pfBlockerNG-devel v3.1.0_7 / v3.1.0_14
-
@gertjan said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
Line 15 of that file has an issue.
Not the line 15 in the file (btw. its a domain name) - the error refers to the feed position in the group!
Line 15 is the position in the group of the feed that points to the local file! (Changing the feed position in the group results in change of the line number in the error)
-
Ah, ok.
Then what is different ?
Can you create a file called /root/test.xt - as I showed above ?
Can you place the content, as I showed above (7 lines or so) ?
Add the file as a "DNSBL Groups" entry" as I've showed above ?We both use the same pfBlocker-ng version.
-
@gertjan said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
Then what is different ?
I guess the way the script validates the feed url.
Can you create a file called /root/test.xt - as I showed above ?
I did.
Can you place the content, as I showed above (7 lines or so) ?
Yes
Add the file as a "DNSBL Groups" entry" as I've showed above ?
Yes - same error (the content of the file doesnt matter at this point)
We both use the same pfBlocker-ng version.
You under 22.05 and me under 2.6.0 ...
-
Remember :
@gertjan said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
Here a trick : go here : /var/db/pfblockerng/dnsblorig and delete your-file.orig - and reload pfblockerng
Because (I think) : pfblockerng doesn't reload the file, whatever you change in the settings.
It will reload a file or URL after one hours, two hours or whatever you've set.
To really for it : delete the 'orig' files or even all of them : they will get reloaded. As this worked for me. -
@gertjan said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
As this worked for me.
Because (i guess) your v3.1.0_7 on 22.05 is more like v3.1.0_6 was on 2.6.0 ...
-
@fireodo said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
[PFB_FILTER - 2] Invalid URL (not allowed2) [ /root/database/youtubeads.txt ] [ 12/9/22 08:56:50 ]
You need to move these files to the "/usr/local/www" or "/var/db/pfblockerng/" folder, if you intend to keep hosting these files on pfSense. Click on the Blue infoblock icon for the Source Definitions for more details.
Running Cron Update I get this error on this list:
[ EasyList ] Downloading update .. 200 OK
[PFB_FILTER - 17] Failed or invalid Mime Type: [text/x-asm|0]The new code now checks the file magic to determine to the file mime-type.
There is an issue in decoding the magic for some Easylist feeds. I suggest you use the Easylist Feeds that are in the Feeds tab as I have allowed some exceptions until the magic database is updated.
I worked with the Dev to address this issue here:
https://github.com/file/file/commit/31ee773f9cb78ff584872456ea1f139081a01761Just need for that to be updated into FreeBSD and then into pfSense.
-
B BBcan177 pinned this topic on
-
@bbcan177 said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@fireodo said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
[PFB_FILTER - 2] Invalid URL (not allowed2) [ /root/database/youtubeads.txt ] [ 12/9/22 08:56:50 ]
You need to move these files to the "/usr/local/www" or "/var/db/pfblockerng/" folder, if you intend to keep hosting these files on pfSense. Click on the Blue infoblock icon for the Source Definitions for more details.
Ah - i thought that it was just a example in the infoblock - I moved now the files in /var/db/pfblockerng and could save the settings - and works.
Running Cron Update I get this error on this list:
[ EasyList ] Downloading update .. 200 OK
[PFB_FILTER - 17] Failed or invalid Mime Type: [text/x-asm|0]The new code now checks the file magic to determine to the file mime-type.
There is an issue in decoding the magic for some Easylist feeds. I suggest you use the Easylist Feeds that are in the Feeds tab as I have allowed some exceptions until the magic database is updated.
OK understood - I'll do so!
I worked with the Dev to address this issue here:
https://github.com/file/file/commit/31ee773f9cb78ff584872456ea1f139081a01761Just need for that to be updated into FreeBSD and then into pfSense.
Thanks a lot and regards,
fireodo -
It seems I've had v3.1.0_7 on 22.05 for some time. Not sure how that happened. I probably got a txt saying there was an update available a while back and installed it from the shell. Is this a re-release that needs to be reinstalled? No biggie, everything works, though I did need to start unbound after.
