Re: [pfSense] FQDN alias update failure

2014-12-22 Thread Volker Kuhlmann 
On Tue 23 Dec 2014 00:30:39 NZDT +1300, Renato Botelho wrote:

> Every time alias is changed, a HUP signal is sent do filterdns [1],
> and it triggers it to read config again and update aliases.

Thanks for the tip. However a

  kill -HUP `cat /var/run/filterdns.pid`

doesn't seem to cause an immediate update of aliases. filterdns seems to
wait until the end of the current interval before doing anything. It
would do the same with sending HUP (changing aliases as already done
that).

> Could you let me know the steps to have multiple filterdns instances
> running? I couldn’t reproduce it here.

Trivial, just run it:

  /usr/local/sbin/filterdns -p /var/run/filterdns.pid -i 300 -c 
/var/etc/filterdns.conf -d 1

This incantation is run by pfsense. Doing the same from the command line
starts up a new instance of filterdns each time. It also updates aliases
immediately.

Volker

-- 
Volker Kuhlmann
http://volker.top.geek.nz/  Please do not CC list postings to me.
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] FQDN alias update failure

2014-12-22 Thread Renato Botelho 
> On Dec 19, 2014, at 18:07, Volker Kuhlmann  wrote:
> 
> pf tables can be populated from FQDNs through pfsense aliases. However
> the FQDNs are not re-evaluated and pf tables are not updated after
> applying changes to the aliases or filter rules, creating confusion when
> setting up rules. The update only happens eventually when the filterdns
> background process gets around to it.

Every time alias is changed, a HUP signal is sent do filterdns [1], and it 
triggers it to read config again and update aliases.

> Is there a way to run a command that does an update immediately, while
> the problem is being fixed?
> 
> filterdns is run as
> 
> /usr/local/sbin/filterdns -p /var/run/filterdns.pid -i 300 -c 
> /var/etc/filterdns.conf -d 1
> 
> and expects a config file as minimum argument.
> 
> However it always starts up a new instance that keeps running. Is it
> possible to tell it to terminate after one update iteration, or do I
> need to write a script that kills it after 10 seconds? Thanks.

Could you let me know the steps to have multiple filterdns instances running? I 
couldn’t reproduce it here.

[1] https://github.com/pfsense/pfsense/blob/RELENG_2_2/etc/inc/filter.inc#L394
--
Renato Botelho

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list