tinc package makes /rc.newwanip looping forever
I just realizd that each time the tincd(8) daemon is started, pfSense detects the new IP address on its dedicated interface (in my case /dev/tap0), thus it recalls the script /rc.newwanip, which in turns calls the script /rc.start_packages, generating an infinite loop: in fact restarting the tinc service make the tap0 interface have its IP reassigned, and again and again... :S
I attached the first two occurrences of the loop, which I'm not able to stop but manually killing tincd(8).
I guess that this is a show-stopper issue affecting everyone who wants to run tinc on pfSense.
Maybe there is a way to tell the /rc.start_packages script not to act upon the tinc service?
#1 Updated by Andrew Hotlab 8 months ago
I temporary blocked the loop by disabling the OPT interface associated with tap0:
Sep 29 16:59:39 pfsense php-fpm: /rc.linkup: Linkup detected on disabled interface...IgnoringBut in this way I'm not able to use that interface for NAT and specific firewall rules any longer.
#2 Updated by Andrew Hotlab 7 months ago
I guess I found a workaround: define a static IP address into the interface, then enable it and use in firewall and outbound NAT rules. In this way
rc.newwanip does not seems to try restarting all packages anymore:
Oct 21 17:05:12 pfsense check_reload_status: Linkup starting tap0 Oct 21 17:05:12 pfsense kernel: tap0: link state changed to UP Oct 21 17:05:14 pfsense php-fpm: /rc.linkup: Hotplug event detected for VPN_TINC(opt4) static IP (10.1.2.1 ) Oct 21 17:05:14 pfsense check_reload_status: rc.newwanip starting tap0 Oct 21 17:05:14 pfsense check_reload_status: Reloading filter Oct 21 17:05:15 pfsense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on tap0. Oct 21 17:05:15 pfsense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 10.1.2.1) (interface: VPN_TINC[opt4]) (real interface: tap0). Oct 21 17:05:15 pfsense check_reload_status: Reloading filter
The solution seems pretty stable at this moment. Need more time to check it effectively.