Modify

Opened 3 years ago

#18493 new defect

Luci does not open firewall rules if wan address does not answer reverse lookup

Reported by: luizluca@… Owned by:
Priority: high Milestone: Barrier Breaker 14.07
Component: luci Version: Barrier Breaker 14.07
Keywords: luci firewall Cc:

Description

Hello,

I noticed that luci failed to open any firewall rules. It keeps waiting until a "Bad Gateway The process did not produce any response" appears after 60s.

Doing a strace on the "{luci} /usr/bin/lua /www/cgi-bin/luci" process, I noticed that it tried to do a reverse lookup of one of my wan addresses (I have two and I'm using mwan3 but it is probably not related to mwan3). This is very difficult for a non-dev user to debug and might be common situation.

Doing the lookup using bind-host, it took 10s to fail:

# time host 187.49.x.x
Host x.x.49.187.in-addr.arpa not found: 2(SERVFAIL)
Command exited with non-zero status 1
real    0m 10.01s
user    0m 0.00s
sys     0m 0.00s

I could easily workaround it adding it as static domain entry in /etc/config/dhcp

config domain
       option ip '187.49.x.x'
       option name 'wan1.links'

But Luci should be robust enough to timeout dns lookup before http request times out.

Attachments (0)

Change History (0)

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.