pfBlockerNG fullfill the pfsense config history

Autourdupc

Hi !

I set pfBlockerNG to update DNSBL hourly, and it works fine.
But this hourly update use to be logged in the pfsense config history, and this cause the history to be full of pfBlockerNG update, so we rae unable to restore settings from other services.

It could be great if pfBlockerNG could manage its own log file and only use pfsense config history to log changes in settings made by operator (not by cron).

Autourdupc

Hi all !

No help about this issue ?

NollipfSense

@Autourdupc Are you using pfBlockerNG-devel? If not, that's the version you should install.

Autourdupc

@NollipfSense said in pfBlockerNG fullfill the pfsense config history:

@Autourdupc Are you using pfBlockerNG-devel? If not, that's the version you should install.

Hello.
I'm using pfBlockerNG-devel !

serbus

Hello!

Have you installed the shellcmd package?
Do you see any shellcmd related messages in the pfblockerng.log file?

grep -i shellcmd /var/log/pfblockerng/pfblockerng.log

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Have you installed the shellcmd package?
Do you see any shellcmd related messages in the pfblockerng.log file?

grep -i shellcmd /var/log/pfblockerng/pfblockerng.log

John

Hum...
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **

But no shellcmd package installed !

serbus

Hello!

Are you using ram disks?

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Are you using ram disks?

John

Yes I do

serbus

Hello!

It looks like there is a issue in the pfb code (bad reference var usage in pfb_aliastables()) where it tries to create the earlyshellcmd and shellcmdsettings. Those changes never make it into the config.xml, so it just keeps trying to write them everytime pfb updates.

It might be a problem if you are using ramdisks. It is actually writing a "new" config file every time, so the logging is correct.

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

It looks like there is a issue in the pfb code (bad reference var usage in pfb_aliastables()) where it tries to create the earlyshellcmd and shellcmdsettings. Those changes never make it into the config.xml, so it just keeps trying to write them everytime pfb updates.

It might be a problem if you are using ramdisks. It is actually writing a "new" config file every time, so the logging is correct.

John

OK...
What should I do ?
Where is the bug ? How can I help ?

serbus

Hello!

In /usr/local/pkg/pfblockerng/pfblockerng.inc, function pfb_aliastables

The code initializes placeholders in the config and creates variable references to them using:

init_config_arr(array('system', 'earlyshellcmd'));
$a_earlyshellcmd = &$config['system']['earlyshellcmd'];

init_config_arr(array('installedpackages', 'shellcmdsettings', 'config'));
$a_shellcmdsettings = &$config['installedpackages']['shellcmdsettings']['config'];

Later on in the $mode == 'conf' clause, it goes to populate those config settings, but before that it does :

// Reload config.xml to get any recent changes
$config = parse_config(true);

I think reparsing the config has the effect of wiping out the config placeholders that were created in the init_config_arr calls, and the var references are invalid. The final write_config works, but it is missing the new shell related items.

You can comment out the call to parse_config and it will work, but you will not "get any recent changes"

I suppose you could also move the parse_config to the top of the function, before the init_config_arr calls, and that could work, but you might be reparsing the config more than needed.

Or maybe something else is going on....:)

John

Autourdupc

@serbus
If I remove RAM disk, will it work ?

serbus

Hello!

Disabling the ram disk should stop the frequent "saving earlyshellcmd" config file updates.

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Disabling the ram disk should stop the frequent "saving earlyshellcmd" config file updates.

John

Great... Thanks... I will.

Is there a way to place this bug on a bug tracker ?

Autourdupc

@serbus
I removed RAM disk and it works correctly.
I also opened a bug report for this in the bug tracker.

Thank you very much for your time and your help, greatly appreciated.

Laurent.