Unable to create CRON

hacesoft

Hello, I have the firewall version:
24.11-RELEASE (amd64)
built on Wed Nov 27 19:22:00 CET 2024
FreeBSD 15.0-CURRENT,

which runs on:
PC Engines APU2 Platform ("apu4" model).

I can change the settings and the like in any way. Everything works within the limits of the norm. I also did a disk check, no problems found. I also restored the configuration from the backup, reinstalled all packages. No problems occurred, only with the certificate, we restored it :). I wanted to make my own CRON, which restarts itself when the firewall has no internet. I clicked on SERVICE/CRON, put ADD there and filled in everything that is needed and after sending I got an error message:

pfSenseConfigurator
Restored "/cf/conf/backup/config-1747930578.xml" because "/cf/conf/config.xml" is invalid or does not exist. Currently running PHP scripts may encounter errors. @ 2025-05-22 20:47:44

However, the file /cf/conf/config.xml exists, I used to check:
xmllint --format /cf/conf/config.xml | head -50000 and the entire config.xml was listed. The config.xml file has the following permissions:

-rw-r--r-- 1 root wheel

I also tried installing the package: Services: Shellcmd

The result is the same.

When I put my CRON in Command Prompt, it saves, but it doesn't survive a restart...

Any suggestions what is broken?

Gertjan

@hacesoft said in Unable to create CRON:

Any suggestions what is broken?

Several things.

When you install the cron package, you'll have this :

can you 'edit' an existing cron entry, change nothing and then save it ?
This will update the pfSense configuration file "/cf/conf/config.xml", create a backup etc.

If this fails, the issue tend to be not the cron package but more serious : the config file can't be created successfully.

If you can save an existing entry, but not create your own, can you show us what you were trying to do ?
Like example : a cron I made myself :

edit :

@hacesoft said in Unable to create CRON:

I wanted to make my own CRON, which restarts itself when the firewall has no internet.

A cron entry that restart itself = cron ?
Humm, tell us more.
Or a cron that restarts pfSense entirely ? That's a sledge hammer solution ^^

hacesoft

Good day, I think I found the error. It seems that there is a problem with the national diacritics, when I removed the national texts, CRON failed. Otherwise, my cron looks like this:

/bin/sh -c 'gateway_status=$(/sbin/pfctl -s gateway | grep -c "down"); if [ $gateway_status -gt 0 ]; then current_time=$(date); logger -t watchdog "[$current_time] Gateway detected as down, rebooting system"; sleep 5; /sbin/reboot; fi'

but when I used this, it doesn't work:

/bin/sh -c 'gateway_status=$(/sbin/pfctl -s gateway | grep -c "down"); if [ $gateway_status -gt 0 ]; then current_time=$(date); logger -t watchdog "[$current_time] Brána detekována jako nedostupná, restartuji systém"; sleep 5; /sbin/reboot; fi'

and if it works, then I'll consider something like this:

/bin/sh -c 'LOCKFILE=/tmp/watchdog.lock; MAX_RESTARTS=2; RESTART_PERIOD=10800; if [ -f $LOCKFILE ]; then RESTART_COUNT=$(cat $LOCKFILE); LAST_RESTART=$(stat -f %m $LOCKFILE); CURRENT_TIME=$(date +%s); if [ $((CURRENT_TIME - LAST_RESTART)) -lt $RESTART_PERIOD ]; then if [ $RESTART_COUNT -ge $MAX_RESTARTS ]; then logger -t watchdog "Max number of restarts reached ($MAX_RESTARTS) in 3 hours. Skipping restarts."; exit 0; fi; else echo 0 > $LOCKFILE; RESTART_COUNT=0; fi; else echo 0 > $LOCKFILE; RESTART_COUNT=0; fi; if ! ping -c 3 8.8.8.8 >/dev/null 2>&1; then NEW_COUNT=$((RESTART_COUNT + 1)); echo $NEW_COUNT > $LOCKFILE; current_time=$(date); logger -t watchdog "[$current_time] Internet unavailable, restart #$NEW_COUNT"; sleep 5; /sbin/reboot; fi'

to prevent constant rebooting when the internet is unavailable from outside...

or do you have any better solutions?

Gertjan

@hacesoft said in Unable to create CRON:

or do you have any better solutions?

Noop.
Depends your connection.
Rebooting a router because an interface went down is .... the worst solution possible.
You could take the interface down your with a command - pfSense does so when it detects that ping packets sends out on WAN don't come back anymore. That's the gateway motoring system (dpinger).

When the interfaces comes back up again, same event as when the system boots, the the WAN is set up again.
If it doesn't, then what happened ? The interface came up, pfSense is ready to activate it, is the other side refusing ? Why ? Not normal.
I'll bet ; get a normal ISP, and things will be 'normal' again ;)

hacesoft

@Gertjan

It happens to me that the firewall gets completely stuck, I can't connect to it using the IP address, only the RS232 console works, where I can restart it or hard shut it down. Over the weekend I put thermal paste on the CPU and I put the same on the RAM, now the system reports that it is 5 degrees Celsius cooler, now it is about 55 C°. Maybe that was it. The firewall is located in a metal box and is located in a hanging 6U RACK in the technical room, where there is air conditioning and cools all the equipment I have at home. And with this solution I wanted to do, when the internet doesn't work, the firewall is somehow bitten and so I restart it... This is an attempt for now.... I don't know what it is... I don't want to buy new HW for about 599 EUR...

Gertjan

@hacesoft said in Unable to create CRON:

I can't connect to it using the IP address, only the RS232 console works, where I can restart it or hard shut it down

Ah, ok, so not WAN, but all interfaces go stuck.
When that happens, check the most important log files. You can see them using the console, go to /var/log/
Check the last lines of system.log, resolver.log, dhcpd.log and gateways.log.

55 C is somewhat hot but not the end of the world.
My 4100 can reach 55 easily during summer time as I reserve the airco for myself.