#18493: Luci does not open firewall rules if wan address does not answer reverse
lookup
---------------------------+-----------------------------------
Reporter: luizluca@… | Owner:
Type: defect | Status: new
Priority: high | Milestone: Barrier Breaker 14.07
Component: luci | Version: Barrier Breaker 14.07
Keywords: luci firewall |
---------------------------+-----------------------------------
Hello,
I noticed that luci failed to open any firewall rules. It keeps waiting
until a "Bad Gateway The process did not produce any response" appears
after 60s.
Doing a strace on the "{luci} /usr/bin/lua /www/cgi-bin/luci" process, I
noticed that it tried to do a reverse lookup of one of my wan addresses (I
have two and I'm using mwan3 but it is probably not related to mwan3).
This is very difficult for a non-dev user to debug and might be common
situation.
Doing the lookup using bind-host, it took 10s to fail:
{{{
# time host 187.49.x.x
Host x.x.49.187.in-addr.arpa not found: 2(SERVFAIL)
Command exited with non-zero status 1
real 0m 10.01s
user 0m 0.00s
sys 0m 0.00s
}}}
I could easily workaround it adding it as static domain entry in
/etc/config/dhcp
{{{
config domain
option ip '187.49.x.x'
option name 'wan1.links'
}}}
But Luci should be robust enough to timeout dns lookup before http request
times out.
--
Ticket URL: <https://dev.openwrt.org/ticket/18493>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
