menu. Now I just have to see if it really works but I'm too tired, I'll do it tomorrow.

In the meantime, thank you all for helping me :)

kiokoman

good.. for all my hard work don't forget to press "thumb up"