PFBLOCKERNG DNSBL update failing



  • Is anyone else having issues with the pfblockerng cron jobs constantly running and failing to update DNSBL?

    I've tried running it with just a single dnsbl feed and no matter what changes I make it constantly fails to update.

    Anyone have any suggestions how to solve this?

    I'm running pfsense 2.3.2 release
    pfblockerng 2.1.1_4



  • @jbedgood:

    Is anyone else having issues with the pfblockerng cron jobs constantly running and failing to update DNSBL?

    I've tried running it with just a single dnsbl feed and no matter what changes I make it constantly fails to update.

    Anyone have any suggestions how to solve this?

    I'm running pfsense 2.3.2 release
    pfblockerng 2.1.1_4

    Did you look at the Logs tabs ? pfblockeng.log, dnsbl.log, error.log etc. And the Status / System Logs / System / General.



  • When I check the logs during the hung update this is all that shows up in the pfblockerng.log the other logs don't show anything.

    **Saving configuration [ 09/05/16 14:18:42 ] …

    **Saving configuration [ 09/05/16 14:18:50 ] …

    **Saving configuration [ 09/05/16 14:18:57 ] …

    Adding Unbound Server:Include line... completed
    Validating database... completed
    Reloading Unbound.... completed
    DNSBL update [ 0 | PASSED  ]… completed

    DNSBL - Adding Unbound custom 'include' option

    Saving new DNSBL web server configuration to port [ 8081 and 8443 ]
    Saving pfSense config…
    VIP address configured. Widget Packet statistics reset.
    Restarting Service DNSBL...
    UPDATE PROCESS START [ 09/05/16 14:19:03 ]

    ===[  DNSBL Process  ]================================================



  • What are you using for DNSBL Feeds ?



  • @RonpfS:

    What are you using for DNSBL Feeds ?

    For the feeds I have these

    http://someonewhocares.org/hosts/hosts
    https://adaway.org/hosts.txt

    and

    I have setup the DNSBL Easylist selecting all categories.

    The issue here is I've tried disabling and only using one feed and no easylist and it still just hangs and won't complete the update.



  • No space or special characters in DNS GROUP Name or Header/Label
    You selected Unbound for List Action ?
    Did you try running a Force Upload ? Force Reload DNSBL?



  • @RonpfS:

    No space or special characters in DNS GROUP Name or Header/Label
    You selected Unbound for List Action ?
    Did you try running a Force Upload ? Force Reload DNSBL?

    Thats correct nothing abnormal in the naming etc. This was and had been working with this exact setup for months but I noticed this hang issue after the last pfblockerng update. But I can't prove that is the cause and I can't figure out how to roll back to the previous version to see if that solves the issue. I've done the Force upload and reload nothing seems to fix it.



  • Strange, is that all you find in pfblockng.log ?
    Nothing in system logs? No crash report in Dasboard?
    Diagnostics System Activity show any pfblockerng process taking CPU time?
    Disk full?



  • @RonpfS:

    Strange, is that all you find in pfblockng.log ?
    Nothing in system logs? No crash report in Dasboard?
    Diagnostics System Activity show any pfblockerng process taking CPU time?
    Disk full?

    The Disk is no where near full. I have 887G free right now. The pfblockerng.log shows what I posted before that the DNSBL process is started but it doesn't do anything else after that just keeps running constantly.

    When the update is running the diag system activity shows the following constantly:

    CPU Activity
    last pid: 70501;  load averages:  0.93,  0.46,  0.42  up 3+16:52:10    14:56:59
    140 processes: 6 running, 111 sleeping, 23 waiting

    Mem: 33M Active, 129M Inact, 328M Wired, 274M Buf, 5259M Free
    Swap: 16G Total, 16G Free

    PID USERNAME PRI NICE  SIZE    RES STATE  C  TIME    WCPU COMMAND
      11 root    155 ki31    0K    64K CPU3    3  88.7H 100.00% [idle{idle: cpu3}]
    51179 root    103    0  224M 33936K CPU2    2  2:40 100.00% /usr/local/bin/php /usr/local/www/pfblocke
      11 root    155 ki31    0K    64K CPU0    0  88.6H  94.78% [idle{idle: cpu0}]
      11 root    155 ki31    0K    64K RUN    1  88.7H  90.38% [idle{idle: cpu1}]
      11 root    155 ki31    0K    64K RUN    2  88.4H  23.58% [idle{idle: cpu2}]
    69419 root      21    0  262M 31868K piperd  3  0:00  0.20% php-fpm: pool nginx (php-fpm)
      12 root    -92    -    0K  368K WAIT    1  3:40  0.00% [intr{irq269: re0}]
      12 root    -60    -    0K  368K WAIT    0  3:14  0.00% [intr{swi4: clock}]
        0 root    -92    -    0K  256K -      2  2:15  0.00% [kernel{em0 que}]
    37091 unbound  20    0 72168K 43364K kqread  0  0:36  0.00% /usr/local/sbin/unbound -c /var/unbound/un
        5 root    -16    -    0K    16K pftm    0  0:30  0.00% [pf purge]
        0 root    -16    -    0K  256K swapin  2  0:30  0.00% [kernel{swapper}]
      15 root    -16    -    0K    16K -      0  0:24  0.00% [rand_harvestq]
      16 root    -68    -    0K  240K -      2  0:16  0.00% [usb{usbus0}]
    49933 root      52  20 17000K  2564K wait    1  0:12  0.00% /bin/sh /var/db/rrd/updaterrd.sh
      323 root      20    0 13624K  4836K select  0  0:08  0.00% /sbin/devd -q
    44387 root      20    0 21036K  5008K select  0  0:08  0.00% /usr/local/sbin/miniupnpd -f /var/etc/mini
    38306 ladvd    20    0 19212K  2804K kqread  3  0:06  0.00% ladvd: child (ladvd)



