Menu
What's new
By:
Filters Better Search

Skynet Latest update break dnsmasq

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

BOFH

BOFH

Occasional Visitor
Hi Guys,

Since the latest Skynet update, dnsmasq is not able to start.

Error:

Bash: 
Dec 29 13:37:55 Net-FE74DEB-C rc_service: service 61051:notify_rc restart_dnsmasq
Dec 29 13:37:55 Net-FE74DEB-C custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
Dec 29 13:37:55 Net-FE74DEB-C custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
Dec 29 13:37:55 Net-FE74DEB-C custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
Dec 29 13:37:57 Net-FE74DEB-C Diversion: started second Dnsmasq instance for alternate blocking list
Dec 29 13:37:57 Net-FE74DEB-C Diversion: restarted Dnsmasq to apply settings
Dec 29 13:37:57 Net-FE74DEB-C dnsmasq[61528]: bad option at line 70 of /etc/dnsmasq.conf
Dec 29 13:37:57 Net-FE74DEB-C dnsmasq[61528]: FAILED to start up
Dec 29 13:37:57 Net-FE74DEB-C custom_script: Running /jffs/scripts/service-event-end (args: restart dnsmasq)
Dec 29 13:37:57 Net-FE74DEB-C uiDivStats: dnsmasq has restarted, restarting taildns
Dec 29 13:38:00 Net-FE74DEB-C admin: Started taildns from .

The DHCP is no more working as expected. New client can't connect to WIFI cause of dhcp


Bash: 
admin@Net:/tmp/home/root#  grep -n ipset /etc/dnsmasq.conf
69:ipset=/1drv.ms/aax-eu.amazon-adsystem.com/aax-us-east.amazon-adsystem.com/acr0.samsungcloudsolution.com/app-measurement.com/asuswrt-merlin.net/asuswrt.lostrealm.ca/bin.entware.net/cdn.staticneo.com/clarium.global.ssl.fastly.net/codeload.github.com/coinbase.com/daisy.ubuntu.com/dbl.oisd.nl/diversion.ch/events-service.coinbase.com/fls-na.amazon-adsystem.com/fwupdate.asuswrt-merlin.net/hostfiles.frogeye.fr/hosts.oisd.nl/hosts.ubuntu101.co.za/ib.adnxs.com/images-na.ssl-images-amazon.com/ir-na.amazon-adsystem.com/ir-uk.amazon-adsystem.com/localhost.localdomain/maurerr.github.io/noticefile.samsungcloudsolution.com/ns11.whois.co.kr/onclkds.com/onedrive.live.com/pagead2.googlesyndication.com/pgl.yoyo.org/pkg.entware.net/raw.githubusercontent.com/servedbyadbutler.com/smallnetbuilder.com/snbforums.com/someonewhocares.org/sourceforge.net/whoami.akamai.net/winhelp2002.mvps.org/wms-eu.amazon-adsystem.com/wms-na.amazon-adsystem.com/wms-na.assoc-amazon.com/ws-eu.amazon-adsystem.com/ws-na.amazon-adsystem.com/z-na.amazon-adsystem.com/iplists.firehol.org/sigs.interserver.net/Skynet-WhitelistDomains # Skynet
70:ipset=/threatview.io/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/astrill.com/strongpath.net/nwsrv-ns1.asus.com/ntp.metas.ch/time.nist.gov/Skynet-WhitelistDomains # Skynet

Any fix ?
 
Last edited:
BOFH said:
Hi Guys,

Since the latest Skynet update, dnsmasq is not able to start.

Error:

Bash: 
Dec 29 13:37:55 Net-FE74DEB-C rc_service: service 61051:notify_rc restart_dnsmasq
Dec 29 13:37:55 Net-FE74DEB-C custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
Dec 29 13:37:55 Net-FE74DEB-C custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
Dec 29 13:37:55 Net-FE74DEB-C custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
Dec 29 13:37:57 Net-FE74DEB-C Diversion: started second Dnsmasq instance for alternate blocking list
Dec 29 13:37:57 Net-FE74DEB-C Diversion: restarted Dnsmasq to apply settings
Dec 29 13:37:57 Net-FE74DEB-C dnsmasq[61528]: bad option at line 70 of /etc/dnsmasq.conf
Dec 29 13:37:57 Net-FE74DEB-C dnsmasq[61528]: FAILED to start up
Dec 29 13:37:57 Net-FE74DEB-C custom_script: Running /jffs/scripts/service-event-end (args: restart dnsmasq)
Dec 29 13:37:57 Net-FE74DEB-C uiDivStats: dnsmasq has restarted, restarting taildns
Dec 29 13:38:00 Net-FE74DEB-C admin: Started taildns from .

