Firewall: Settings: Advanced - 'Aliases Resolve Interval' not working #2162
Comments
|
It should be in the crontab by default, can you grep the following:
it should contain: |
|
It does, but whatever the value I enter in the GUI, it will always execute every 10 minutes, it does not reflect my preference: 10 * * * * (/usr/local/opnsense/scripts/filter/update_tables.py) > /dev/null |
|
that's correct, the alias update invalidates content after the specified amount of time, so it can run safely every 10 minutes. |
|
Er... 10 means every hour at 10 minutes, not every ten minutes... should it be */10 then? |
|
oops, missed that, every hour could indeed be a bit to long... (worst case an hour interval could update every 2 hours ;) ). |
|
It's not just that, in the GUI, the custom value is described in the "help text" as being seconds, not hours :) Another reason why I reported this. So also a spelling error :) |
|
To really use "every x minutes" instead of hours brings much more value for this GUI feature, at least for me :) |
|
Where are the seconds? It should be hours, the table heading contains: Usually it's not a very good idea to fetch content very often, for specific cases it might be different, maybe we could support fractions of hours (e.g. 0.25, 0.1). What's your use-case for this? |
|
Use case:
|
|
Ah, different feature, it looks like we missed something here, I'll try to fix this before the next release. |
|
well it's too late for 18.1.2 so no rush ;) |
|
Thank you both :) |
…gn update to configd call. for #2162 This was a bit forgotten, since the new alias update handles all types of aliases using different expiry intervals, we need to make sure we actually probe our changes in time, otherwise it's impossible to expire dns entries within a reasonable timeframe.
|
@petererdos this c5555b2 should fix the culprit. You can install the fix using:
Then make sure you save your settings again in Firewall -> Settings -> Advanced to make sure the cron file is rewritten (or reboot). |
|
Yep, it's working every one minute! But, if I change the value '60' (coresponding to 60 seconds) to 120 (so basically 2 minutes) from Firewall -> Settings -> Advanced, this doesn't change (I will try later if it actually works):
It will remain like this no matter the value entered in the GUI. I think, if 120 is entered, it should change to: Unless it's saved/executed from somewhere else :) |
|
@petererdos the cron job shouldn't change the alias update handles the different timeouts |
|
Ok, I guess it's fixed then :) |
|
thanks for confirming |
…gn update to configd call. for #2162 This was a bit forgotten, since the new alias update handles all types of aliases using different expiry intervals, we need to make sure we actually probe our changes in time, otherwise it's impossible to expire dns entries within a reasonable timeframe. (cherry picked from commit c5555b2)
At least for host(s), the GUI feature is not triggering the resolver for any given values (for example, 60). A cron job is needed for FQDNs to be resolved (as a workaround).
OPNsense 18.1.1-amd64
FreeBSD 11.1-RELEASE-p6
LibreSSL 2.6.4
The text was updated successfully, but these errors were encountered: