URL Table (IPs) - BUG.



  • Trying to add my AS Facebook listing from my local URL I get:

    Unable to fetch usable data from URL http://<ip>/aliastables/facebook.txt</ip>
    

    This is with 2.3.2-p1

    I had a look on GIT and April 2016 this was reported, but closed as "duplicate", although pointing to 2.2.4…

    https://redmine.pfsense.org/issues/6564

    Please could someone tell me what I am doing wrong?  The file "facebook.txt" only contains 10.0.0.111 at the moment.

    I can do a "```
    curl http://<ip>/aliastables/facebook.txt</ip>



  • further on this:

    If I use an external source IP List, I get this to work.  So, it seems like it is a block on my local network…?



  • :( >:( >:(

    If I edit the /cf/conf/config.xml file and add into the <aliases>section the following:

                    <alias><name>facebook</name>
                            <type>urltable</type>
                            <url>http://IPIPIPIP/aliastables/facebook.txt</url>
                            <updatefreq>128</updatefreq>
    
    <address>http://IPADDRESS/aliastables/facebook.txt</address>
    
                            <detail></detail></alias> 
    

    it does seem to work…

    I can then do a:

    pfctl -t facebook -T replace -f /usr/local/www/aliastables/facebook.txt
    

    once the full list of IP's have been collected with:

    whois -h whois.radb.net -- "-i origin AS32934" | awk "/^route:/ {print $2;}" | awk '{print $2}' | sort | uniq > facebook.txt
    

    without problems

    Can one of you please confirm the correct way of specifying an URL TABLE ALIAS without having to edit/break the config file?

    PS - This does not STICK if you reboot, you have to re-import your TXT file with the above PFCTL command…</aliases>



  • I can also confirm that I can create an URL TABLE ALIAS using this environment file from my production system…



  • To assist with the problem I wrote a workaround with scripting and startup files here:
    http://wp.me/p2jcLn-xr

    Please visit the site to get this working.

    As a last point, I hate having to edit configuration files of broken software, so please pfSense fix this for us?


Log in to reply