OPNsense Forum

English Forums => General Discussion => Topic started by: interkrome on August 10, 2016, 11:34:57 am

Title: Machine Hang After Cron Job
Post by: interkrome on August 10, 2016, 11:34:57 am

Hi Guys,

All this while the cron job performed very well until recently, whenever it runs, the machine hang which i need to perform manual reboot. here is the logs :

Aug 08 18:00:00 opnsense_fixed configd.py: [e042aef2-cdde-4cad-89a0-e4daa1853968] stop suricata daemon
Aug 08 18:04:34 opnsense_fixed configd_ctl.py: error in configd communication  Traceback (most recent call last):   File "/usr/local/opnsense/service/configd_ctl.py", line 65, in exec_config_cmd     line = sock.recv(65536) timeout: timed out
Aug 08 18:04:35 opnsense_fixed sshd: Received signal 15; terminating.
Aug 08 18:04:35 opnsense_fixed root: /etc/rc.shutdown: WARNING: $strongswan_enable is not set properly - see rc.conf(5).
Aug 08 18:04:37 opnsense_fixed kernel: 677.063079 [ 798] generic_netmap_dtor       Restored native NA 0
Aug 08 18:04:37 opnsense_fixed syslogd: exiting on signal 15

Can anyone help me with this? I'm using :

OPNsense 16.1.20-i386
FreeBSD 10.2-RELEASE-p19
OpenSSL 1.0.2h 3 May 2016

Intel(R) Celeron(R) D CPU 430 @ 1.80GHz
2GB of RAM

WAN : RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet
LAN : 3Com 3c905C-TX Fast Etherlink XL

Title: Re: Machine Hang After Cron Job
Post by: interkrome on August 11, 2016, 07:01:14 am

Noticed that, the cron job not link anymore for this script :

[stop]
command:/usr/local/etc/rc.d/suricata stop
parameters:
type:script
message:stop suricata daemon

[start]
command:/usr/local/etc/rc.d/suricata start
parameters:
type:script
message:start suricata daemon

[restart]
command:/usr/local/etc/rc.d/suricata restart
parameters:
type:script
message:restart suricata daemon

Title: Re: Machine Hang After Cron Job
Post by: interkrome on August 11, 2016, 07:10:13 am

Thi is my build info :

This is Suricata version 3.0.2 RELEASE
Features: IPFW PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 NETMAP HAVE_PACKET_FANOUT LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK PCRE_JIT HAVE_LIBJANSSON TLS
SIMD support: none
Atomic intrisics: 1 2 4 8 byte(s)
32-bits, Little-endian architecture
GCC version 4.2.1 Compatible FreeBSD Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032), C version 199901
compiled with -fstack-protector
compiled with _FORTIFY_SOURCE=2
L1 cache line size (CLS)=64
thread local storage method: __thread
compiled with LibHTP v0.5.20, linked against LibHTP v0.5.20

Suricata Configuration:
  AF_PACKET support:                       no
  PF_RING support:                         no
  NFQueue support:                         no
  NFLOG support:                           no
  IPFW support:                            yes
  Netmap support:                          yes
  DAG enabled:                             no
  Napatech enabled:                        no

  Unix socket enabled:                     yes
  Detection enabled:                       yes

  libnss support:                          no
  libnspr support:                         no
  libjansson support:                      yes
  hiredis support:                         no
  Prelude support:                         no
  PCRE jit:                                yes
  LUA support:                             no
  libluajit:                               no
  libgeoip:                                yes
  Non-bundled htp:                         yes
  Old barnyard2 support:                   no
  CUDA enabled:                            no
  Hyperscan support:                       no

  Suricatasc install:                      no

  Unit tests enabled:                      no
  Debug output enabled:                    no
  Debug validation enabled:                no
  Profiling enabled:                       no
  Profiling locks enabled:                 no
  Coccinelle / spatch:                     no

Generic build parameters:
  Installation prefix:                     /usr/local
  Configuration directory:                 /usr/local/etc/suricata/
  Log directory:                           /var/log/suricata/

  --prefix                                 /usr/local
  --sysconfdir                             /usr/local/etc
  --localstatedir                          /var

  Host:                                    i386-portbld-freebsd10.2
  Compiler:                                cc (exec name) / clang (real)
  GCC Protect enabled:                     yes
  GCC march native enabled:                no
  GCC Profile enabled:                     no
  Position Independent Executable enabled: no
  CFLAGS                                   -O2 -pipe  -fstack-protector -fno-strict-aliasing -DOS_FREEBSD
  PCAP_CFLAGS
  SECCFLAGS                                -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security

Title: Re: Machine Hang After Cron Job
Post by: franco on August 11, 2016, 08:59:41 am

Hi interkrome,

That's a Cron usage I've not seen before... At some point the Cron jobs were simplified, we don't want all of them to show up. Realtek NIC is generally not advised, although it can work. A lot of people have reported problems in IPS mode.

Suricata takes a long time to stop, I am unsure why, it likely hangs indefinitely while trying to stop IPS mode. Can you at least confirm this is related to IPS mode?

You can also run "/usr/local/etc/rc.d/suricata stop" from the console yourself and see how long it takes, it won't force-timeout.

A bit of updates came into 16.7 with FreeBSD 10.3, also Suricata 3.1.1, it may be better, it may not be.

Let's see what the troubleshooting brings. :)


Cheers,
Franco

Title: Re: Machine Hang After Cron Job
Post by: interkrome on August 11, 2016, 11:41:00 am

Hi Franco,

I created that cron job so i can stop the service at certain hour every day and turn on back the service on certain hour the next day. So in previous build, i edited the actions_ids.conf with that lines. From that, i can select the task from from the command drop-down menu in https://myaddress/ui/cron/

Here is how i came up with that:

https://forum.opnsense.org/index.php?topic=2263.0