Feature #13057
closed
GUI option for IPsec ``dns-interval`` setting
Added by Viktor Gurov over 2 years ago.
Updated over 2 years ago.
Plus Target Version:
22.05
- Tracker changed from Bug to Feature
- Subject changed from Unused ```dns-interval``` option to GUI option for IPsec ``dns-interval`` setting
- Affected Version deleted (
2.6.0)
It is a "hidden" config option to let users choose how often to re-resolve FQDN endpoints for IPsec. Users could manually insert it into config.xml, but at the time it was added there wasn't a compelling reason to also add a GUI option. There is a similar option for aliases on system_advanced_firewall.php.
We can add it to the advanced IPsec settings tab, but it the backend code can remain as it is.
- Assignee set to Viktor Gurov
- Target version set to 2.7.0
- Plus Target Version set to 22.05
- Status changed from New to Pull Request Review
- Status changed from Pull Request Review to Feedback
- Status changed from Feedback to Resolved
"FQDN Endpoints Resolve Interval" is added to IPsec Advanced Settings
2.7.0.a.20220415.0600
Tested on 22.05.a.20220417.0600.
The interval is added correctly:
root 62793 0.0 0.3 12140 2784 - Is 18:44 0:00.01 |-- /usr/local/sbin/filterdns -p /var/run/filterdns-ipsec.pid -i 10 -c /var/etc/ipsec/filterdns-ipsec.hosts -d 1
However, the actual resolve interval seems to be done at twice the value in the config. This seems to be a separate issue, but it's worth noting. Details here:
https://redmine.pfsense.org/issues/13067
- Related to Bug #13067: Resolve interval for ``filterdns`` may not match the configured value added
Also available in: Atom
PDF
Updated by 
Updated by Viktor Gurov 
Updated by 
Updated by