Closed knaackville closed 3 years ago
We put all of our syslog on a graylog server. There's a server on the LAN that recieves all the local syslogs from servers/devices, then forwards to the graylog cloud server. As a workaround I put this into our rsyslog forwarder. The issue still exists, but now it's just invisible 😂
sudo tee /etc/rsyslog.d/07-suppress.conf << "EOF"
:msg, contains, "Found unexpected rule" ~
EOF
sudo systemctl restart rsyslog
I'm seeing something similar - I've got udm-le, ntopng and ntp running and I get
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"dnat'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
Turning off ntp results in a smaller set of warnings...
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
Re-doing the NTP setup with --network host
added to the command appears to have made this issue partially go away (the name and dnat stuff); the invalid remaining rules appear to be
# iptables-save | grep comment | grep CNI
-A POSTROUTING -m comment --comment "CNI portfwd requiring masquerade" -j CNI-HOSTPORT-MASQ
-A CNI-HOSTPORT-SETMARK -m comment --comment "CNI portfwd masquerade mark" -j MARK --set-xmark 0x2000/0x2000
so the --publish argument is waht does this. If you are running --net host try it without the publish. If you are still seeing this, give it a reboot. Make sure you have it run on --net host and do not use the --publish command
Describe the bug Log files in /mnt/data/log/ are filling up with the following about every 5 seconds after adding NTP server as noted in wiki:
UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:' UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"dnat' UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
To Reproduce Steps to reproduce the behavior:
Expected behavior Logs not being filled with above error
UDM Information