-
@provels said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
It seems I've had v3.1.0_7 on 22.05 for some time.
Same here but the packages are definitely not the same.
Comparing file /usr/local/pkg/pfblockerng/pfb_dnsbl.doh.conf on my pfSense+ 22.05 and the one from github commit are different.EDIT: I think we should wait https://www.reddit.com/r/pfBlockerNG/comments/zg9ipo/comment/izjaun5
-
@emikaadeo
What hardware?
amd64, arm64, or armv7"Experience is something you don't get until just after you need it."
Website: http://pfBlockerNG.com
Twitter: @BBcan177 #pfBlockerNG
Reddit: https://www.reddit.com/r/pfBlockerNG/new/ -
@bbcan177
amd64 -
@provels 3.1.0_7 came out in late October or thereabouts, to fix the CPU usage/logging bug.
https://redmine.pfsense.org/issues/13154#note-17 -
This post is deleted! -
-
@emikaadeo said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@jdeloach said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@steveits
@provels
It came out for 22.x but not for CE 2.6.x. I think that is what is confusing everyone. including @BBcan177.3.1.0_7 "from Netgate" and 3.1.0_7 from @BBcan177 are not the same packages.
Code is different.This is not the only package that has differences between the maintainers and Netgate versions.
Snort and Suricata both suffer the same issues, @bmeeks.
Edit: Long term, it is one hell of mess that's going to be hard to fix.
-
@jdeloach said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
Edit: Long term, it is one hell of mess that's going to be hard to fix.
Exactly ;)
-
@jdeloach said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
Snort and Suricata both suffer the same issues, @bmeeks.
Edit: Long term, it is one hell of mess that's going to be hard to fix.Not sure what you are talking about here. I am the only maintainer for the Snort and Suricata packages. Everything Netgate has done in either package (and it's not really all that much) has been run by me for approval before merging. Viktor Gurov made several contributions to Suricata (and a few to Snort), but everything he did was run by me first.
Right now there are different package version numbers in pfSense RELEASE versus pfSense DEVELOPMENT due to the move to PHP 8.1 in the next pfSense releases. That required a ton of changes to the PHP code that are NOT backwards compatible with the PHP 7.4 that is used in the current release code. There are no feature differences between the package versions in current pfSense CE and Plus RELEASE versions and the new versions in the DEVELOPMENT branches of CE and Plus. The only changes are those required to make the packages work with PHP 8.1.
Any work other than a really critical bug fix is on hold in the current RELEASE branch as the focus has been on PHP 8.1 in the DEVELOPMENT branch.
-
Me again
Auto-Sort on IP/DNSBL-Groups seams not to working anymore (in 3.1.0_7 for 2.6.0) and (not really important) shallalist is obsolete - I do not think she (the shallalist) will come back.
Wish you all a fine Weekend,
fireodo -
@bbcan177 said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@emikaadeo
What hardware?
amd64, arm64, or armv7I'm a bit confused myself. Update to 3.1.0_7 came to my test box on 22.05 (and 2.6) on Oct 25 already. Checked the logs to be sure, no update since then. PKG list shows "current version" with no update showing up.
So seems like perhaps a version mismatch by the package crew of Netgate (for that CPU bugfix) and you own versioning?
What about using this version to make a final 3.1.1 version and push that to pfBlocker-stable so we get rid of the oldold stable version that has so many little flaws now?
Cheers
\jens -
@jegr said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@bbcan177 said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14:
@emikaadeo
What hardware?
amd64, arm64, or armv7I'm a bit confused myself. Update to 3.1.0_7 came to my test box on 22.05 (and 2.6) on Oct 25 already. Checked the logs to be sure, no update since then. PKG list shows "current version" with no update showing up.
So seems like perhaps a version mismatch by the package crew of Netgate (for that CPU bugfix) and you own versioning?
Same here. Any idea what's going on?
