OPNsense Forum
English Forums => Development and Code Review => Topic started by: EJocys on April 10, 2022, 03:56:04 pm
-
I really tried to like OPNSense, but as a firewall it turned out to be an unreliable and dangerous out-of-the-box solution.
PROBLEM: The Suricata service stops constantly and leaves the internal network vulnerable.
This is because OPNSense doesn't seem to have service recovery enabled for important services by default and the Monit function just doesn't provide an easy solution, i.e. it requires the user to look up documentation and the documentation doesn't provide a clear and simple example how to reboot failed service.
SOLUTION: Microsoft did a very smart thing and enabled service recovery for important services out of the box on all of its operating systems. Also, Microsoft added a very easy to understand [Recovery] tab for each service. For example, "Microsoft Defender Antivirus Service" has maximum service recovery options enabled:
First Failure: Restart the Service
Second Failure: Restart the Service
Subsequent failures: Restart the Service
Reset fail count after: 1 days
Restart service after: 0 minutes
Please, add service recovery out of the box. For example: Services / Monit / Recovery
List all the services here, with pre-configured and basic recovery options to modify.
P.S.: A good system should try to counter the mistakes of others, that is, faulty services, and do everything possible to protect the user out-of-the-box.
-
There's another angle to this and restarts are not a solution to a fatal problem on a service. If the problem is fatal, it doesn't matter what restarts it or how many times it does, it will still fail to start. This is regardless of operating system. In the scenario shown, every single attempt , first, second, subsequent ones, will still leave the service down.
So that is not the solution. Having said that, most OSes provide a way to achieve that, some built in, others via cron jobs, etc.
My suggestion: diagnose the service failure. That is one real solution.
-
What's wrong with using monit to do it and provide an update to the documentation for it if it's a must have?
Cheers,
Franco
-
@cookiemonster: My suggestion: diagnose the service failure. That is one real solution.
It's a solution, but not viable for a firewall, because it leaves thousands of systems vulnerable. Product already failed if consumer is forced to diagnose manufacturers' product. Microsoft has solved this problem with a solution that actually works in real life. Backup/alternative systems are essential. OpnSense developers just have to copy the solution, already provided by the most successful multi-billion dollar company with decades of experience in the operating system market.
@franco: What's wrong with using monit to do it and provide an update to the documentation for it if it's a must have?
"using monit to do it and provide an update to the documentation" and not providing a good out-of-the-box solution is exactly what's wrong :). The solution must be integrated and activated by default in the product and not in the documentation. Users prefer an out-of-the-box solution because the majority don't have skills or want to spend time reading documents and solving problems. Providing good out-of-the-box solutions is why Windows is always far ahead of Linux/BSD in terms of operating system market share.
Sure, I could figure out how monit works and update the OpnSense documentation, but I have hundreds of problems in my own projects and I'd rather fix my problems first. Like most consumers, I prefer the "set it and forget it" solutions :).
-
Windows has never provided anything out the box except itself, and it keeps failing all the time. And it doesn't leave any way to fix problems, starting with the source code not being available making that impossible to begin with. It's more like a virus than anything else. What's the last time that you got a message about a service not starting in Windows? Getting one would be a first because it doesn't even tell you. If you got one, what could you do.
With all technology, when the user doesn't know how to use it and doesn't have ways to fix it, it will fail the user and will easily work to thier disadvantage. When technology takes over, the user becomes a slave. The "set it and forget it" approach only works when the users know what they are doing, and it only works as long it does.
You sound like you would like to become a slave of the technology you're using and have it use you instead. That's bad and dangerous out of the box.
Other than that: does Monit send you a message that the service has failed, or does it fail to send one?