DNSBL category blacklist not loading // pfsense 21.02_1 with pfBlockerNG-devel 3.0.0_10

houbidoo · Mar 3, 2021, 8:57 AM

Hello,

I have a problem on our XG-7100 1U after upgrade to pfsense 21.02_1 with pfBlockerNG-devel 3.0.0_10.

The blacklist (UT1 porn category and some others) is not loading.

I have a couple of boxes with the same settings and pfsense 2.4.5p1 running and it works fine.
IPv4 lists are working fine, too. I already tried reinstalling the package, force reloads, etc.

Is there any known bug?
I also had problems with unbound starting and couple of failures in the unbound log that the root DNS are not answering after upgrade to 21.02. But nothing showing any problems with DNSBL.

some output...

UPDATE PROCESS START [ v3.0.0_10 ] [ 03/3/21 09:55:51 ]

===[ DNSBL Process ]================================================

Clearing all DNSBL Feeds

TLD Analysis not required.
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver... completed [ 03/3/21 09:55:52 ]
Restarting DNSBL Service (DNSBL python)
DNSBL update [ 0 | PASSED ]... completed

===[ GeoIP Process ]============================================

===[ IPv4 Process ]=================================================

[ fireholLevel1_v4 ] exists.
[ fireholLevel2_v4 ] exists.
[ fireholLevel3_v4 ] exists.
[ ET_Block_v4 ] exists.
[ ET_Comp_v4 ] exists.

===[ Aliastables / Rules ]==========================================

No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

===[ Kill States ]==================================================

Firewall state(s) validation for [ 727 ] IPv4 address(es)...
No matching states found

======================================================================

UPDATE PROCESS ENDED [ 03/3/21 09:55:56 ]

BBcan177 · Mar 3, 2021, 5:30 PM

@houbidoo said in DNSBL category blacklist not loading // pfsense 21.02_1 with pfBlockerNG-devel 3.0.0_10:

UPDATE PROCESS START [ v3.0.0_10 ] [ 03/3/21 09:55:51 ]
===[ DNSBL Process ]================================================
Clearing all DNSBL Feeds
TLD Analysis not required.
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver... completed [ 03/3/21 09:55:52 ]
Restarting DNSBL Service (DNSBL python)
DNSBL update [ 0 | PASSED ]... completed
===[ GeoIP Process ]============================================
===[ IPv4 Process ]=================================================
[ fireholLevel1_v4 ] exists.
[ fireholLevel2_v4 ] exists.
[ fireholLevel3_v4 ] exists.

Looks like DNSBL and/or Blacklist settings are not enabled? Enable and Force Reload - All

Also do not recommend to use Firehol Level 1, as that feed contains bogons.

The latest version is v3.0.0_14

houbidoo · Mar 4, 2021, 4:34 PM

@bbcan177 Thx for your answer

With the 21.02-RELEASE-p1 (amd64) Release the newest version of the pfBlockerNG-devel shown in the web gui is 3.0.0_10. Is there any way to manually install the newer version?

pfBlockerNG enabled
DNSBL enabled (python and normal mode tested)
DNS resolver (no dhcp registration, etc.)
stopped all, force reloaded, uninstall force reloaded...

Doesn't matter what i do the UT1 list will not be downloaded and no error is shown.

BBcan177 · Mar 4, 2021, 4:34 PM

@houbidoo
Post a screenshot of the UT1 Settings

houbidoo · Mar 4, 2021, 5:00 PM

@bbcan177

BBcan177 · Mar 4, 2021, 5:48 PM

@houbidoo
Goto the pfBlockerNG > Logs Tab, and review the "extras.log", and see if the UT1 download it getting blocked.

Run this command from the shell and see what it reports:

/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php bl ut1

houbidoo · Mar 5, 2021, 6:57 AM

@bbcan177 ahhh, the "extras-log", okay.

