unable to update any feeds in PFBlockerNG



  • Hi I have noticed that none of my feeds are updating, I have tired disabling and re-enabling pfblocker, checked that I can traceroute to the feed addresses and can download the lists from clients connected to pfsense. But for some reason pfblockerng cannot update them.

    DNS seems to be working fine for all clients and the pfsense fw itself, and I cannot see anything being blocked in the firewall at the time of the update or reload operations -and the error states is not a firewall issue? I am now stumped as to what is causing it to fail to contact the servers for the feeds.

    UPDATE PROCESS START [ 06/17/19 16:34:52 ]

    ** Adding earlyshellcmd settings **

    ** Adding shellcmd package settings **

    ===[ DNSBL Process ]================================================

    Loading DNSBL Statistics... completed
    Loading DNSBL Whitelist... completed

    Downloading Blacklist Database(s) [ shallalist (~10MB) ] ... Please wait ...
    Shallalist ... Failed

    [ yoyo ] Downloading update [ 06/17/19 16:35:08 ] . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_yoyoads - yoyo ] Download FAIL [ 06/17/19 16:35:23 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ hpHosts_ads ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_hpHosts_ads - hpHosts_ads ] Download FAIL [ 06/17/19 16:35:38 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ Adaway ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_Adaway - Adaway ] Download FAIL [ 06/17/19 16:35:53 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ Cameleon ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_Cameleon - Cameleon ] Download FAIL [ 06/17/19 16:36:09 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ mylist_custom ] exists.
    [ EasyList ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_EasyList - EasyList ] Download FAIL [ 06/17/19 16:36:24 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ EasyPrivacy ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...
    .. unknown http status code | 0

    [ DNSBL_EasyList - EasyPrivacy ] Download FAIL [ 06/17/19 16:36:39 ]
    Firewall and/or IDS (Legacy mode only) are not blocking download.

    [ EasyList_Adware ] Downloading update . cURL Error: 7
    Retry in 5 seconds...
    . cURL Error: 7
    Retry in 5 seconds...

    this is the traceroute to easylist.to from the WAN interface on pfsense


    2 * * *
    3 31.55.186.176 4.503 ms
    31.55.186.180 5.978 ms 5.526 ms
    4 195.99.127.106 6.624 ms
    213.121.192.48 6.748 ms 5.399 ms
    5 62.6.201.230 31.860 ms 5.717 ms
    194.72.16.132 6.907 ms
    6 109.159.253.95 7.337 ms 7.323 ms 6.923 ms
    7 104.31.91.96 5.947 ms 6.807 ms 6.174 ms

    PFsense 2.4.4
    pfblockerNG-devel 2.2.2.5.1
    Running on a virtual machine
    WAN connection is PPPoE to the modem (Block private networks and loopback addresses & Block bogon networks) both ticked.
    LAN connections are VLAN's



  • ok, this is now fixed in case anyone else has this issue this is where I started to realise what was wrong..

    [2.4.4-RELEASE][admin@pfSense2.localdomain]/root: pkg update -f
    Updating pfSense-core repository catalogue...
    pkg: Repository pfSense-core load error: access repo file(/root/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-core/meta.txz: No route to host
    repository pfSense-core has no meta file, using default settings
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-core/packagesite.txz: No route to host
    Unable to update repository pfSense-core
    Updating pfSense repository catalogue...
    pkg: Repository pfSense load error: access repo file(/root/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-pfSense_v2_4_4/meta.txz: No route to host
    repository pfSense has no meta file, using default settings
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-pfSense_v2_4_4/packagesite.txz: No route to host
    Unable to update repository pfSense
    Error updating repositories!

    checked route out f the firewall - not looking good
    [2.4.4-RELEASE][admin@pfSense2.localdomain]/root: host -t srv _https._tcp.pkg.pfsense.org
    _https._tcp.pkg.pfsense.org has SRV record 10 10 443 files01.netgate.com.
    _https._tcp.pkg.pfsense.org has SRV record 10 10 443 files00.netgate.com.
    [2.4.4-RELEASE][admin@pfSense2.localdomain]/root: route -n get default
    route: route has not been found

    checked the default gateway which was set to the WAN_PPPoE gateway, changed this to the VPN gateway and I the firewall can now route traffic and can see the lists and packages


  • Moderator

    This post is deleted!

Log in to reply