Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    shalla list off

    General pfSense Questions
    shallalist e2guadian squidguard
    12
    43
    10646
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      emanuelgaio
      last edited by emanuelgaio

      Good Morning.
      Apparently the shallist went off the air for good.
      Does anyone have any other suggestions besides the French list?
      Thanks.

      J JonathanLeeJ 2 Replies Last reply Reply Quote 0
      • J
        jdeloach @emanuelgaio
        last edited by

        @emanuelgaio said in shalla list off:

        Good Morning.
        Apparently the shallist went off the air for good.
        Does anyone have any other suggestions besides the French list?
        Thanks.

        What kind of error are you getting? I use that feed and it appears to be working for me. I don't see any errors, even added a new group and it downloaded without any errors.

        johnpozJ E 2 Replies Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @jdeloach
          last edited by johnpoz

          @jdeloach maybe you guys are talking about different things?

          But this came up in another thread

          closed.jpg

          So not sure what your downloading or from where, or when it was last downloaded/updated? But yeah they went offline a while back..

          Right on the site
          "Due to personal reasons and the political situation in this country the company Shalla Secure Services has been closed and in consequence the blacklist service has been stopped. "

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 23.05 | Lab VMs CE 2.6, 2.7

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @johnpoz
            last edited by Gertjan

            @johnpoz said in shalla list off:

            political situation in this country

            edit : not you, but what is shown on the site.

            Wait. It look like this is 'some site' hosted in Germany.
            "Political situation" issue in Germany ??

            I know for a fact that I'm not German, so I do not pretend to know or understand political 'stuff' going on there. But most of my family is. So I asked :
            "Merkel is gone. There is a new guy now. Did something change " ?
            The short answer was : no. ( It was 'nein' meaning the same thing ).

            I do fully understand the "Due to personal reasons ...." - that's always ok.

            No "help me" PM's please. Use the forum, thanks.

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @Gertjan
              last edited by

              @gertjan Maybe the political stuff talking about is new laws or something with related to IT stuff?

              I have a few friends in DE I could check with, and some friends here that are German and in the IT arena..

              I knew they got a new chancellor a few months back, Olaf Scholz replaced Merkel, what that that means for DE overall, I not sure - something to do with 3 way coalition.. I heard they going to legalize weed ;) hehehe

              While I personally think I pay more attention to world events and news than many Americans, I have to admit I am a bit behind on what has been going on in Germany.. Before covid I would of been talking with my German colleagues and after work beers and discussing all sorts of topics pretty much on a daily basis..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 23.05 | Lab VMs CE 2.6, 2.7

              1 Reply Last reply Reply Quote 0
              • E
                emanuelgaio @jdeloach
                last edited by

                @jdeloach informs that the list no longer exists. On their website it says that it went offline. I wanted an alternative that was good.

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @emanuelgaio
                  last edited by

                  @emanuelgaio

                  I know some one who could help you : Google : alternative for shallalist

                  I didn't test any of them myself, and I wasn't use the lalalist neither.

                  No "help me" PM's please. Use the forum, thanks.

                  E 1 Reply Last reply Reply Quote 0
                  • E
                    emanuelgaio @Gertjan
                    last edited by

                    @gertjan I asked for support for fear of putting up a bad list. In case anyone had used another one and could give an opinion. I'll try a test environment to see which one suits me. Thanks.

                    E 1 Reply Last reply Reply Quote 1
                    • GertjanG Gertjan referenced this topic on
                    • GertjanG Gertjan referenced this topic on
                    • E
                      ENC @emanuelgaio
                      last edited by

                      @emanuelgaio
                      I'm researching a good quality "blacklist" too, if you find any good alternatives, share if you can. I'm from Brazil, excuse the bad english.

                      E 1 Reply Last reply Reply Quote 0
                      • JonathanLeeJ
                        JonathanLee @emanuelgaio
                        last edited by

                        @emanuelgaio I would also like to know if there is a replacement list.

                        https://forum.netgate.com/topic/169408/shalla-urlblacklist-for-squidguard-service-has-been-stopped/2

                        Make sure to upvote

                        1 Reply Last reply Reply Quote 0
                        • E
                          emanuelgaio @ENC
                          last edited by

                          @enc Good afternoon my friend.
                          I found this site in it has several lists, I tested the "blacklists_for_pfsense.tar.gz"
                          Full download link: http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz
                          Hope this helps.

                          1 Reply Last reply Reply Quote 1
                          • N
                            netblues
                            last edited by

                            How do we add a new category feed then?

                            E E 2 Replies Last reply Reply Quote 0
                            • E
                              emanuelgaio @netblues
                              last edited by

                              @netblues I don't know how to insert new category. This other list has some similar to shallist. I'm testing too.
                              http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_dansguardian.tar.gz

                              1 Reply Last reply Reply Quote 1
                              • E
                                ENC @netblues
                                last edited by

                                @netblues In Squid: Services/Squidguard proxy filter/Target Categories/Add. Then choose a name and place the domains or links.

