Alias тип host(s)
-
@lucas1
Утилита pfctl имеет опцию проверки синтаксиса файла конфигурации PF. Попробуйте запустить её на предмет ошибок. Должна быть причина, по которой таблица не создаётся из файла -
Скрин Alias покажите.
-
@werter
Насчет пустых таблиц. Если alias не участвует в правиле Firewall его таблица будет пустой.На англоязычном форуме это решают уже давно.
И кроме указанного вами решения Cron другого нету. -
@lucas1
Решение с кроном - рабочее. Пользую его >2-х лет. Может в будущих релизах и пофиксят. -
В журнале DNS Resolver:
unbound 72676:1 notice: sendto failed: No buffer space available
Эти записи повторяются.
-
@lucas1
Версия пф свежая?unbound 72676:1 notice: sendto failed: No buffer space available --> google
-
@werter
Все свежее. Вчера завезли.Вообщем из личных наблюдений.
Если host еще не участвует в каком-то alias, то с ним все нормально. И таблицей тоже.
Если host входит в несколько aliases, то нормальная таблица по одному только alias. -
@werter Привет
Судя по исходникам на Github - пофиксили
Если интересно , скачал исходники , собрал filterdns , могу выслать для тестирования
По моим наблюдениям , работает как надо[2.4.4-RELEASE][admin@pfSense.localdomain]/root: pfctl -t test_alias -Ts 5.255.255.5 5.255.255.50 8.8.8.8 77.88.55.50 77.88.55.88 2a02:6b8:a::a [2.4.4-RELEASE][admin@pfSense.localdomain]/root: pfctl -t test_alias2 -Ts 5.255.255.5 5.255.255.50 77.88.55.50 77.88.55.88 2a02:6b8:a::a
Jan 12 21:27:55 pfSense filterdns: Received signal Hangup(1). Jan 12 21:27:55 pfSense filterdns: merge_config: configuration reload Jan 12 21:27:55 pfSense filterdns: Copied 3 actions to old Jan 12 21:27:55 pfSense filterdns: Adding Action: pf table: test_alias host: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Adding host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Adding Action: pf table: test_alias host: 8.8.8.8 Jan 12 21:27:55 pfSense filterdns: Adding Action: pf table: test_alias2 host: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Copied 3 actions to new Jan 12 21:27:55 pfSense filterdns: Cleaning up action type: pf table: test_alias hostname: 8.8.8.8 Jan 12 21:27:55 pfSense filterdns: Loaded actions: 1 old and 2 new = 3 total Jan 12 21:27:55 pfSense filterdns: Cleaning up previous actions Jan 12 21:27:55 pfSense filterdns: Cleaning up action type: pf table: test_alias2 hostname: www.tks.ru Jan 12 21:27:55 pfSense filterdns: Cleaning up action type: pf table: test_alias hostname: www.tks.ru Jan 12 21:27:55 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1) Jan 12 21:27:55 pfSense filterdns: Awaking from the sleep for hostname www.tks.ru (1) Jan 12 21:27:55 pfSense filterdns: Cleaning up hostname www.tks.ru Jan 12 21:27:55 pfSense filterdns: removing address 77.221.158.141 from host www.tks.ru Jan 12 21:27:55 pfSense filterdns: Stopped 2 old actions Jan 12 21:27:55 pfSense filterdns: Creating a new thread for action type: pf table: test_alias2 hostname: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Creating a new thread for action type: pf table: test_alias hostname: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Creating a new thread for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: adding address 77.88.55.88 for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: adding address 5.255.255.50 for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: adding address 5.255.255.5 for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: adding address 77.88.55.50 for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: adding address 2a02:6b8:a::a for host www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Change detected on host: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias hostname: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 2a02:6b8:a::a Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.50 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 5.255.255.5 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 5.255.255.50 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.88 Jan 12 21:27:55 pfSense filterdns: Updated pf table test_alias host: www.yandex.ru error: 0 Jan 12 21:27:55 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias2 hostname: www.yandex.ru Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 2a02:6b8:a::a Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.50 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 5.255.255.5 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 5.255.255.50 Jan 12 21:27:55 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.88 Jan 12 21:27:55 pfSense filterdns: Updated pf table test_alias2 host: www.yandex.ru error: 0
-
@Konstanti
Спасибо, но подожду готовое )
И через время (по умолч - 5 мин) оно автоматом алиасы перечитывает и обновляет? Или только при создании\добавление новых ресурсов в алиас? Проверяли? Именно в этом и есть проблема. -
