-
Notifications
You must be signed in to change notification settings - Fork 603
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nginx, php process crashes due to high memory usage, tls_ua_fingerprint.php #3854
Comments
Hi |
Hello, Should we prune this file via cronjob every now and then? |
@pfsiedl There were changes in the |
@kulikov-a I've deleted the handshakes.json file and let it rebuild. Seems to work for the time being. Is there any description behind the mechanism of handshakes.json / tls_handshakes and why the plugin stores them separately in a json file? Is this only for visuals and ban-features via GUI? |
@pfsiedl the general idea is described in the docs (https://docs.opnsense.org/manual/how-tos/nginx_tls_fingerprints.html) |
@kulikov-a we resolved the issue with cleanup of handshakes.json. |
We again running into the issue, that handshakes.json file is quite large and therefore the php process runs into an oom exception. Current size if handshakes.json is 259MB. Can't we have this file deleted once a week using a cronjob until you implement a longer-term fix? |
hi! I'll try to take a look at the end of the week. a little busy right now, sorry |
@pfsiedl |
@kulikov-a The creation of the cronjob worked flawless and is a good workaround. We would really appreciate an option to disable the handshake logging per server and hope your PR gets accepted asap to continue working on this plugin. Thank you for your effort. |
@pfsiedl |
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Describe the bug
PHP process crashes due to excessive memory usage when writing the file /var/log/nginx/handshakes.json by the script tls_ua_fingerprint.php.
To Reproduce
Not a clear solution to reproduce the behavior, just some facts.
/var/log/nginx/handshakes.json got a filesize of 234MB.
According to the traffic statistics, there have been over 1,4 Mio. requests in 20 days uptime, of which 320.000 requests have been accepted.
Expected behavior
No crash due to an more memory efficient way to write the file.
Relevant log files
[21-Feb-2024 22:20:02 Europe/Vienna] PHP Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 216010752 bytes) in /usr/local/opnsense/scripts/nginx/tls_ua_fingerprint.php on line 135
Additional context
We already have two independent firewalls with crashes of this type.
If you need any further logs or informations, I try my best to provide you with the additional informations.
Environment
The text was updated successfully, but these errors were encountered: