Feeds not added to 'DNSBL Feeds'



  • Re: devel v2.2.5_19 - Feeds not added to 'DNSBL Feeds'

    Hi guys,

    The site suggested I open a new topic given the referenced one is quite old. Chiming in with the latest version of this install. I removed the non dev version of this package some time ago and the fix noted in the linked topic has worked for me (add a dummy feed save it and the added feeds then appear in the expected location). Per the request in that topic my outputs from the three commands/files are below. I've had to remove all URL details from the samples below as akismet wouldn't let this through either. I left one row from each feed in place to demonstrate the layout. I have added all feeds in my config but they are not shown below.

    grep "<config></config>" /conf/config.xml
    

    No result returned

    grep -A400 "<pfblockernglistsv4" /conf/config.xml
    
    		<pfblockernglistsv4>
    			<config>
    				<aliasname>PRI1</aliasname>
    				<description><![CDATA[PRI1 - Collection of Feeds from the most reputable blocklist providers. (Primary tier)]]></description>
    				<action>Deny_Inbound</action>
    				<cron>EveryDay</cron>
    				<dow>1</dow>
    				<sort>sort</sort>
    				<aliaslog>enabled</aliaslog>
    				<stateremoval><![CDATA[enabled]]></stateremoval>
    				<autoaddrnot_in></autoaddrnot_in>
    				<autoports_in></autoports_in>
    				<aliasports_in></aliasports_in>
    				<autoaddr_in></autoaddr_in>
    				<autonot_in></autonot_in>
    				<aliasaddr_in></aliasaddr_in>
    				<autoproto_in></autoproto_in>
    				<agateway_in>default</agateway_in>
    				<autoaddrnot_out></autoaddrnot_out>
    				<autoports_out></autoports_out>
    				<aliasports_out></aliasports_out>
    				<autoaddr_out></autoaddr_out>
    				<autonot_out></autonot_out>
    				<aliasaddr_out></aliasaddr_out>
    				<autoproto_out></autoproto_out>
    				<agateway_out>default</agateway_out>
    				<suppression_cidr>Disabled</suppression_cidr>
    				<whois_convert></whois_convert>
    				<custom></custom>
    				<row>
    					<format>auto</format>
    					<state><![CDATA[Enabled]]></state>
    					<url>ipblocklist.txt</url>
    					<header>Abuse_Feodo_C2</header>
    				</row>
    			</config>
    			<config>
    				<aliasname>PRI2</aliasname>
    				<description><![CDATA[PRI2 - Collection of Feeds from Secondary Tier providers.]]></description>
    				<action>Deny_Inbound</action>
    				<cron>EveryDay</cron>
    				<dow>1</dow>
    				<sort>sort</sort>
    				<aliaslog>enabled</aliaslog>
    				<stateremoval><![CDATA[enabled]]></stateremoval>
    				<autoaddrnot_in></autoaddrnot_in>
    				<autoports_in></autoports_in>
    				<aliasports_in></aliasports_in>
    				<autoaddr_in></autoaddr_in>
    				<autonot_in></autonot_in>
    				<aliasaddr_in></aliasaddr_in>
    				<autoproto_in></autoproto_in>
    				<agateway_in>default</agateway_in>
    				<autoaddrnot_out></autoaddrnot_out>
    				<autoports_out></autoports_out>
    				<aliasports_out></aliasports_out>
    				<autoaddr_out></autoaddr_out>
    				<autonot_out></autonot_out>
    				<aliasaddr_out></aliasaddr_out>
    				<autoproto_out></autoproto_out>
    				<agateway_out>default</agateway_out>
    				<suppression_cidr>Disabled</suppression_cidr>
    				<whois_convert></whois_convert>
    				<custom></custom>
    				<row>
    					<format>auto</format>
    					<state><![CDATA[Enabled]]></state>
    					<url>/reputation.snort.gz</url>
    					<header>Alienvault</header>
    				</row>
    			</config>
    			<config>
    				<aliasname>PRI3</aliasname>
    				<description><![CDATA[PRI3 - Collection of Feeds from Tertiary Tier providers.]]></description>
    				<action>Deny_Inbound</action>
    				<cron>EveryDay</cron>
    				<dow>1</dow>
    				<sort>sort</sort>
    				<aliaslog>enabled</aliaslog>
    				<stateremoval><![CDATA[enabled]]></stateremoval>
    				<autoaddrnot_in></autoaddrnot_in>
    				<autoports_in></autoports_in>
    				<aliasports_in></aliasports_in>
    				<autoaddr_in></autoaddr_in>
    				<autonot_in></autonot_in>
    				<aliasaddr_in></aliasaddr_in>
    				<autoproto_in></autoproto_in>
    				<agateway_in>default</agateway_in>
    				<autoaddrnot_out></autoaddrnot_out>
    				<autoports_out></autoports_out>
    				<aliasports_out></aliasports_out>
    				<autoaddr_out></autoaddr_out>
    				<autonot_out></autonot_out>
    				<aliasaddr_out></aliasaddr_out>
    				<autoproto_out></autoproto_out>
    				<agateway_out>default</agateway_out>
    				<suppression_cidr>Disabled</suppression_cidr>
    				<whois_convert></whois_convert>
    				<custom></custom>
    				<row>
    					<format>auto</format>
    					<state><![CDATA[Enabled]]></state>
    					<url>all.txt</url>
    					<header>BlockListDE_All</header>
    				</row>
    			</config>
    			<config>
    				<aliasname>PRI4</aliasname>
    				<description><![CDATA[PRI4 - Collection of Feeds from Fourth Tier providers.]]></description>
    				<action>Disabled</action>
    				<cron>01hour</cron>
    				<dow>1</dow>
    				<sort>sort</sort>
    				<aliaslog>enabled</aliaslog>
    				<stateremoval><![CDATA[enabled]]></stateremoval>
    				<autoaddrnot_in></autoaddrnot_in>
    				<autoports_in></autoports_in>
    				<aliasports_in></aliasports_in>
    				<autoaddr_in></autoaddr_in>
    				<autonot_in></autonot_in>
    				<aliasaddr_in></aliasaddr_in>
    				<autoproto_in></autoproto_in>
    				<agateway_in>default</agateway_in>
    				<autoaddrnot_out></autoaddrnot_out>
    				<autoports_out></autoports_out>
    				<aliasports_out></aliasports_out>
    				<autoaddr_out></autoaddr_out>
    				<autonot_out></autonot_out>
    				<aliasaddr_out></aliasaddr_out>
    				<autoproto_out></autoproto_out>
    				<agateway_out>default</agateway_out>
    				<suppression_cidr>Disabled</suppression_cidr>
    				<whois_convert></whois_convert>
    				<custom></custom>
    				<row>
    					<format>auto</format>
    					<state><![CDATA[Enabled]]></state>
    					<url>/2?age=30d</url>
    					<header>BadIPs_30d</header>
    				</row>
    				<row>
    					<format>auto</format>
    					<state><![CDATA[Enabled]]></state>
    					<url>banlist.txt</url>
    					<header>BDS_Ban</header>
    				</row>
    			</config>
    		</pfblockernglistsv4>
    

