CRON job hung with high CPU useage



  • Hello all,
    I hope I'm providing enough information, if not just let me know.
    I'm new to PFSense but I've been getting better, and just last week I began using DNSBL to block advertisements across my network.
    Everything was running smoothly until this morning, when everything seemed… slower...
    Viewing PFBlockerNG's logs show the service is stuck on a CRON task involving DNSBL, "top -aSH" shows multiple CRON instances hogging CPU cycles, and the home interface shows 100% usage.
    I know my system isn't ridiculously powerful, but it should be strong enough to blacklist domains and cache downloads, so what gives? Has anyone else experienced this?
    Thanks for the help
    ![2016-11-22 (1).png](/public/imported_attachments/1/2016-11-22 (1).png)
    ![2016-11-22 (1).png_thumb](/public/imported_attachments/1/2016-11-22 (1).png_thumb)
    ![2016-11-22 (2).png](/public/imported_attachments/1/2016-11-22 (2).png)
    ![2016-11-22 (2).png_thumb](/public/imported_attachments/1/2016-11-22 (2).png_thumb)


  • Banned

    Don't enable any of the fancy deduplication and other features in pfBlockerNG.



  • Deduplication is not turned on. Could it be anything else? Should I change the Download Failure Threshold to a value below unlimited? Could that be what's causing it to hang?



  • Alright, so I disabled PFBlockerNG, rebooted the system, then re-enabled it, and now I have some context:
    ===[  DNSBL Process  ]================================================
    Missing DNSBL stats and/or Unbound DNSBL conf file - Rebuilding

    Does this have to do with custom DNSBL blacklists and should remove them/start from scratch?


  • Moderator

    Not sure why it created so many duplicate "cron" processes, but I would suggest either a reboot or killing the duplicate "cron" pids:

    ps auxww | grep pfb
    

    then

    kill -9 
    

    Follow that with a "Force Update" and see if it completes. Does the Box have any issues resolving DNS queries?



  • Thanks, that dropped my CPU usage enough for me to be able to interact with the GUI.
    I'm going to uninstall PFBlockerNG and reinstall with a Spamhaus blacklist instead, perhaps it was having issues with my current blacklists
    I have had no issues browsing or using my network other than the fact that it was pretty slow, so I don't think I had any DNS problems



  • I'm seeing the exact same issue on my system, which has been running fine for around 1 year up until (I would guess) a couple of days ago.

    Killing the offending PIDs returns the system to normal, until the cron runs again.

    Offending process:

    /usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron
    

    Cron entry (should this even be there, if pfBlockerNG is already running?!):

    0	*	*	*	*	root	/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> /var/log/pfblockerng/pfblockerng.log 2>&1
    

    Reinstalling pfBlockerNG hasn't resolved the issue.

    Top:

    last pid: 15767;  load averages:  1.04,  0.89,  0.68  up 0+15:39:23    23:08:19
    147 processes: 4 running, 128 sleeping, 15 waiting
    
    Mem: 240M Active, 318M Inact, 253M Wired, 1684K Cache, 165M Buf, 150M Free
    Swap: 1024M Total, 11M Used, 1013M Free, 1% Inuse
    
      PID USERNAME PRI NICE   SIZE    RES STATE    TIME    WCPU COMMAND
    19147 root     102    0   224M 29644K RUN      8:11 100.00% /usr/local/bin/php /usr/local/www/pfblockerng
        0 root     -16    -     0K   176K swapin  32.2H   0.00% [kernel{swapper}]
       11 root     155 ki31     0K    16K RUN    128:51   0.00% [idle]
    14950 root      20    0 21624K  4560K select   5:26   0.00% /usr/local/sbin/openvpn --config /var/etc/ope
    13877 root      20    0 21624K  4528K select   4:33   0.00% /usr/local/sbin/openvpn --config /var/etc/ope
        0 root     -92    -     0K   176K -        0:58   0.00% [kernel{em0 taskq}]
       12 root     -60    -     0K   240K WAIT     0:38   0.00% [intr{swi4: clock}]
       12 root     -72    -     0K   240K WAIT     0:36   0.00% [intr{swi1: netisr 0}]
        0 root     -92    -     0K   176K -        0:22   0.00% [kernel{em1 taskq}]
    80302 unbound   20    0   454M   434M kqread   0:14   0.00% /usr/local/sbin/unbound -c /var/unbound/unbou
    85221 root      20    0   101M  4704K select   0:10   0.00% /usr/local/bin/vmtoolsd -c /usr/local/share/v
       15 root     -16    -     0K    16K -        0:06   0.00% [rand_harvestq]
        7 root     -16    -     0K    16K pftm     0:04   0.00% [pf purge]
    86254 root      52   20 17000K  2180K wait     0:04   0.00% /bin/sh /var/db/rrd/updaterrd.sh
    63232 root      23    0   224M 29964K nanslp   0:03   0.00% /usr/local/bin/php -f /usr/local/pkg/pfblocke
    85597 dhcpd     20    0 24812K 12516K select   0:02   0.00% /usr/local/sbin/dhcpd -user dhcpd -group _dhc
    78154 root      20    0 15012K  2192K nanslp   0:02   0.00% [dpinger{dpinger}]
    78478 root      20    0 15012K  2196K nanslp   0:02   0.00% [dpinger{dpinger}]
    
    

  • Moderator



  • @BBcan177:

    See the following:
    https://forum.pfsense.org/index.php?topic=102470.msg671811#msg671811

    That seems to have fixed it. Thanks!