Broken logging in 20.1 (FreeBSD 12.1)

[dgktkr]

For FreeBSD 12.1 and HardenedBSD that is based on it, syslogd is partially broken. The same goes for OPNsense 20.1.

Entries in syslog.conf that rely on LogTag (or program name), e.g.

!filterlog
*.* %/var/log/filterlog

don't put any messages in the log files even though plenty are being sent by the filterlog program using the syslog() call. And, of course, since no messages are in those log files, OPNsense doesn't show them.

Entries in syslog.conf that use one of the 24 standard facilities (e.g. local7) allow messages to be forwarded by syslogd as expected. WebGUI/Firewall/Log Files/Plain View shows messages. However, messages that require parsing by OPNsense, like WebGUI/Firewall/Log Files/Live View or WebGUI/Firewall/Log Files/Overview show nothing.

Is the cause a change in syslog.c for FreeBSD 12.X (see the entry in /UPDATING dated 20180406)?

Apparently, syslogd and OPNsense haven't caught up to that change yet.

[rene-bayer]

Correct me if i am wrong, but this should also be the reason, why the firewall live view isnt working in 20.1?

Greets,
René

[fichtner]

I guess so.

[dgktkr]

To confirm my understanding of the problem, I started with a fresh update of OPNsense src.git from GitHub. I then replaced /usr/src/lib/libc/gen/syslog.c with the previous version (see https://reviews.freebsd.org/D14951. Then a build of base, kernel, packages and arm provided an image where the firewall Live View, Overview and Plain View work as expected.

Given the above solution to the problem, I haven't investigated why syslogd didn't work properly with the 12.1 version of syslog.c, even though some effort has been made along those lines (see https://reviews.freebsd.org/D15011

[fichtner]

Can you try this?

# opnsense-code tools ports
# cd /usr/ports/opnsense/syslogd-devel
# make
# cp /usr/obj/usr/ports/opnsense/syslogd-devel/work/stage/usr/local/sbin/syslogd /usr/local/sbin/syslogd

[dgktkr]

Hi Franco,

Sure. As near as I can tell, you're requesting that the above commands be executed on the target device running OPNsense.

Doing that, the first line resulted in an error:

root@OPNsense:~ # opnsense-code tools ports
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:12:armv7/20.1/latest/meta.txz: Not Found
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:12:armv7/20.1/latest/packagesite.txz: Not Found
Unable to update repository OPNsense
Error updating repositories!

[fichtner]

Err, sorry, opnsense-code depends on nonexistent package repository.

Meanwhile I tested the patch and there's still an issue with CLOG support. Have to sort that out first.

[nekoprog]

If i'm not mistaken, @DarkSunOne hosted opnsense pkg repo right? Maybe he can upload armv7 packages and point update server to his repo and run again opnsense-code tools ports.

Or since @dgktkr build his own pkg, he can upload it locally to web server and point update server to local address.

[rene-bayer]

Yes, its hosted at my Homelab, i will move the mirror onto my server the next days, if you want to i can provide you an ftp account. I also had the idea, to push my own update server into my own builds, but they have been overwritten after each update :-( Salute, René

[fichtner]

This was fixed by @AdSchellevis for the upcoming 20.7-BETA