The DHCP is no more working as expected. New client can't connect to WIFI cause of dhcp


Bash: 
admin@Net:/tmp/home/root#  grep -n ipset /etc/dnsmasq.conf
69:ipset=/1drv.ms/aax-eu.amazon-adsystem.com/aax-us-east.amazon-adsystem.com/acr0.samsungcloudsolution.com/app-measurement.com/asuswrt-merlin.net/asuswrt.lostrealm.ca/bin.entware.net/cdn.staticneo.com/clarium.global.ssl.fastly.net/codeload.github.com/coinbase.com/daisy.ubuntu.com/dbl.oisd.nl/diversion.ch/events-service.coinbase.com/fls-na.amazon-adsystem.com/fwupdate.asuswrt-merlin.net/hostfiles.frogeye.fr/hosts.oisd.nl/hosts.ubuntu101.co.za/ib.adnxs.com/images-na.ssl-images-amazon.com/ir-na.amazon-adsystem.com/ir-uk.amazon-adsystem.com/localhost.localdomain/maurerr.github.io/noticefile.samsungcloudsolution.com/ns11.whois.co.kr/onclkds.com/onedrive.live.com/pagead2.googlesyndication.com/pgl.yoyo.org/pkg.entware.net/raw.githubusercontent.com/servedbyadbutler.com/smallnetbuilder.com/snbforums.com/someonewhocares.org/sourceforge.net/whoami.akamai.net/winhelp2002.mvps.org/wms-eu.amazon-adsystem.com/wms-na.amazon-adsystem.com/wms-na.assoc-amazon.com/ws-eu.amazon-adsystem.com/ws-na.amazon-adsystem.com/z-na.amazon-adsystem.com/iplists.firehol.org/sigs.interserver.net/Skynet-WhitelistDomains # Skynet
70:ipset=/threatview.io/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/astrill.com/strongpath.net/nwsrv-ns1.asus.com/ntp.metas.ch/time.nist.gov/Skynet-WhitelistDomains # Skynet

Any fix ?
Click to expand...

Removing the 2 lines starting with ipset= and restarting dnsmasq manually seems to solve the error issue and let wifi clients connect back.


After checking the backup, it seems that the file "/jffs/configs/dnsmasq.conf.add" changed from an empty file to a file containing the "ipset" lines
 
Last edited:
Thanks Dave, changing the max-args to 20 seems to fix the issue for me.
 
@Adamm : Is this going to get an "Official Fix"?
 
Last edited:
It looks like the maximum length of a dnsmasq option line can be 1025 characters (MAXDNAME in the dnsmasq option.c source).
 
Sorry. Tested the method with a 1000 domain list and it worked fine so assumed it was okay… reduced the line size to 20 entries.
 
Thanks for super Quick fix. Everything is working again after click update nr 10 :)
 
Adamm said:
Sorry. Tested the method with a 1000 domain list and it worked fine so assumed it was okay… reduced the line size to 20 entries.
Click to expand...

Thank you!
 
Hi - before I reinstall skynet, can someone confirm that 7.3.4 works?
Should I now expect ipset whitelist entries in dnsmasq.conf and dnsmasq.conf_add as I never saw any with 7.2.8 (sorry for the dumb question) ?
Finally, compared to 7.2.8, I am curious what this fix was meant to improve? (why fix if aint broke?)
 
Mister2088 said:
Hi - before I reinstall skynet, can someone confirm that 7.3.4 works?
Should I now expect ipset whitelist entries in dnsmasq.conf and dnsmasq.conf_add as I never saw any with 7.2.8 (sorry for the dumb question) ?
Finally, compared to 7.2.8, I am curious what this fix was meant to improve? (why fix if aint broke?)
Click to expand...
Or, you could try it out and let us know. I am sure it would help out another user who has your same questions.
 
