Which means the python scripts doesn't produce any output any more. It only goes away if i stop pfBlockerNG.Īnd when unbound isn't running, the underlying pfBlockerNG python scripts isn't running any more. I still have a command named "Unbound" in "top -m io" that does about 200 - 300Kb/s writes to disk. It only goes away if i stop said in Should I be using Unbound Python mode? Is it said in Should I be using Unbound Python mode? Is it stable?: If I have no clients active at all, and I stop Unbound (No DNS available), I still have a command named "Unbound" in "top -m io" that does about 200 - 300Kb/s writes to disk. I'm well versed in which components does what, and that's why I have been posting in detail that the issue is with pfBlockerNG: If your network has devices (users !) that try to visit all the sites YOU try to block, pfBlockerNG will start to log all these events. That's what you want, right ? said in Should I be using Unbound Python mode? Is it said in Should I be using Unbound Python mode? Is it stable?: On my network, just 10 PC and some phones / tablets, we don't tend to visit sites that need to be clocked (why would we visit sites we don't want to look at in the first place ?) so that's my pfBlockerNG does't do (= log !) much. I'm using pfBlockerNG with python mode for the last year or so. This is the graph of my disk space (140 Gb total) - the last day, week, month and year. PfBlockerNG also makes nice stats, shart and lists so you can see what it does, now, last hours and yesterday. To make it work, it needs to have access to the DNS activity. Without unbound, pfBlockerNG can't do anything This means pfBlockerNG stops producing data. If unbound doesn't run, you have no DNS resolution any more (this is a already bad situation). PfBlockerNG handles upon the data it sees flowing through unbound, and handling upon it = accepting or refusing, what makes 'unbound' not really resolving the DNS request = the host name looks like to be blocked. not by reading what unbound logs i it's log file, but by using internal functionalities it exposes by adding an "addon" (written in Python) to it. The only thing pfBlockerNG actually does, is making unbound more verbose. That means an initial "write" of a file and (very) little afterwards. When you add some feeds, it will load them ones, and keeps them updated. Stopping pfBlockerNG stops the writing - Stopping unbound does not, so it’s something happening within pfBlockerNG Stopping pfBlockerNG stops the writing - Stopping unbound does not, so it’s something happening within pfBlockerNG.ĭisabling python mode also prevents the said in Should I be using Unbound Python mode? Is it stable?: So it seems to be some kind of loop caused by my pfBlockerNG config/pfSense setup. It even happens with no active clients and DNS lookups being done. I have been unable to prevent it from happening in my setups, regardless of disabling all logging and so forth. This happens on all my installs, and looking at “top -m io” it’s a Unbound command that causes the IO. I have been forced to disable python mode on three seperate installs I have running because pfBlockerNG’s script interaction with python causes a sustained write to disk (UFS filesystem) of about 100 -> 400Kb/s. Some installs also has a noticeable sustained disk write issue (between 100 -> 400Kb/s) even though all pfBlockerNG/Unbound logging is disabled. Said in Should I be using Unbound Python mode? Is it said in Should I be using Unbound Python mode? Is it stable?:
0 Comments
Leave a Reply. |