    File contents of:

    /conf/pkg_log_pfSense-pkg-pfBlockerNG-devel.txt
    
    >>> Upgrading pfSense-pkg-pfBlockerNG-devel... 
    Updating pfSense-core repository catalogue...
    pfSense-core repository is up to date.
    Updating pfSense repository catalogue...
    pfSense repository is up to date.
    All repositories are up to date.
    Checking integrity... done (0 conflicting)
    The following 1 package(s) will be affected (of 0 checked):
    
    Installed packages to be REINSTALLED:
    	pfSense-pkg-pfBlockerNG-devel-2.2.5_26 [pfSense]
    
    Number of packages to be reinstalled: 1
    [1/1] Reinstalling pfSense-pkg-pfBlockerNG-devel-2.2.5_26...
    [1/1] Extracting pfSense-pkg-pfBlockerNG-devel-2.2.5_26: .......... done
    Removing pfBlockerNG-devel components...
    Menu items... done.
    Services... done.
    Loading package instructions...
    Removing pfBlockerNG...cat: /var/db/pfblockerng/dnsbl/*.txt: No such file or directory
     All customizations/data will be retained... done.
    Saving updated package information...
    overwrite!
    Loading package configuration... done.
    Configuring package components...
    Loading package instructions...
    Custom commands...
    Executing custom_php_install_command()...
    MaxMind GeoIP databases previously downloaded.
    Re-creating pfBlockerNG Continent PHP files... done.
    
    Adding pfBlockerNG Widget to the Dashboard... done.
    
    Creating Firewall filter service... done.
    Renew Firewall filter executables... done.
    Starting Firewall filter Service... done.
    
    Creating DNSBL service... done.
    Renew DNSBL lighttpd executable... done.
    Creating DNSBL web server config ... done.
    Starting DNSBL Service... done.
    
    Upgrading previous settings:
     Adv. Inbound firewall rule settings... no changes required ... done.
     OpenVPN/IPSec interface selections... no changes required ... done.
     Proofpoint/ET IQRisk settings... no changes required ... done.
     General Tab -> IP Tab settings... no changes required ... done.
     pfBlockerNGSuppress Alias -> IPv4 Suppression Customlist... no changes required ... done.
     Upgrading previous EasyLists to new format... no changes required ... done.
    Upgrading... done
    
    Custom commands completed ... done.
    Executing custom_php_resync_config_command()...cat: /var/db/pfblockerng/dnsbl/*.txt: No such file or directory
    done.
    Menu items... done.
    Services... done.
    Writing configuration... done.
    >>> Cleaning up cache... done.
    __RC=0
    
    


  • Not sure how your adding the DNSBL Feeds; however, for sure, I have never seen feeds added that way. Here's how my feeds look like:

    Screen Shot 2019-11-13 at 6.03.34 PM.png

    Screen Shot 2019-11-13 at 6.04.35 PM.png

    Screen Shot 2019-11-13 at 6.19.03 PM.png



  • Mine look the same. I added the out of the box feeds found in the 'Feeds' menu item. When done the expected behaviour would be to then see them in the DNSBL > DNSBL Feeds area that you have shown in your screenshot. They referenced topic shows the behaviour I experienced.



  • If you are speaking of these, they remain there.

    Screen Shot 2019-11-13 at 6.28.09 PM.png



  • Also this will tell you the ones you have enabled:

    Screen Shot 2019-11-13 at 6.43.21 PM.png



  • Correct. They are also displayed on the DNSBL > DNSBL Feeds interface BUT only after I added a feed manually through that interface. Before I added that manual feed they were not displayed in that location.



  • @jward101 said in Feeds not added to 'DNSBL Feeds':

    Correct. They are also displayed on the DNSBL > DNSBL Feeds interface BUT only after I added a feed manually through that interface. Before I added that manual feed they were not displayed in that location.

    I have a few like that...I was looking through to post for instance; however, they do show under the feed menu as duplicates though.


Log in to reply