Filter reload through cron?



  • hello every1,

    is it possible to do a filter reload over cron?

    i tried

    /usr/local/bin/php status_filter_reload.php

    but it didn't work.

    reading status_filter_reload.php didn't get me the answer either. (no php-knowledge)

    appreciating any help!



  • /etc/rc.filter_configure_sync but there shouldn't be any reason to do so via cron. Why do you want to?



  • thx for your reply.

    i am using a transparent squid, which works perfectly. but after 24h the filter-rules stop working. after hitting "Reload Filter" the port 80 gets forwarded to the proxy-server again and everything works fine again.


  • LAYER 8 Global Moderator

    Never understood that sort of logic..  You should not have to reload filters, while that might fix your issue.  The problem is that squid stops working after 24 hours - I would search to why that is vs some cron job to reload filters.

    Maybe that's just me?



  • squid doesn't stop working.
    the traffic to port 80 just doesn't get forwarded to the squid proxy-port anymore.

    starting any browser with the proxyserver enabled works fine. restarting squid doesn't help either. only hitting save on the squid-config-page or reloading the filter-rules works.

    testet this with squid 2.7 and 3.1

    every 24h the internet-connection gets reset (0:00).

    if u have a clue why the port 80 doesn't get forwarded, please let me know.

    appreciating any help or hint!!


  • LAYER 8 Global Moderator

    "every 24h the internet-connection gets reset (0:00)."

    Why does your internet connection get reset?  I would say that is part of the problem, do you mean you get a different IP, do you reset it, does your isp reset it?  Do you have firewall rules on a schedule?

    My internet does not reset, I have forwards that have been up for weeks..  I never have to reload or redo filters.. So clearly something is not right in your config - but vs scheduling a reload of the filters I would look to why you should have to..  So if you could explain the why your internet gets reset that might lead us down the right path to the actual root of the problem.



  • 24h after internet connections got established my isp resets the internet connection and i get a new ip on my wan interface. there for i am using the pre-set option on the wan-configuration site to do the reset at midnight and not in the middle  of the day.

    i dont understand why the nightly reset, disables the port-forwarding rules on lan-interface.

    after midnight systemlog says:

    php: rc.filter_configure_sync: SQUID is installed but not started. Not installing "pfearly" rules.
    php: rc.filter_configure_sync: SQUID is installed but not started. Not installing "filter" rules.
    php: rc.filter_configure_sync: SQUID is installed but not started. Not installing "nat" rules.
    php: rc.start_packages: Restarting/Starting all packages.
    php: rc.start_packages: Starting Squid
    squid[92952]: Squid Parent: child process 93536 started
    php: rc.start_packages: Reloading Squid for configuration sync

    after filterreload systemlog says:

    check_reload_status: Reloading filter


  • LAYER 8 Global Moderator

    "24h after internet connections got established my isp resets the internet connection"

    Why would they do that?  That seems completely asinine to say the least??  Never heard of such a thing…  Do you mean you just get another IP address when your lease expires?  What happens if you don't do the manual reset..  And just let it go, does your IP change?



  • Some residential DSL providers drop your connection once per 24 hours to force obtaining a new IP on reconnect. I believe that's exclusive to Germany, maybe other places as well. Rules are reloaded automatically on reconnect though.



  • cmb is totally right.

    in germany it is a common way the dsl-providers handle their internet-connections. if i dont do the manual reset at midnight, the internet-connection gets reset by the isp 24h after establishing. that means in the middle of the day when my users are working in ssl-connections, which would be breaking either. thats way i do the reset at midnight.

    why the portforwarding for port 80 breaks on my lan interface makes no sense to me either. but the systemlogs don't tell me anything and i dont have a cloue where else to look.

    i didn't change anything on my pfsense-box besides installing the package squid.

    any1 else having the same problem in germany??


  • LAYER 8 Global Moderator

    I work for a DE company - so yeah they do some oddball shit ;)  Why would anyone pay for a connection that gets reset every 24 hours?  Asinine!!


Log in to reply