DNSBL Group Disabled

BBcan177

Do you see any errors in pfblockerng.log or error.log?

newUser2pfSense

@bbcan177 Checking both logs you suggested, specifically for January 2, 2023 -

From the pfblockerng.log, FM_Spam and Matomo_Spam had 4 matches:

[ FM_Spam ]
( md5 feed ) . 200 OK
( md5 unchanged ) Update not required
[ FM_Spam ] exists.
0 /var/db/pfblockerng/dnsbl/FM_Spam.txt
Sep 30 17:23 FM_Spam

[ Matomo_Spam ]
( md5 feed ) . 200 OK
( md5 unchanged ) Update not required
[ Matomo_Spam ] exists.
0 /var/db/pfblockerng/dnsbl/Matomo_Spam.txt
Oct 17 20:00 Matomo_Spam

The error.log showed nothing for either FM_Spam or Matomo_Spam. As well, DNSBL_Firebog_Suspicious, could not be found.

BBcan177

@newuser2pfsense I can't seem to reproduce this. Could you run a Force Reload - All and see how that goes?

nimrod

@bbcan177

I had similar issue with this feed:

https://hosts.oisd.nl

If you click on this link, download save dialog pops up which means the link is valid and working.

Since the last pfBlocker update i noticed that this feed was disabled. I forced reload - all and it fails to download. I resolved the issue by changing source link in that feed from

https://hosts.oisd.nl

to

https://hosts.oisd.nl/

Forced reload - all and file was downloaded successfully and feed was enabled.

I hope this info is somehow useful.

BBcan177

@nimrod the new code fails with no path defined. So when you added the trailing slash that resolved that. I have to see if it's best to leave the validation as is or have users add a trailing slash.

nimrod

@bbcan177 said in DNSBL Group Disabled:

@nimrod the new code fails with no path defined. So when you added the trailing slash that resolved that. I have to see if it's best to leave the validation as is or have users add a trailing slash.

Here is another thing i found. If you apply this hotfix via system patches package...

it will cause IP block counter in pfBlocker widget to constantly reset back to 0.

When IP gets blocked counter will show the number of blocked IPs for a few minutes, and then goes to 0 again.

It doesnt bother me. IPs are still getting blocked and i can see them in reports. Just wanted to throw this in because some people think that IP blocking is not working because IP counter is constantly showing 0.

newUser2pfSense

@BBcan177 I completed a Force Reload with no change.

@nimrod I tried putting the slash as the end of the URL. It didn't work unfortunately. Thanks for the info though.

newUser2pfSense

@newuser2pfsense As a further test to see what would happen, I tried to delete both of the entries. I was able to delete Matomo_Spam but when I went to delete FM_Spam, I received the following message -

What last row may not be deleted? What last row is the message describing?

nimrod

@newuser2pfsense said in DNSBL Group Disabled:

@newuser2pfsense As a further test to see what would happen, I tried to delete both of the entries. I was able to delete Matomo_Spam but when I went to delete FM_Spam, I received the following message -

What last row may not be deleted? What last row is the message describing?

The row where you see the link. Thats how it works for everyone.

You leave the last row intact, go back one step, and then delete the row from DNSBL Groups tab by clickin on the can icon.

This is basic stuff man.

newUser2pfSense

@nimrod Thanks for showing me where to delete. I won't bother you again.