Project

General

Profile

Actions

Bug #6812

closed

IPsec filterdns crash

Added by Louis-Philippe Allard about 8 years ago. Updated about 7 years ago.

Status:
Not a Bug
Priority:
Normal
Category:
IPsec
Target version:
-
Start date:
09/24/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

This appears intermittently in the system logs:

Sep 24 00:27:13 php-fpm 73703 /rc.newipsecdns: The command '/usr/local/sbin/filterdns -p /var/run/filterdns-ipsec.pid -i 60 -c /var/etc/ipsec/filterdns-ipsec.hosts -d 1' returned exit code '71', the output was '/var/etc/ipsec/filterdns-ipsec.hosts:1: Command is mandatory on CMD type directive'
Sep 24 00:27:13 php-fpm 73703 /rc.newipsecdns: No phase2 specifications for tunnel with REQID =
Sep 24 00:27:08 check_reload_status Reloading filter
Sep 24 00:27:08 php-fpm 37979 /rc.newipsecdns: The command '/usr/local/sbin/filterdns -p /var/run/filterdns-ipsec.pid -i 60 -c /var/etc/ipsec/filterdns-ipsec.hosts -d 1' returned exit code '71', the output was '/var/etc/ipsec/filterdns-ipsec.hosts:1: Command is mandatory on CMD type directive'
Sep 24 00:27:08 php-fpm 37979 /rc.newipsecdns: No phase2 specifications for tunnel with REQID =
Sep 24 00:27:07 php-fpm 73703 /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.

Also there are literally hundreds of entries in system logs > DNS resolver like these (note the hosts are not always "adblockplus.org"...:

Sep 24 09:34:58 filterdns failed to resolve host server19.adblockplus.org will retry later again.
Sep 24 09:34:58 filterdns failed to resolve host server5.adblockplus.org will retry later again.
Sep 24 09:34:57 filterdns failed to resolve host server19.adblockplus.org will retry later again.

Are these two events related at all or are they independent? Is the second one merely related to hosts being blocked by pfblockerNG or Snort?

pfSense version:
2.3.2-RELEASE (amd64)
built on Tue Jul 19 12:44:43 CDT 2016
FreeBSD 10.3-RELEASE-p5

Installed packages:
Cron
freeradius2
ntopng
pfBlockerNG
RRD_Summary
Service_Watchdog
snort
squid
squidGuard

Actions

Also available in: Atom PDF