search

home-assistant / core

:house_with_garden: Open source home automation that puts local control and privacy first.
https://www.home-assistant.io
Apache License 2.0
70.97k stars 29.62k forks source link

opnsense integration causing error #46346

Closed ohhai-kthxbai closed 3 years ago

ohhai-kthxbai commented 3 years ago

The problem

Opnsense integration was working but after upgdade of opnsense appears to be broken (see logs below)

I suspect it's because..

From the opnsense 21.1 changelog https://forum.opnsense.org/index.php?topic=21147.0

o system: removed unused gateway API dashboard feed

What is version of Home Assistant Core has the issue?

2021.2.2

What was the last working version of Home Assistant Core?

No response

What type of installation are you running?

Home Assistant OS

Integration causing the issue

opnsense

Link to integration documentation on our website

https://www.home-assistant.io/integrations/opnsense/

Example YAML snippet

# Put your YAML below this line

Anything in the logs that might be useful for us?

# Put your logs below this line

 Logger: homeassistant.setup
Source: components/opnsense/__init__.py:53
First occurred: 20:52:14 (1 occurrences)
Last logged: 20:52:14
Error during setup of component opnsense

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 445, in _make_request
    six.raise_from(e, None)
  File "<string>", line 3, in raise_from
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 440, in _make_request
    httplib_response = conn.getresponse()
  File "/usr/local/lib/python3.8/http/client.py", line 1347, in getresponse
    response.begin()
  File "/usr/local/lib/python3.8/http/client.py", line 307, in begin
    version, status, reason = self._read_status()
  File "/usr/local/lib/python3.8/http/client.py", line 268, in _read_status
    line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
  File "/usr/local/lib/python3.8/socket.py", line 669, in readinto
    return self._sock.recv_into(b)
  File "/usr/local/lib/python3.8/ssl.py", line 1241, in recv_into
    return self.read(nbytes, buffer)
  File "/usr/local/lib/python3.8/ssl.py", line 1099, in read
    return self._sslobj.read(len, buffer)
socket.timeout: The read operation timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 439, in send
    resp = conn.urlopen(
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 755, in urlopen
    retries = retries.increment(
  File "/usr/local/lib/python3.8/site-packages/urllib3/util/retry.py", line 531, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python3.8/site-packages/urllib3/packages/six.py", line 735, in reraise
    raise value
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 699, in urlopen
    httplib_response = self._make_request(
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 447, in _make_request
    self._raise_timeout(err=e, url=url, timeout_value=read_timeout)
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 336, in _raise_timeout
    raise ReadTimeoutError(
urllib3.exceptions.ReadTimeoutError: HTTPSConnectionPool(host='192.168.*.*', port=443): Read timed out. (read timeout=5)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/setup.py", line 213, in _async_setup_component
    result = await task
  File "/usr/local/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/src/homeassistant/homeassistant/components/opnsense/__init__.py", line 53, in setup
    interfaces_client.get_arp()
  File "/usr/local/lib/python3.8/site-packages/pyopnsense/diagnostics.py", line 52, in get_arp
    return self._get('diagnostics/interface/getArp')
  File "/usr/local/lib/python3.8/site-packages/pyopnsense/client.py", line 51, in _get
    response = requests.get(req_url, verify=self.verify_cert,
  File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 655, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 529, in send
    raise ReadTimeout(e, request=request)
requests.exceptions.ReadTimeout: HTTPSConnectionPool(host='192.168.*.*', port=443): Read timed out. (read timeout=5)
probot-home-assistant[bot] commented 3 years ago

opnsense documentation opnsense source (message by IssueLinks)

probot-home-assistant[bot] commented 3 years ago

Hey there @mtreinish, mind taking a look at this issue as its been labeled with an integration (opnsense) you are listed as a codeowner for? Thanks! (message by CodeOwnersMention)

cannondale0815 commented 3 years ago

I can confirm this issue on my end. It seems to have started when upgrading OPNsense to 21.1.x.

I get the same "read timed out" errors as above.

I posted about the issue here as well: https://forum.opnsense.org/index.php?topic=21439.0

cannondale0815 commented 3 years ago

Yes, so for the time being, the HA -> OPNsense integration is no longer working.

QBANIN commented 3 years ago

I have the same issue core-2021.2.3 + OPNsense 21.1. (after upgrade from 20.7.)

wahlis commented 3 years ago

I can also confirm the same issue when trying to set up on 21.1.1

emkay82 commented 3 years ago

It seems this bug needs to be fixed in Opnsense (Issue). Alternatively, there is this temporary fix from "fedot". Not tested though.

cannondale0815 commented 3 years ago

I switched to Nmap for tracking presence, which works just as well. https://www.home-assistant.io/integrations/nmap_tracker/

Entry in my configuration.yaml is as follows:

    device_tracker:
      - platform: nmap_tracker
        home_interval: 10
        scan_options: " --privileged -sn "
        hosts:
          - 192.168.5.195   #Phone 1
          - 192.168.5.114   #Phone 2
xorbital commented 3 years ago

It seems this bug needs to be fixed in Opnsense (Issue). Alternatively, there is this temporary fix from "fedot". Not tested though.

Yeah, that'll be me, I just hacked that together and increased the timeouts. Home Assistant takes a very long time to start up now, probably because it's pulling the git repo everytime. I think this issue is a little deeper than just the API, the WebUI also takes a long time responding with the ARP table data :confused: Make sure to drop a thumbs up on the upstream issue if you're affected as well.

xorbital commented 3 years ago

The great guys over at opnsense took care of it for now, to fix it temporarily, SSH into your opnsense, open the shell and enter

opnsense-patch dd2231e

This patch should be live in the next release or two.

ohhai-kthxbai commented 3 years ago

Thank you @xorbital ! Looks like this is resolved, with no further changes required to HA.

fichtner commented 3 years ago

OPNsense dev here: The Python netaddr 0.8.0 library is slow to respond on certain requests and we merely worked around for 21.1.2 out since Tuesday. It would be helpful to have the request URL in the stack trace / error log. The stack trace itself isn't very helpful for projects integrated into home-assistant when users report the API broken when it is not.

Cheers, Franco

xorbital commented 3 years ago

You're right, there's only part of it there

File "/usr/local/lib/python3.8/site-packages/pyopnsense/diagnostics.py", line 52, in get_arp return self._get('diagnostics/interface/getArp')

The full URL of the GET request is https://opnsense/api/diagnostics/interface/getArp As I've said in the issue in the opnsense repo, the opnsense UI responded slow as well :thinking:

fichtner commented 3 years ago

The issue is in your timeouts primarily. It's ok to use them but to infer problems because the software can't wait is problematic. It's not like a 404 or 500 you are seeing...

xorbital commented 3 years ago

Hm, you think we should increase the timeout? IIRC opnsense takes up to 15min until dropping a peer from the ARP table after a disconnect, right? So polling it every 12 seconds might not provide too much value anyway.

fichtner commented 3 years ago

sure, 2-10 minutes is probably fine. it depends on the use of this information, if you need to react probably nearer to the two minutes, otherwise more to the 10.

If we hit a hard timeout with a HTTP response error let me know. Here it looked like we didn't but I could be wrong.

Cheers, Franco