Netgate SG-1000 microFirewall

Author Topic: filterdns stops working  (Read 839 times)

0 Members and 1 Guest are viewing this topic.

Offline m0nji

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +3/-0
    • View Profile
Re: filterdns stops working
« Reply #15 on: January 05, 2018, 03:38:29 am »
i have the same problem. after several days, filterdns stopped working. just a reboot of the pfsense solve the problem for the next few days.
i just have 5 fqdn (dynamic dns) entrys in my ip alias table.

(2.4.2 p1)

Offline m0nji

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +3/-0
    • View Profile
Re: filterdns stops working
« Reply #16 on: January 06, 2018, 06:21:42 am »
this is annoying, it happened again this night. yesterday after 11pm no more updates.
for the moment i will add a cronjob to restart filterdns every hour.
« Last Edit: January 06, 2018, 06:26:31 am by m0nji »

Offline Doboy

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +2/-0
    • View Profile
Re: filterdns stops working
« Reply #17 on: January 06, 2018, 07:21:05 am »
I have the exact same issue on 2.4.2-RELEASE-p1. I really hope someone finds a fix to this issue.

maybe the cronjob is what i need for now?


Offline Doboy

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +2/-0
    • View Profile
Re: filterdns stops working
« Reply #18 on: January 07, 2018, 05:42:29 am »
this is annoying, it happened again this night. yesterday after 11pm no more updates.
for the moment i will add a cronjob to restart filterdns every hour.

Can you share your cron job with me? I'm not that familiar with cronjob's and i have the same issue. would like a temp fix for now until they fix the bug.

Offline m0nji

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +3/-0
    • View Profile
Re: filterdns stops working
« Reply #19 on: January 10, 2018, 05:15:56 am »
Can you share your cron job with me? I'm not that familiar with cronjob's and i have the same issue. would like a temp fix for now until they fix the bug.

sure....
look at the picture below


Content of cron_filterdns.sh
Code: [Select]
#!/bin/sh
pkill filterdns
/usr/local/sbin/filterdns -p /var/run/filterdns.pid -i 240 -c /var/etc/filterdns.conf -d 1

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21572
  • Karma: +1471/-26
    • View Profile
Re: filterdns stops working
« Reply #20 on: January 10, 2018, 09:33:07 am »
When the problem happens, does /var/run/filterdns.pid contain a valid PID for filterdns? (Check the "ps uxaww" output to find the filterdns pid)

If you do "killall -HUP filterdns" do the entries resolve again, or are they still missing?

The code in place now tries not to restart filterdns unless it absolutely has to, but perhaps there is some issue when it's running for prolonged periods were it gets confused or fails to update when expected.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline m0nji

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +3/-0
    • View Profile
Re: filterdns stops working
« Reply #21 on: January 11, 2018, 03:41:30 am »
i will disable my cronjob and give you feedback when it happens again @jimp

Offline Birke

  • Jr. Member
  • **
  • Posts: 76
  • Karma: +13/-0
    • View Profile
Re: filterdns stops working
« Reply #22 on: January 11, 2018, 10:29:06 am »
a little update from me:
after the reboot 8 days ago everything still works (with the modification of the aliases).

Offline m0nji

  • Jr. Member
  • **
  • Posts: 65
  • Karma: +3/-0
    • View Profile
Re: filterdns stops working
« Reply #23 on: January 11, 2018, 07:58:55 pm »
and again, no more update after 11pm.
"killall -HUP filterdns" has no effect at all.


Offline Birke

  • Jr. Member
  • **
  • Posts: 76
  • Karma: +13/-0
    • View Profile
Re: filterdns stops working
« Reply #24 on: January 19, 2018, 10:08:38 am »
ok, problem is back on my system :'(

When the problem happens, does /var/run/filterdns.pid contain a valid PID for filterdns? (Check the "ps uxaww" output to find the filterdns pid)
yes, its the pid of the running filterdns-process.

If you do "killall -HUP filterdns" do the entries resolve again, or are they still missing?
it doesnt change anything on my machine.

one thing changed:
the old entries were not deleted this time. but they are not updated.
new entries are not resolved but they are added to the filterdns.conf.

also the mentioned cron-job from m0nji doesnt seem to be a good idea, since the "pkill filterdns" doesn't end the filterdns-process (at least not on my pf). that means only more and more instances of filterdns will start.

is there any way to really kill that process so i can start a fresh instance?

Offline dudi

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: filterdns stops working
« Reply #25 on: January 20, 2018, 10:15:19 am »
I have the same problem!
No filterDNS in the system->DNS Resolver logs after a week or some days.
« Last Edit: January 20, 2018, 10:35:33 am by dudi »

Offline dudi

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: filterdns stops working
« Reply #26 on: February 10, 2018, 10:56:32 am »
Somebody with a solution?

Offline Birke

  • Jr. Member
  • **
  • Posts: 76
  • Karma: +13/-0
    • View Profile
Re: filterdns stops working
« Reply #27 on: February 13, 2018, 04:17:52 am »
not really a solution, only a workaround:
run "killall -9 filterdns" in the shell and then "/usr/local/sbin/filterdns -p /var/run/filterdns.pid -i 300 -c /var/etc/filterdns.conf -d 1" (or save and apply an existing alias). you could also put them in a cron as already mentioned.

since the error happened to me again, i checked the resolver.log again to see if there is any information what the reason could be. even with debug level 3 there is no clue.
the last working entries are some normal adding and clearing entries and some information about some static entries.
the next time filterdns should run, it starts with a "Received signal Hangup(1)" entry and only one entry gets deleted and the static entries are listed.
after that every time filterdns should run (automatically or after a manual save&apply of an alias), only the hangup-message is in log.

ps: seems this thread is about the same problem. maybe both threads should be merged.
« Last Edit: February 13, 2018, 04:24:22 am by Birke »

Offline Valeriy

  • Jr. Member
  • **
  • Posts: 52
  • Karma: +7/-0
    • View Profile
Re: filterdns stops working
« Reply #28 on: February 16, 2018, 02:47:13 pm »
I can confirm, same issue is happening with me. It seems to be it, it started happening after pfSense upgrade in Sept-Nov 2017. I am using development snapshot from 10th of January, issue still persists.

am using Policy Based Routing (PBR) and heavily rely on a lot of aliases: it took time to realize that tables of IP addresses (referring hostname based aliases) are not updated.

So temporary workaround so far is same, what you have suggested:

>killall -9 filterdns
>rm /var/pid/filterdns.pid (not sure if it correct path, just writing from my head)

> and then start filterdns process again (or refresh aliases).

In fact, starting filterdns (with proper arguments) sometimes did not help, I had to kill the process again and refresh (edit-save-apply) one of aliases lists.

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21572
  • Karma: +1471/-26
    • View Profile
Re: filterdns stops working
« Reply #29 on: February 16, 2018, 02:55:27 pm »
Do we have any reliable and predictable way to trigger this issue? Any specific alias contents that cause it? Is there a set interval at which the problem occurs? Is there some other event that causes it to fail?
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!