Cron package problems
I am running ver 2.0.2 nano-bsd on alix hardware. I installed the cron package from the web GUI. I added a cron job to run rc.filter_configure_sync. I checked that my cron job appeared in both /etc/crontab and /conf/config.xml and it did. The cron job ran as scheduled but then deleted it's self from the web GUI list of cron jobs. I then rechecked the contents of /etc/crontab and /conf/config.xml and my cron job had vanished!
I am very confused as to where the default cron jobs are loaded from after reboot or filter resync. Somehow config.xml is getting overwritten with the default cron jobs????
the cron jobs are held only in config.xml, and then written to the file in /etc or /var/etc from there.
If it was in config.xml it wouldn't have just vanished without being deleted deliberately, unless something corrupted the config and caused the OS to restore an old version.
Check the system log and Diag > Backup/Restore on the Config History tab.
Is there a chance you forgot to save?
I entered a cron job for RKhunter to run and it is still working.
I checked diag=> backup/restore as suggested and this is what was there
1/23/13 09:47:06 (system): made unknown change
1/23/13 09:19:25 wolf: /packages/cron/cron_edit.php made unknown change
the entry for 09:47 is when the cron job ran and deleted it's self. I tried restoring from the most recent backup which put back the cron job. When the cron job ran it was again deleted with (system): made unknown change
What exactly is the cron job doing?
The cron job runs /usr/bin/nice -n20 /etc/rc.filter_configure_sync. below is the cron entry from config.xml. I tried deleting all the backups that don't contain the cron job. the cron job still disappears
So why are you running /etc/rc.filter_configure_sync manually?
I have a few remote hosts with dynamic ip addresses and dynamic dns. They are in the firewall configuration as aliases with host names rather than ip addresses. when rc.filter_configure_sync runs it does a dns lookup and puts the correct ip addresses in the filter tables. If any of the dynamic ip addresses changes i want the filter tables to get updated with the new ip.
There should already be a filterdns process running. It wakes up every 5 minutes, checks the IP address of the names in aliases, and updates the pf/ipfw tables. I can see it on both a 2.0.2 and 2.1-BETA1 system:
$ ps ax | grep filterdns 10168 ?? S 0:00.01 sh -c ps ax | grep filterdns 10550 ?? R 0:00.00 grep filterdns 50475 ?? INs 0:00.01 /usr/local/sbin/filterdns -p /tmp/filterdns.pid -i 30
If I understand correctly, what you need should already be happening.
Use Diagnostics->Tables to see the current IPs that are in each table to confirm that it is working.