Cron job - Reset states- How?

[chemlud]

Hi again!

From time to time I have to reset the states with a simple

Code Select Expand

/sbin/pfctl -F state

via Cron.

However, I don's see any "free text" option for Cron under "System"-"Settings"-"Cron".

Is it possible to create an arbitrary Cron job and switch the <command> in the config.xml to make this work?

[chemlud]

Any help on that highly appreciated!

[chemlud]

Is there no way to create a custom cron job? Maybe from command line?

[marjohn56]

You need to create an entry for the job for configd, it then creates the cron job,


Have a look here.


http://kb.unixservertech.com/other/networking/opnsense/cron-jobs

[chemlud]

OK, many thanks, something to start with. Will the basic command

Code Select Expand

/sbin/pfctl -F state

work for OPNsense, as it comes from the other side of the sense universe?

Is nano present on OPNsense by default or how to "create a file" in the respective directory...

There really is no simple way to create a Cron job with a custom command? Really strange...

Many thanks in advance!

[marjohn56]

OK, many thanks, something to start with. Will the basic command

Code Select Expand

/sbin/pfctl -F state

work for OPNsense, as it comes from the other side of the sense universe?

Is nano present on OPNsense by default or how to "create a file" in the respective directory...

There really is no simple way to create a Cron job with a custom command? Really strange...

Many thanks in advance!

No it wont work, or should I say 'I doubt it will work'. It's all to do with security I suspect. It's really very very easy. Firstly, you need to create a conf file for your cron event. Here's one I use for ping check. It runs every ten minutes and if if fails continuously then it will reboot opnsense.

Code Select Expand


[load]
command:/usr/local/sbin/ping_check.sh
parameters:
type:script
message:starting ping check
description:ping_check


So you could just try using your command in the conf file, command and params, however, you may prefer to create a shell script and call that as I have done above.

Either way, once all is in place issue the command 'service configd restart' in the shell.

Now go to System->Settings-Cron and add your new entry, you should find your function is now listed in the drop down when you add a new job.

[chemlud]

...i'm logged in via SSH, but how to create/edit a file? nano is not in place, which editor is there (hopefully not vi....)

I'm a little lost....

PS: found libedit in the Packages, but this seems the same/more pain than vi at first sight... is there a simple editor available?

[fabian]

you can install vim (vim-lite) and emacs (emacs-nox) via pkg (both are in the repository). But you can also upload the file using sftp.

[GDixon]

I like nano also and had to use pkg add .  It works well.

[chemlud]

I used vi now (copy&paste :-D) and created:

Code Select Expand

[load]
command:/sbin/pfctl -F state
parameters:
type:script
message:kill all states
description: kill_states

could establish a Cron job afterwards, but apparently the states are not killed... What's wrong here?

PS: Have to correct me, apparently the states are killed now, dunno why it didn't work first time... :-)

[marjohn56]

...i'm logged in via SSH, but how to create/edit a file? nano is not in place, which editor is there (hopefully not vi....)

I'm a little lost....

PS: found libedit in the Packages, but this seems the same/more pain than vi at first sight... is there a simple editor available?

Simples... I use windows, therefore I create the file using notepad++ - remember to set end of line to Unix style, then I use WinSCP to transfer... sooo easy.