Aliases FQDN not regulary updated ?



  • Hi,

    I defined some FQDN aliases in Hosts mode. The resolver change IP for the given name, but the alias table in pfctl didn't change (by pfctl -t APTUpdates -T show) .

    Could you give me the refresh time for this alias table ? on the Web page it is written 'periodically', but I couldn't find in code the refresh process. I found the URL refresh, but not for Hosts.

    It should be cool to add a log line for this each time the update is launched.

    Of course, if I click on the Web page on 'save' button, the table is refreshed.

    Thanks


  • Rebel Alliance Developer Netgate

    The filterdns daemon checks every 5 minutes and reloads the tables if it detects an IP change.



  • EDIT : Sorry, I just found the bug in filterdns http://redmine.pfsense.org/issues/2506

    CLOSED !

    Thanks for your answer. I put it in debug mode and there is a problem :
    I have a table named 'APTUpdates' with servers needed to my Debian station to be joined for the updates.
    One entry is ftp.fr.debian.org which is actually reseolved by :
    $ host ftp.fr.debian.org
    ftp.fr.debian.org is an alias for ftp.oleane.net.
    ftp.oleane.net has address 194.2.0.36
    ftp.oleane.net has IPv6 address 2a01:c910:0:1::c202:24
    BTW, in the table,there is not the IPv6 entry :
    pfctl -t APTUpdates -T show
      67.205.85.245
      82.67.68.81
      82.195.75.97
      86.59.118.148
      86.59.118.153
      88.191.250.131
      91.189.88.33
      91.189.92.150
      91.189.92.151
      91.189.92.166
      91.189.92.167
      91.189.92.181
      91.189.92.184
      91.189.92.191
      128.31.0.51
      130.89.148.12
      130.89.148.13
      147.173.3.16
      158.255.96.2
      188.165.151.222
      194.2.0.36
      194.145.197.105
      195.20.242.89
      206.12.19.9
      212.211.132.32
      212.211.132.250
      2001:610:1908:b000::148:13
      2001:858:2:2::2
      2001:858:2:2:214:22ff:fe0d:7717
      2001:8d8:580:400:6564:a62:0:2
      2001:a78:5:0:216:35ff:fe7f:be4f
      2001:a78:5:1:216:35ff:fe7f:6ceb
      2001:41b8::/32
      2001:41b8:202:deb:1a1a:0:52c3:4b61
      2607:f8f0:610:4000:211:25ff:fec4:59ae
      2a01:e0c:1:1598::2

    Other thing in logs (egrep '(adding|clearing) entry' user.warning  | grep ftp.fr.debian.org) :
    Jul 31 11:03:46 pfsense1 filterdns: adding entry ::2a01:c910:0:1:0 to table APTUpdates on host ftp.fr.debian.org
    Jul 31 11:03:46 pfsense1 filterdns: clearing entry ::2a01:c910:0:1:0 from table APTUpdates on host ftp.fr.debian.org
    Jul 31 11:08:46 pfsense1 filterdns: adding entry ::2a01:c910:0:1:0 to table APTUpdates on host ftp.fr.debian.org
    Jul 31 11:08:46 pfsense1 filterdns: clearing entry ::2a01:c910:0:1:0 from table APTUpdates on host ftp.fr.debian.org

    The logs are strange too (for another server) : The :: is not at the right place…
    Jul 31 08:53:41 pfsense1 filterdns: adding entry ::2001:610:1908:b000:0 to table APTUpdates on host ftp.debian.org
    Jul 31 08:53:41 pfsense1 filterdns: found entry 0.0.130.89 for APTUpdates
    because ftp.debian.org has :
    : host ftp.debian.org
    ftp.debian.org has address 130.89.148.12
    ftp.debian.org has IPv6 address 2001:610:1908:b000::148:12

    Of course, as the update is incorrect, the packets are dropped...

    Thanks a lot


Log in to reply