Problem with pfBlockerNG List - How can I fix it? [SOLVED]
-
There appears to be an issue with these two lists:
http://hosts-file.net/exp.txt
http://hosts-file.net/hjk.txtthat appear on firehol_level1 that are causing problems:
**[ hphosts_exp ] Downloading update .. 200 OK. completed ..
[ pfB_Level_1 hphosts_exp ] List Error ][ hphosts_hjk ] Downloading update [ 01/19/17 13:08:31 ] .. 200 OK. completed ..
[ pfB_Level_1 hphosts_hjk ] List Error ]**I am assuming that the "converted lists" should be stored in /var/db/pfblockerng/deny , and there is no file corresponding to hphosts exp/hjk.
How do I find out what is causing the problem, and more importantly fix it/remove the offending line so that I can use the rest of the list.
In case anyone wants to see it, the full log is below:
UPDATE PROCESS START [ 01/19/17 13:08:26 ] Clearing all DNSBL Feeds... ** DNSBL Disabled ** ===[ Continent Process ]============================================ ===[ IPv4 Process ]================================================= [ hphosts_psh ] exists. [ 01/19/17 13:08:27 ] [ badips ] exists. [ openbl_90d ] exists. [ stopforumspam_toxic ] exists. [ botscout ] exists. [ malc0de ] exists. [ cleanmx_phishing ] exists. [ greensnow ] exists. [ maxmind_proxy_fraud ] exists. [ hphosts_emd ] exists. [ hphosts_exp ] Downloading update .. 200 OK. completed .. [ pfB_Level_1 hphosts_exp ] List Error ] [ hphosts_hjk ] Downloading update [ 01/19/17 13:08:31 ] .. 200 OK. completed .. [ pfB_Level_1 hphosts_hjk ] List Error ] [ iblocklist_spyware ] exists. [ 01/19/17 13:08:32 ] [ dshield ] exists. [ zeus_badips ] exists. [ feodo_badips ] exists. [ ransomware_rw ] exists. [ et_compromised ] exists. [ et_block ] exists. [ spamhaus_drop ] exists. [ spamhaus_edrop ] exists. [ sslbl ] exists. [ snort_ipfilter ] exists. [ bambenek_c2 ] exists. [ alienvault_reputation ] exists. [ malwaredomainlist ] exists. [ nt_malware_http ] exists. [ nt_malware_dns ] exists. [ nt_ssh_7d ] exists. [ bruteforceblocker ] exists. [ blocklist_de ] exists. [ ciarmy ] exists. [ feodo ] exists. [ zeus ] exists. ===[ IPv6 Process ]================================================= ===[ Aliastables / Rules ]========================================== No changes to Firewall rules, skipping Filter Reload No Changes to Aliases, Skipping pfctl Update ===[ Kill States ]================================================== No matching states found ====================================================================== UPDATE PROCESS ENDED [ 01/19/17 13:08:34 ] -
These 2 lists are to be used with DNSBL.
-
And there is also a combined DNSBL feed from hpHosts:
http://hosts-file.net/download/hosts.zip
-
OK, I get it now. I thought that pfB was doing a reverse DNS on those names, but now that you tell me that…
So is it correct to assume that I can import any "hosts" file into the DNSBL?
-
Firehol is converting those Domain based lists into an IP format… I'd not recommend that... The pfBlockerNG package has an IP and a Domain section.... so best to use the applicable format (IP or DNSBL)...
Yes hpHosts has individual Feeds, or the combined feed linked above... Take a look at their website for further details.