SomeWhereOverTheRainBow said:
Or, you could try it out and let us know. I am sure it would help out another user who has your same questions.
Click to expand...
I have reinstalled Skynet v. 7.3.4. It is working well and dnsmasq started fine.
It did add the following line to /etc/dsnmasq.conf via dnsmasq.conf.add.
ipset=/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/raw.githubusercontent.com/iplists.firehol.org/astrill.com/strongpath.net/snbforums.com/t

I still am not sure what this does. Perhaps @Adamm could explain to all of us one day !
 
Mister2088 said:
I have reinstalled Skynet v. 7.3.4. It is working well and dnsmasq started fine.
It did add the following line to /etc/dsnmasq.conf via dnsmasq.conf.add.
ipset=/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/raw.githubusercontent.com/iplists.firehol.org/astrill.com/strongpath.net/snbforums.com/t

I still am not sure what this does. Perhaps @Adamm could explain to all of us one day !
Click to expand...
An educated observation would be that some of those are the domains used in the downloading of skynets filters. While naturally skynet has already allowlisted the ip addresses of those domains, by adding an ipset into dnsmasq @Adamm has ensured that it is also protected from being blocked via dns as well. This is only just a guess. I may be absolutely wrong.
 
Mister2088 said:
ipset=/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/raw.githubusercontent.com/iplists.firehol.org/astrill.com/strongpath.net/snbforums.com/t
Click to expand...
This line isn’t valid as you posted it. Did you truncate it, or did your terminal emulator wrap it oddly?
 
Mister2088 said:
I have reinstalled Skynet v. 7.3.4. It is working well and dnsmasq started fine.
It did add the following line to /etc/dsnmasq.conf via dnsmasq.conf.add.
ipset=/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/speedguide.net/otx.alienvault.com/github.com/raw.githubusercontent.com/iplists.firehol.org/astrill.com/strongpath.net/snbforums.com/t

I still am not sure what this does. Perhaps @Adamm could explain to all of us one day !
Click to expand...

This change has actually been present in a testing branch for 11 months. Essentially it is a more efficient domain whitelisting method that in theory should keep its-self updated and prevent false positives.

As with any large userbase there are edge cases with updates, unfortunately you experienced one of them.
 
Adamm said:
This change has actually been present in a testing branch for 11 months. Essentially it is a more efficient domain whitelisting method that in theory should keep its-self updated and prevent false positives.

As with any large userbase there are edge cases with updates, unfortunately you experienced one of them.
Click to expand...
Thanks for the explanation. Cheers!
 
You must log in or register to reply here.

Similar threads

B
Scribe /usr/bin/logger messages don't make it to the log file - intermittent issue
Replies
15
Views
1K
bibikalka
B
alan6854321
Dnsmasq crashes, watchdog fails to restart it
2 3
Replies
47
Views
2K
alan6854321
alan6854321
R
ddns: vlan2 not find External WAN IP, go retry.(10)
Replies
8
Views
646
L&LD
L&LD
G
Skynet What's appending this line in dnsmasq.conf.add?
Replies
17
Views
3K
gattaca
G
W
Is one of my add-ons stopping my WAN connection
Replies
3
Views
1K
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
Viktor Jaep Solved Latest entware update borked up Unbound Asuswrt-Merlin AddOns 25
John Fitzgerald Solved Skynet running slow with install/update issues from AMTM? Asuswrt-Merlin AddOns 10
thelonelycoder Is it possible to update all addons through the GUI? Asuswrt-Merlin AddOns 2
johndoe85 Is it possible to update all addons through the GUI? Asuswrt-Merlin AddOns 8
Z Entware Entware update check failed Asuswrt-Merlin AddOns 1
S IOS 17 update brings ads on Diversion Asuswrt-Merlin AddOns 23
J DDNS does not update dyndns.org when WAN IP changes Asuswrt-Merlin AddOns 11
S Unbound Unbound graphical statistics tab doesn't update all groups Asuswrt-Merlin AddOns 4
C AdGuardHome Adguard Auto Update Option Asuswrt-Merlin AddOns 2
S Skynet Update Asuswrt-Merlin AddOns 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 900 (members: 33, guests: 867)
Top