Jan 14 14:40:40 pfSense filterdns: Adding Action: pf table: test_alias host: www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Adding host www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Adding Action: pf table: test_alias host: 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Adding host 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Adding Action: pf table: test_alias2 host: www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Creating a new thread for action type: pf table: test_alias hostname: www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Creating a new thread for action type: pf table: test_alias hostname: 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Creating a new thread for action type: pf table: test_alias2 hostname: www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Creating a new thread for host www.yandex.ru Jan 14 14:40:40 pfSense filterdns: Creating a new thread for host 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: adding address 8.8.8.8 for host 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Change detected on host: 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias hostname: 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Added pf address, table: test_alias host: 8.8.8.8 address: 8.8.8.8 Jan 14 14:40:40 pfSense filterdns: Updated pf table test_alias host: 8.8.8.8 error: 0 Jan 14 14:40:41 pfSense filterdns: adding address 77.88.55.66 for host www.yandex.ru Jan 14 14:40:41 pfSense filterdns: adding address 5.255.255.60 for host www.yandex.ru Jan 14 14:40:41 pfSense filterdns: adding address 5.255.255.70 for host www.yandex.ru Jan 14 14:40:41 pfSense filterdns: adding address 77.88.55.60 for host www.yandex.ru Jan 14 14:40:41 pfSense filterdns: adding address 2a02:6b8:a::a for host www.yandex.ru Jan 14 14:40:41 pfSense filterdns: Change detected on host: www.yandex.ru Jan 14 14:40:41 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias hostname: www.yandex.ru Jan 14 14:40:41 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias2 hostname: www.yandex.ru Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 2a02:6b8:a::a Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 2a02:6b8:a::a Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.60 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.60 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 5.255.255.70 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 5.255.255.70 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 5.255.255.60 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 5.255.255.60 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.66 Jan 14 14:40:41 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.66 Jan 14 14:40:41 pfSense filterdns: Updated pf table test_alias host: www.yandex.ru error: 0 Jan 14 14:40:41 pfSense filterdns: Updated pf table test_alias2 host: www.yandex.ru error: 0 Jan 14 14:45:39 pfSense filterdns: Awaking from the sleep for hostname www.yandex.ru (2) Jan 14 14:45:39 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1) Jan 14 14:50:39 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1) Jan 14 14:50:39 pfSense filterdns: Awaking from the sleep for hostname www.yandex.ru (2) Jan 14 14:55:39 pfSense filterdns: Awaking from the sleep for hostname www.yandex.ru (2) Jan 14 14:55:39 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1) Jan 14 15:00:39 pfSense filterdns: Awaking from the sleep for hostname www.yandex.ru (2) Jan 14 15:00:39 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1) Jan 14 15:00:39 pfSense filterdns: adding address 77.88.55.70 for host www.yandex.ru Jan 14 15:00:39 pfSense filterdns: removing address 77.88.55.60 from host www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Change detected on host: www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias hostname: www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.70 Jan 14 15:00:39 pfSense filterdns: FAILED to remove pf address, table: test_alias host: www.yandex.ru address: 77.88.55.60 error: -1 Jan 14 15:00:39 pfSense filterdns: Updated pf table test_alias host: www.yandex.ru error: -1 Jan 14 15:00:39 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias2 hostname: www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Added pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.70 Jan 14 15:00:39 pfSense filterdns: FAILED to remove pf address, table: test_alias2 host: www.yandex.ru address: 77.88.55.60 error: -1 Jan 14 15:00:39 pfSense filterdns: Updated pf table test_alias2 host: www.yandex.ru error: -1 Jan 14 15:05:39 pfSense filterdns: Awaking from the sleep for hostname 8.8.8.8 (1)
-
@Konstanti
Супер. Осталось 2.4.5 дождаться ) -
@werter
Ну , да )))
В процессе тестирования вылезла одна ошибка
Я у себя ее поправил , теперь все работает нормально ,по-моему
БылоJan 14 15:00:39 pfSense filterdns: Change detected on host: www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Awaking from the sleep for type: pf table: test_alias hostname: www.yandex.ru Jan 14 15:00:39 pfSense filterdns: Added pf address, table: test_alias host: www.yandex.ru address: 77.88.55.70 Jan 14 15:00:39 pfSense filterdns: FAILED to remove pf address, table: test_alias host: www.yandex.ru address: 77.88.55.60 error: -1 Jan 14 15:00:39 pfSense filterdns: Updated pf table test_alias host: www.yandex.ru error: -1
Стало
Jan 16 17:37:57 pfSense filterdns: Awaking from the sleep for hostname www.netflix.com (2) Jan 16 17:37:57 pfSense filterdns: adding address 54.84.155.179 for host www.netflix.com Jan 16 17:37:57 pfSense filterdns: removing address 52.20.168.249 from host www.netflix.com Jan 16 17:37:57 pfSense filterdns: Updated pf table test_alias host: www.netflix.com error: 0
Те программа отрабатывала нормально , но в логах писала об ошибке