The list seems to be downloaded. The last 2 days automatically and now via shell

*Country code update Start [ 03/3/21 09:31:27 ]
Processing ISO IPv4 Continent/Country Data [ 03/3/21 09:31:28 ]
Processing ISO IPv6 Continent/Country Data [ 03/3/21 09:31:43 ]
Creating pfBlockerNG Continent PHP files
IPv4 Africa [ 03/3/21 09:31:47 ]
IPv6 Africa [ 03/3/21 09:31:48 ]
IPv4 Antarctica
IPv6 Antarctica
IPv4 Asia
IPv6 Asia [ 03/3/21 09:31:50 ]
IPv4 Europe
IPv6 Europe [ 03/3/21 09:31:55 ]
IPv4 North America [ 03/3/21 09:31:56 ]
IPv6 North America [ 03/3/21 09:32:00 ]
IPv4 Oceania
IPv6 Oceania [ 03/3/21 09:32:01 ]
IPv4 South America
IPv6 South America
IPv4 Proxy and Satellite [ 03/3/21 09:32:02 ]
IPv6 Proxy and Satellite
IPv4 Top Spammers
IPv6 Top Spammers
pfBlockerNG Reputation Tab
Country Code Update Ended

Download Process Starting [ 03/3/21 13:00:00 ]
/var/db/pfblockerng/ut1.tar.gz 226 IM Used
Download Process Ended [ 03/3/21 13:00:05 ]

Download Process Starting [ 03/4/21 00:00:00 ]
/usr/local/share/GeoIP/GeoLite2-Country.tar.gz 200 OK
/usr/local/share/GeoIP/GeoLite2-Country-CSV.zip 200 OK
Download Process Ended [ 03/4/21 00:00:02 ]

Country code update Start
Processing ISO IPv4 Continent/Country Data
Processing ISO IPv6 Continent/Country Data [ 03/4/21 00:00:18 ]
Creating pfBlockerNG Continent PHP files
IPv4 Africa [ 03/4/21 00:00:22 ]
IPv6 Africa [ 03/4/21 00:00:23 ]
IPv4 Antarctica
IPv6 Antarctica
IPv4 Asia
IPv6 Asia [ 03/4/21 00:00:25 ]
IPv4 Europe
IPv6 Europe [ 03/4/21 00:00:30 ]
IPv4 North America [ 03/4/21 00:00:32 ]
IPv6 North America [ 03/4/21 00:00:35 ]
IPv4 Oceania [ 03/4/21 00:00:36 ]
IPv6 Oceania
IPv4 South America
IPv6 South America
IPv4 Proxy and Satellite [ 03/4/21 00:00:37 ]
IPv6 Proxy and Satellite
IPv4 Top Spammers
IPv6 Top Spammers
pfBlockerNG Reputation Tab
Country Code Update Ended

Download Process Starting [ 03/4/21 13:00:00 ]
/var/db/pfblockerng/ut1.tar.gz 226 IM Used
Download Process Ended [ 03/4/21 13:00:05 ]

Download Process Starting [ 03/5/21 07:55:43 ]
/var/db/pfblockerng/ut1.tar.gz 226 IM Used
Download Process Ended [ 03/5/21 07:55:48 ]*

houbidoo · Mar 5, 2021, 7:01 AM

is this normal behavior?...pfblockerng.log...

===[ DNSBL Process ]================================================

Clearing all DNSBL Feeds

TLD Analysis not required.
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver... completed [ 03/5/21 03:00:03 ]
Restarting DNSBL Service (DNSBL python)cat: /var/db/pfblockerng/dnsbl/*.txt: No such file or directory
cat: /var/unbound/pfb_py_data.txt: No such file or directory
cat: /var/unbound/pfb_py_zone.txt: No such file or directory

DNSBL category blacklist not loading // pfsense 21.02_1 with pfBlockerNG-devel 3.0.0_10

TLD Analysis not required. Stopping Unbound Resolver. Unbound stopped in 2 sec. Additional mounts (DNSBL python): No changes required. Starting Unbound Resolver... completed [ 03/3/21 09:55:52 ] Restarting DNSBL Service (DNSBL python) DNSBL update [ 0 | PASSED ]... completed

TLD Analysis not required.
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver... completed [ 03/3/21 09:55:52 ]
Restarting DNSBL Service (DNSBL python)
DNSBL update [ 0 | PASSED ]... completed