Firewall reloading every time when different lease time is obtained after udhcpc: sending renew

Could coincide with the lease renewal for the WAN IP.

1 Like

WHOA!!!!

@sppmaster - i thought this said ifup - it does not. @anon89577378 may be right...but we still donno why...

The interface was updated, not merely brought back up.

And I just tested...

Fri Jan 28 11:08:56 2022 user.notice firewall: Reloading firewall due to ifup of wan (eth1)

All interfaces connected/related to/using WAN also did so after WAN.

What is this ifupdate???

This still isn't normal with a DHCP renewal.

Lease renewals and times -

Fri Jan 28 05:50:14 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 3600
Fri Jan 28 06:20:15 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 7200
Fri Jan 28 07:20:15 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 3601
Fri Jan 28 07:50:15 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 7200
Fri Jan 28 08:50:15 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 3600
Fri Jan 28 09:20:15 2022 daemon.notice netifd: wan (2326): udhcpc: lease of xx.xx.32.172 obtained, lease time 7200

Firewall restarts and times -

Fri Jan 28 05:50:15 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 06:20:15 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 07:20:15 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 07:50:16 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 08:50:16 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 09:20:15 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)

Timestamps match.

1 Like

Indeed. I agree (I saw), but this behavior is abnormal.

Of course it is.

Something is up with udhcpc on that device.

Not the first time this has been reported...

2 Likes

And the OP mentioned...

1 Like

@sppmaster

The thread @anon89577378 posted was related to a misconfigured adblock update.

How is your Adblock configured to update?

screen279

I'd probably just turn Adblock off temporarily and see if the issue stops.

1 Like

I've already done this but this hasn't resolved it.

Try uninstalling it.

you need to edit /etc/hotplug.d/iface/20-firewall to dump ifupdate data to the logs...

### EXISTINGLINE [ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA" ] && exit 0
### NEWLINE
[ "$ACTION" = "ifupdate" ] && echo "20-firewall> $ACTION UA:$IFUPDATE_ADDRESSES UD:$IFUPDATE_DATA" | logger
4 Likes

Let's see what's going on.

1 Like

Here it is

Fri Jan 28 15:40:38 2022 daemon.notice netifd: wan (2120): udhcpc: sending renew to xx.32.1
Fri Jan 28 15:40:38 2022 daemon.notice netifd: wan (2120): udhcpc: lease of xx.32.172 obtained, lease time 7200
Fri Jan 28 15:40:38 2022 user.notice root: 20-firewall> ifupdate UA: UD:1
Fri Jan 28 15:40:38 2022 user.notice firewall: Reloading firewall due to ifupdate of wan (eth0.2)
Fri Jan 28 15:40:44 2022 user.info adblock-4.1.3[4829]: adblock instance started ::: action: start, priority: 10, pid: 4829
Fri Jan 28 15:41:38 2022 daemon.info dnsmasq[4482]: exiting on receipt of SIGTERM
Fri Jan 28 15:41:38 2022 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!
Fri Jan 28 15:41:38 2022 user.notice dnsmasq: Allowing 127.0.0.0/8 responses

everytime followed by

user.notice root: 20-firewall> ifupdate UA: UD:1
1 Like

in this case... i tend to agree that...

you can/should report a bug... there are also some helpful hotplug examples on the forum that you could use to compare that the ip has not changed and skip the reload... (as an interim workaround)

in your case you could maybe try something like;


[ "$ACTION" = "ifupdate" ] && [ -z "$IFUPDATE_ADDRESSES" ] && [ "$IFUPDATE_DATA" = "1" ] && exit 0
1 Like

Just because it hasn’t been suggested, how about making a backup and then resetting to defaults. See if the behavior occurs on a fresh config. Then install any additional packages (one at a time, except for dependencies of course) and see if you can pinpoint when the problem first manifests.

It seems like this could trigger if the leasetime is different on the renewal (run ifstatus wan and look at the data section). I saw this same behavior today when my lease renewed, but mine renews every 2+ days.

As I wrote earlier this is inconvenient at the moment because I will lose connection to the router.

Leasetime is 7200

Except when it showed 3600.

1 Like