search

unifi-utilities / unifios-utilities

A collection of enhancements for UnifiOS based devices
GNU General Public License v3.0
3.89k stars 416 forks source link

NTP server log issues #167

Closed knaackville closed 3 years ago

knaackville commented 3 years ago

Describe the bug Log files in /mnt/data/log/ are filling up with the following about every 5 seconds after adding NTP server as noted in wiki:

UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:' UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"dnat' UDM-Pro user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'

To Reproduce Steps to reproduce the behavior:

  1. Install NTP server as per wiki - https://github.com/boostchicken/udm-utilities/wiki/Add-NTP-Server-Container
  2. Check log files at /mnt/data/log

Expected behavior Logs not being filled with above error

UDM Information

exabrial commented 3 years ago

We put all of our syslog on a graylog server. There's a server on the LAN that recieves all the local syslogs from servers/devices, then forwards to the graylog cloud server. As a workaround I put this into our rsyslog forwarder. The issue still exists, but now it's just invisible 😂

sudo tee /etc/rsyslog.d/07-suppress.conf << "EOF"
:msg, contains, "Found unexpected rule" ~

EOF
sudo systemctl restart rsyslog
jontg commented 3 years ago

I'm seeing something similar - I've got udm-le, ntopng and ntp running and I get

UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"name:'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"dnat'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'

Turning off ntp results in a smaller set of warnings...

UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
UniFi-Dream-Machine-Pro-Home user.notice ubios-udapi-server: ubios-udapi-server: Found unexpected rule --comment '"CNI'
jontg commented 3 years ago

Re-doing the NTP setup with --network host added to the command appears to have made this issue partially go away (the name and dnat stuff); the invalid remaining rules appear to be

# iptables-save | grep comment | grep CNI
-A POSTROUTING -m comment --comment "CNI portfwd requiring masquerade" -j CNI-HOSTPORT-MASQ
-A CNI-HOSTPORT-SETMARK -m comment --comment "CNI portfwd masquerade mark" -j MARK --set-xmark 0x2000/0x2000
boostchicken commented 3 years ago

so the --publish argument is waht does this. If you are running --net host try it without the publish. If you are still seeing this, give it a reboot. Make sure you have it run on --net host and do not use the --publish command