                                1 Reply Last reply Reply Quote 0
                                • N
                                  netblues
                                  last edited by

                                  I was looking for the pfblockerng entry :)

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    sebden
                                    last edited by

                                    Anyone else have the Squidguard running wild since using the capitole list?

                                    After one update of the new list, the squidguard starts around 20-24 processes and the UI runs slow to almost unusable. I have 3 Boxes testet and 2 are unable to use the list. Happens with pf 2.5.2 and after update to 2.6.0 too.

                                    Are there other trustfull lists out there for testing?

                                    JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                    • JonathanLeeJ
                                      JonathanLee @sebden
                                      last edited by

                                      @sebden someone just recommended this list

                                      http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                      Make sure to upvote

                                      W 1 Reply Last reply Reply Quote 1
                                      • W
                                        Waqar.UK @JonathanLee
                                        last edited by

                                        @jonathanlee

                                        Anyone tried this link?

                                        JonathanLeeJ 2 Replies Last reply Reply Quote 0
                                        • JonathanLeeJ
                                          JonathanLee @Waqar.UK
                                          last edited by JonathanLee

                                          @waqar-uk Not me want to test it out first???? Please??? I do not want to reimage the firmware if it fails again.

                                          Make sure to upvote

                                          W 1 Reply Last reply Reply Quote 0
                                          • W
                                            Waqar.UK @JonathanLee
                                            last edited by Waqar.UK

                                            @jonathanlee

                                            I understand. Reinstalled ver 2.60 - to get a ZFS file system. Took about 10 minutes. Suricata and PfgBlocker next. So far so good.

                                            Tried that link: got this message

                                            Hmm. We’re having trouble finding that site.

                                            We can’t connect to the server at dsi.ut-capitole.fr.

                                            JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                            • JonathanLeeJ
                                              JonathanLee @Waqar.UK
                                              last edited by

                                              @waqar-uk Dang The original version I used I had to reimage after it installed it broke my system. I got this link from someone else I have not tested it yet because its exam week

                                              Make sure to upvote

                                              1 Reply Last reply Reply Quote 0
                                              • stephenw10S
                                                stephenw10 Netgate Administrator
                                                last edited by

                                                @jonathanlee said in shalla list off:

                                                http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                The file downloads fine for me. I haven't tried it in Squid.

                                                W 1 Reply Last reply Reply Quote 1
                                                • W
                                                  Waqar.UK @stephenw10
                                                  last edited by Waqar.UK

                                                  @stephenw10 said in shalla list off:

                                                  http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                  Now it works for me. I wonder why before it did not?

                                                  Does it work in Suricata?

                                                  1 Reply Last reply Reply Quote 1
                                                  • JonathanLeeJ
                                                    JonathanLee @Waqar.UK
                                                    last edited by

                                                    @waqar-uk

                                                    This works!!!
                                                    I just tested this after the summer semester has been completed!!

                                                    blacklist3.PNG
                                                    (Image: Blacklist loading)

                                                    blacklist4.PNG
                                                    (Image: Blacklist Loaded)

                                                    blacklist5.PNG
                                                    (Image: SquidGuard Catagories restored

                                                    Make sure to upvote

                                                    N 1 Reply Last reply Reply Quote 2
                                                    • N
                                                      nimrod @JonathanLee
                                                      last edited by

                                                      @jonathanlee said in shalla list off:

                                                      @waqar-uk

                                                      This works!!!
                                                      I just tested this after the summer semester has been completed!!

                                                      blacklist3.PNG
                                                      (Image: Blacklist loading)

                                                      blacklist4.PNG
                                                      (Image: Blacklist Loaded)

                                                      blacklist5.PNG
                                                      (Image: SquidGuard Catagories restored

                                                      UT1 is not working in pfBlockerNG because its using this link:

                                                       ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
                                                      

                                                      First i thought its the issue with pfBlockerNG, but if i try to manually download this file from my desktop machine by using wget, this is what i get:

                                                       wget ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
                                                      --2022-08-03 20:27:53--  ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
                                                                 => ‘blacklists.tar.gz’
                                                      Resolving ftp.ut-capitole.fr (ftp.ut-capitole.fr)... 193.49.48.249
                                                      Connecting to ftp.ut-capitole.fr (ftp.ut-capitole.fr)|193.49.48.249|:21... connected.
                                                      Logging in as anonymous ... Logged in!
                                                      ==> SYST ... done.    ==> PWD ... done.
                                                      ==> TYPE I ... done.  ==> CWD (1) /pub/reseau/cache/squidguard_contrib ... done.
                                                      ==> SIZE blacklists.tar.gz ... 30615325
                                                      ==> PASV ...
                                                      

                                                      And thats where its stuck. I edited /usr/local/pkg/pfblockerng/ut1_global_usage and changed the link to point to

                                                      https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz
                                                      

                                                      It gets downloaded without any issues, but it fails to install. I downloaded blacklists.tar.gz manually and unpacked it with tar, and there is another tar archive inside. pfBlockerNG extracts the content of the archive and expects folders containing category lists, but instead, its just another archive and thats where it fails.

