Alias reload

fireix

Is there a method to get pfSense to query the URL alias and reload the changes at an intervall? I have an external public list with IPs I want to be read and activated for instance every hour or so. It is working with the external URL and the list is grabbed into pfSense for each time I manually Save the url, but it isn't very practical to have to log into fw, find alias list, save it and push Reload for each time a single new IP appear in the list.

viragomann

Get cron package if you haven't already.

You will find this etry:

Modify it to fit your needs.

fireix

Perfect, thanks :)

fireix

I ran this command manually from shell, but it didn't do anything (beside taking a minute to complete). I can see that the URL I have added under alias isn't called :(

johnpoz

Your talking about aliases right - they default to resolving every 5 minutes (300 seconds)

Or are you talking about something in pfblocker?

In the advanced, firewall & nat tab you can change the default

Or your talking about the specific url table where you point to some specific file that contains stuff vs resolving a fqdn in aliases?

fireix

This one:

On that website, there is only plain ipv4 IP-addresses (4 of them only for now). When I click Save, it connects to that URL (I can see from the remote website that it calls it when I manually push Save and then Publish) - and everything works then (on manual mode).

So it doesn't need to resolve anything. I would like to have the automatic cron run the same that happens when I click Save/Publish if possible..

johnpoz

Yeah that would be that cron linked too then.

viragomann

Yeah, I remember. The update frequency for url tables is hardcoded to one day in pfSense. If the file isn't older then set there rc.update_urltables does nothing.

Modified that years ago in addition to the cron job. Found no other way to shorten the update interval.

johnpoz

Good point.. So even if run url table every hour, still won't update since the stamp on the file is less than day old?

viragomann

Made that experience with 2.2.4 - 2.2.6.

fireix

So I'm out of luck? Or do I need to find this update frequency?

viragomann

@fireix
As mentioned, it‘s hardcoded in a script. You may change the value. I wrote down, how to do that somewhere, i can look for it if you need it. But consider that an pfSense upgrade will overwrite the setting and you will have to edit the script again.

serbus

Hello!

Maybe try :

/etc/rc.update_urltables now forceupdate

This should update all url alias tables regardless of age.

Or do a :

touch -t 0000000000 /var/db/aliastables/myaliastable.txt

and then let the normal update happen to target just the one table.

John

serbus

Hello!

Actually, i dont think what I posted will work for your alias. You are using an alias type of "URL(IPs)". The scripts I mention only operate on the "URL TABLE (IPs)" type. Maybe you can use the URL TABLES, in which case you can also do:

/etc/rc.update_urltables now forceupdate myaliastable

to update a single alias table.

John

serbus

Hello!

There appears to be a separate system for updating aliases with the "URL(IPs)" type. It runs off of minicron. You can see it at :

ps -aux | grep minicron

The update script is at /etc/rc.update_alias_url_data

For some reason, minicron runs it through fcgicli. You can try running the rc.update_url_data script directly. YMMV

John

bobcodes

I hate to resurrect an old topic but for anyone looking to manually update aliases the correct command is /etc/rc.update_alias_url_data.

esaenz

@bobcodes Voy a responder a este hilo debido a que como yo, muchos llegamos aqui buscando una respuesta. Espero les sirva.

Instalen el paquete cron de pfsense, este mostrara la lista de los cron activos. entre ellos esta el que ejecuta: /usr/bin/nice -n20 /etc/rc.update_urltables a las 12:30 todos los dias. (en mi caso)

Si deseas que se ejecute en otros tiempos mas frecuentes, debido a como mencionan no encontraron la manera de hacer la ejecución mas continua.

Para no modificar mucho. Solo modifica el cron y agrega el now forceupdate y cambiarlo a cada minuto.

• • • • */usr/bin/nice -n20 /etc/rc.update_urltables now forceupdate

o cada 5min
*/5 * * * * /usr/bin/nice -n20 /etc/rc.update_urltables now forceupdate

Espero sirva para proximos visitantes.