pfBlockerNG fullfill the pfsense config history

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Have you installed the shellcmd package?
Do you see any shellcmd related messages in the pfblockerng.log file?

grep -i shellcmd /var/log/pfblockerng/pfblockerng.log

John

Hum...
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **
** Adding earlyshellcmd settings **
** Adding shellcmd package settings **

But no shellcmd package installed !

serbus

Hello!

Are you using ram disks?

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Are you using ram disks?

John

Yes I do

serbus

Hello!

It looks like there is a issue in the pfb code (bad reference var usage in pfb_aliastables()) where it tries to create the earlyshellcmd and shellcmdsettings. Those changes never make it into the config.xml, so it just keeps trying to write them everytime pfb updates.

It might be a problem if you are using ramdisks. It is actually writing a "new" config file every time, so the logging is correct.

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

It looks like there is a issue in the pfb code (bad reference var usage in pfb_aliastables()) where it tries to create the earlyshellcmd and shellcmdsettings. Those changes never make it into the config.xml, so it just keeps trying to write them everytime pfb updates.

It might be a problem if you are using ramdisks. It is actually writing a "new" config file every time, so the logging is correct.

John

OK...
What should I do ?
Where is the bug ? How can I help ?

serbus

Hello!

In /usr/local/pkg/pfblockerng/pfblockerng.inc, function pfb_aliastables

The code initializes placeholders in the config and creates variable references to them using:

init_config_arr(array('system', 'earlyshellcmd'));
$a_earlyshellcmd = &$config['system']['earlyshellcmd'];

init_config_arr(array('installedpackages', 'shellcmdsettings', 'config'));
$a_shellcmdsettings = &$config['installedpackages']['shellcmdsettings']['config'];

Later on in the $mode == 'conf' clause, it goes to populate those config settings, but before that it does :

// Reload config.xml to get any recent changes
$config = parse_config(true);

I think reparsing the config has the effect of wiping out the config placeholders that were created in the init_config_arr calls, and the var references are invalid. The final write_config works, but it is missing the new shell related items.

You can comment out the call to parse_config and it will work, but you will not "get any recent changes"

I suppose you could also move the parse_config to the top of the function, before the init_config_arr calls, and that could work, but you might be reparsing the config more than needed.

Or maybe something else is going on....:)

John

Autourdupc

@serbus
If I remove RAM disk, will it work ?

serbus

Hello!

Disabling the ram disk should stop the frequent "saving earlyshellcmd" config file updates.

John

Autourdupc

@serbus said in pfBlockerNG fullfill the pfsense config history:

Hello!

Disabling the ram disk should stop the frequent "saving earlyshellcmd" config file updates.

John

Great... Thanks... I will.

Is there a way to place this bug on a bug tracker ?

Autourdupc

@serbus
I removed RAM disk and it works correctly.
I also opened a bug report for this in the bug tracker.

Thank you very much for your time and your help, greatly appreciated.

Laurent.