  • Maybe you could post the pfblockerng.log from the last successfull update till now. Extras.log and error.log. (use the [ code] [ /code] (without the space!) to format the text)

    And a screenshot of the Feeds, and DNSBL Easylist in case we see something.
    When you go to the Update tab, does it show the running status ?



  • @RonpfS:

    Maybe you could post the pfblockerng.log from the last successfull update till now. Extras.log and error.log.

    And a screenshot of the Feeds, and DNSBL Easylist in case we see something.
    When you go to the Update tab, does it show the running status ?

    I had cleared the logs so I could find the hang because there was so much in there I couldn't tell where it was. So there is no successful attempts in it any longer. I can post the pictures of the easylist sure and I can post the update tab running status but its the same that the pfblockerng.log shows..just the DNSBL Process started.

    ![Screen Shot 2016-09-05 at 3.10.15 PM.png](/public/imported_attachments/1/Screen Shot 2016-09-05 at 3.10.15 PM.png)
    ![Screen Shot 2016-09-05 at 3.10.15 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-09-05 at 3.10.15 PM.png_thumb)
    ![Screen Shot 2016-09-05 at 3.09.30 PM.png](/public/imported_attachments/1/Screen Shot 2016-09-05 at 3.09.30 PM.png)
    ![Screen Shot 2016-09-05 at 3.09.30 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-09-05 at 3.09.30 PM.png_thumb)



  • Well it possible to download the log to your computer and look at it with a text editor.
    Now you don't have much to debug the failure mode.

    Go to Diagnostice Command prompt and execute

    ps -axwwwll | grep pfb
    

    Do you see many pfblockerng.php running?



  • @RonpfS:

    Well it possible to download the log to your computer and look at it with a text editor.
    Now you don't have much to debug the failure mode.

    Go to Diagnostice Command prompt and execute

    ps -axwwwll | grep pfb
    

    Do you see many pfblockerng.php running?

    No I manually kill the process because it just hangs there. So there is none running right now. If I run the update again there will be one process running and won't stop unless I manually stop it. I have let it go for days in the past to see if it would complete and it never did.



  • @jbedgood:

    I had cleared the logs so I could find the hang because there was so much in there I couldn't tell where it was. So there is no successful attempts in it any longer.

    Go to the Firewall / pfBlockerNG / Log Browser and look at the files. You can download them in that tab.

    What about a screen shots of the DNSBL feeds ?

    Disable all DNSBL feeds excepts DNSBL EasyList, hit Force Reload All and post the log.



  • @RonpfS:

    @jbedgood:

    I had cleared the logs so I could find the hang because there was so much in there I couldn't tell where it was. So there is no successful attempts in it any longer.

    Go to the Firewall / pfBlockerNG / Log Browser and look at the files. You can download them in that tab.

    What about a screen shots of the DNSBL feeds ?

    Disable all DNSBL feeds excepts DNSBL EasyList, hit Force Reload All and post the log.

    These are the only log files that had anything in them

    [log files.zip](/public/imported_attachments/1/log files.zip)



  • No extras.log ? maxmind_ver ? dnsbl.log error.log ? or you empty them?



  • @RonpfS:

    No extras.log ? maxmind_ver ? dnsbl.log error.log ? or you empty them?

    I had emptied them all before and when I do the for reload all nothing shows up in them.



  • Why?  :o

    You lost the history of what happened. Log files don't do any harm to the system and will not break anything in pfblockerNG.

    Just a wild guess would be to put something in the description field but it may not change anything.



  • Are you able to download the Easylist URL https://easylist-downloads.adblockplus.org/easylist_noelemhide.txt &
    https://easylist-downloads.adblockplus.org/easyprivacy.txt ?

    Nothing is blocking in the FW logs?



  • @RonpfS:

    Why?  :o

    You lost the history of what happened. Log files don't do any harm to the system and will not break anything in pfblockerNG.

    Just a wild guess would be to put something in the description field but it may not change anything.

    I cleared the logs to find the error easier but the logs weren't showing any real errors so it was a lost cause no matter what for that.



  • What did you select in the Alexa Whitelist ? It hangs with Top 750K and Top 1M  :(


  • Moderator

    Hi jbedgood,

    I see the issue and will get that fixed in the next release… In the meantime, I have PM'd you a fix.

    Thanks for reporting...