Messages

1

Development and Code Review / Re: pluginctl -s syslogd restart overwrites /var/etc/syslog.conf

« on: July 14, 2020, 12:58:03 am »

Did you ever figure this out? Also looking to implement some forwarding here...

Found it, documenting here as it was the first google result for my issue:

The file

Code: [Select]

/usr/local/etc/inc/system.inc contains a function named

Code: [Select]

system_syslogd_start, the file is defined and written there. I dont' have any idea yet how to change it so that it survives an OPNsense update, so...

2

19.7 Legacy Series / syslogd segfault + core dump

« on: January 17, 2020, 08:54:57 pm »

Hey everybody,
I've recently replaced my Ubiquiti EdgeRouter with a VM running

Code: [Select]

OPNsense 19.7.9_1-amd64 - FreeBSD 11.2-RELEASE-p16-HBSD - LibreSSL 3.0.2. It has 2 cores and 4 GB memory, storage is an SSD. I first installed it ~1 month ago.

I recently noticed that it had completely stopped logging a few days ago. I couldn't figure anything specific out, checked System -> Settings -> Logging and made sure "Disable writing log files to the local disk" wasn't ticked. I compared the Logging config with another OPNsense that I run and that logs totally fine.
I tried the "Reset log files" button, and also to raise the log file size. Nothing helped, and being a Windows user on the Desktop and a Linux user when it comes to servers, I began to learn the basics of *BSD to troubleshoot.

I ended up in /var/log, which looks like this (see attachment #1).

So all circular log files haven't been touched since the moment of log file reset. I did then compare a

Code: [Select]

ps aux | grep log and noticed that my properly logging firewall has a process

Code: [Select]

/usr/local/sbin/syslogd -s -c -c -P /var/run/syslog.pid -p /var/run/legacy_log -S /var/run/legacy_logpriv -k -s -s -f /var/etc/syslog.conf, which seems to be kicked off by init.

After restarting a few times, I noticed that syslogd exists for a short time, and then is gone. Further investigation shows a core dump file in /syslogd.core and a dmesg entry like this:

Code: [Select]

*** hostname: OPNsense 19.7.9_1 (amd64/LibreSSL) ***

 LAN (em2)       -> v4: 192.168.23.1/24
 WAN (em1)       -> v4: 192.168.22.2/24
 X_GUEST (em3)   -> v4: 192.168.24.1/24
 X_IOT (em0)     -> v4: 192.168.25.1/24

 HTTPS: SHA256 25 12 AE C3 10 82 D6 02 5F E2 36 4C 6B F0 62 F4
               69 3F FF 6F D0 E4 A6 C5 F2 01 B4 1C BF 1D 91 5B
 SSH:   SHA256 nKB0SuJHPxKLX8ysmjDA0jKwGAjBzkfVq6itnV28RNA (ECDSA)
 SSH:   SHA256 fLgrWA1Eix6IlIF8bUN1s4nCXzQGOvGTO8YSyLtGAus (ED25519)
 SSH:   SHA256 JHuEQmuKutFRqgNhym1tRnUnMgn8bbl81DbXqbIisDU (RSA)
pid 49361 (syslogd), uid 0: exited on signal 11 (core dumped)

The only thing I could get out of the core file is:

Code: [Select]

Core was generated by `/usr/local/sbin/syslogd -s -c -c -P /var/run/syslog.pid -p /var/run/legacy_log -'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000026d40a0b406 in ?? ()
(gdb) bt
#0  0x0000026d40a0b406 in ?? ()
#1  0x0000000000000000 in ?? ()

And that's where I'm stuck - any idea how to proceed or what causes this?

Kind regards
xpac

3

Development and Code Review / Re: How to update MAC vendor db?

« on: January 13, 2020, 03:56:52 pm »

This is the most easy to find posting on this issue via Google.
As this is still an issue and the file is still as old as before, I've opened an issue on this:
https://github.com/opnsense/core/issues/3883