Update a table via cronjob?
-
I'd like to update a table from a cronjob. The command creates a list of networks in cidr notation. I know how to create the cronjob, but how do I get the list into the mighty pf?
Thanks for your help!
-
I'd like to update a table from a cronjob. The command creates a list of networks in cidr notation. I know how to create the cronjob, but how do I get the list into the mighty pf?
Thanks for your help!It is already done automatically via Cron. If you cat the /etc/crontab file it is this line
30 12 * * * root /usr/bin/nice -n20 /etc/rc.update_urltablesI had a need to do it from a web UI and this is the php code that I use to force an update of my url tables… Basically just copy the new file into the proper location and then run this code.
#!/usr/local/bin/php -q require_once("config.gui.inc"); require_once("util.inc"); require_once("pfsense-utils.inc"); if (!is_array($config['aliases']['alias'])) { // No aliases exit; } // Gather list of urltable aliases $todo = array(); foreach ($config['aliases']['alias'] as $alias) { if ($alias['type'] == 'urltable') { $tmp = array(); $tmp['name'] = $alias['name']; $tmp['url'] = $alias['url']; $tmp['freq'] = $alias['updatefreq']; $todo[] = $tmp; } } if (count($todo) > 0) { log_error("{$argv[0]}: Starting up."); log_error("{$argv[0]}: Starting URL table alias updates"); foreach ($todo as $t) { $r = process_alias_urltable($t['name'], $t['url'], $t['freq'], true); if ($r == 1) { $result = ""; exec("/sbin/pfctl -t " . escapeshellarg($t['name']) . " -T replace -f /var/db/aliastables/" . escapeshellarg($t['name']) . ".txt 2>&1", $result); log_error("{$argv[0]}: Updated {$t['name']} content from {$t['url']}: {$result[0]}"); } elseif ($r == -1) { log_error("{$argv[0]}: {$t['name']} does not need updated."); } else { log_error("{$argv[0]}: ERROR: could not update {$t['name']} content from {$t['url']}"); } } } ?>
-
OK, I don't need the GUI option. But your hints were useful. :)
This is what I did (haven't tested it yet though):
Added the command that creates my list of networks (as /tmp/networks.txt) to a <shellcmd>(to get the list on boot, hopefully) and to crontab, because it needs periodic updates.
Added the resulting file as a text source to an existing list in pfBlocker.Now, currently I can only hope that
1. shellcmd runs before pfBlocker at boot (so the file is created when pfBlocker starts) and
2. shellcmd does NOT run before the network (especially pppoe) is up.While I am testing - if anyone got a more 'failsafe', pfSense'ish approach, let me know.</shellcmd>
-
OK, I don't need the GUI option. But your hints were useful. :)
This is what I did (haven't tested it yet though):
Added the command that creates my list of networks (as /tmp/networks.txt) to a <shellcmd>(to get the list on boot, hopefully) and to crontab, because it needs periodic updates.
Added the resulting file as a text source to an existing list in pfBlocker.Now, currently I can only hope that
1. shellcmd runs before pfBlocker at boot (so the file is created when pfBlocker starts) and
2. shellcmd does NOT run before the network (especially pppoe) is up.While I am testing - if anyone got a more 'failsafe', pfSense'ish approach, let me know.</shellcmd>
You can run a script at boot… just put it in /usr/local/etc/rc.d. If you want to run it last, start the name with zz or something like that...
-
pfblocker and the network interfaces are initialized somewhere else - so you can't control the order of initialization of those and your scripts via prefixes. Which is want I (may) need. Still haven't test-booted
-
Did I meantion that I use nanobsd? :-)
It would be best to have some persistent storage for my list of networks.
Maybe I'll get an answer here http://forum.pfsense.org/index.php/topic,65500.0.html