                                                      I can extract the initial archive, and upload extracted tar file somewhere else, and update the link in ut1_global_usage file, and that works. But that needs to be done very time there is a update.

                                                      Is it safe to say that both Shallalist and UT1 are dead on pfBlockerNG ?

                                                      JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                                      • JonathanLeeJ
                                                        JonathanLee @nimrod
                                                        last edited by JonathanLee

                                                        @nimrod http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                        Try this it works for me and I have lists again inside of squid guard. The website has support I have emailed to have URLs added and they add them also.

                                                        This was the same issue I had it would download and not install, this list works it ends with reducted. Yes shalla list is gone, I wanted to save the last list that was available but I didn't get to in time.

                                                        Squidguard is different than PfblockerNG

                                                        Make sure to upvote

                                                        N 1 Reply Last reply Reply Quote 0
                                                        • N
                                                          nimrod @JonathanLee
                                                          last edited by

                                                          @jonathanlee said in shalla list off:

                                                          @nimrod http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                          Try this it works for me and I have lists again inside of squid guard. The website has support I have emailed to have URLs added and they add them also.

                                                          This was the same issue I had it would download and not install, this list works it ends with reducted. Yes shalla list is gone, I wanted to save the last list that was available but I didn't get to in time.

                                                          Squidguard is different than PfblockerNG

                                                          I know.

                                                          But i dont use Squidguard. I use pfBlockerNG. And these lists are not working in pfBlockerNG. That was the whole pont of my post.

                                                          JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                                          • JonathanLeeJ
                                                            JonathanLee @nimrod
                                                            last edited by

                                                            @nimrod this list states PfSense

                                                            Make sure to upvote

                                                            N 1 Reply Last reply Reply Quote 0
                                                            • N
                                                              nimrod @JonathanLee
                                                              last edited by

                                                              @jonathanlee said in shalla list off:

                                                              @nimrod this list states PfSense

                                                              Yes. And that can be anything from pfBlocker, to Snort, Suricata or Squidguard.

                                                              JonathanLeeJ 1 Reply Last reply Reply Quote 1
                                                              • JonathanLeeJ
                                                                JonathanLee @nimrod
                                                                last edited by

                                                                @nimrod

                                                                Hello, this list is different, and does in fact work for Squidguard inside of a Netgate 2100 Max running PfSense software version 22.05. I just tested URL shorteners and it shows blacklist blocked. I understand that you are only using PfBlockNG. However I noticed the items your testing show a different blacklist URL over the URL that I have provided. Please note, "Squidguard in Pfsense has a problem with the size of the database. pfblockerNG (a specific package or pfsense) might be the solution: an explanation" (Per BlackList Website).

                                                                I am sorry I thought this URL would also work for the other package as it is not branded as a specific package, only branded as PfSense and marked as reduced for home firewalls to provide a fix for the size of the database issue.

                                                                URLs that you showed for your post are that do not work for me also:
                                                                https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz

                                                                ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz

                                                                The above URLs also did not work on my Pfsense with Squidguard, they would not load because of the database size issue.

                                                                URL that works for my Pfsense:

                                                                http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                                I thought it was worth posting this URL as it might work for your package PfBlockNG. This is a different URL.

                                                                Screen Shot 2022-08-03 at 6.09.11 PM.png

                                                                (Image: URL Blacklist running successful blocks for websites by category blocks provided by the URL above)

                                                                Make sure to upvote

                                                                N 1 Reply Last reply Reply Quote 1
                                                                • N
                                                                  nimrod @JonathanLee
                                                                  last edited by

                                                                  @jonathanlee said in shalla list off:

                                                                  @nimrod

                                                                  Hello, this list is different, and does in fact work for Squidguard inside of a Netgate 2100 Max running PfSense software version 22.05. I just tested URL shorteners and it shows blacklist blocked. I understand that you are only using PfBlockNG. However I noticed the items your testing show a different blacklist URL over the URL that I have provided. Please note, "Squidguard in Pfsense has a problem with the size of the database. pfblockerNG (a specific package or pfsense) might be the solution: an explanation" (Per BlackList Website).

                                                                  I am sorry I thought this URL would also work for the other package as it is not branded as a specific package, only branded as PfSense and marked as reduced for home firewalls to provide a fix for the size of the database issue.

                                                                  URLs that you showed for your post are that do not work for me also:
                                                                  https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz

                                                                  ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz

                                                                  The above URLs also did not work on my Pfsense with Squidguard, they would not load because of the database size issue.

                                                                  URL that works for my Pfsense:

                                                                  http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                                  I thought it was worth posting this URL as it might work for your package PfBlockNG. This is a different URL.

                                                                  Screen Shot 2022-08-03 at 6.09.11 PM.png

                                                                  (Image: URL Blacklist running successful blocks for websites by category blocks provided by the URL above)

                                                                  None of those files in that web folder will will work with pfBlockerNG because they are all tar archives inside the tar archive. Such format is not supported.

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • BrujoNicB BrujoNic referenced this topic on
                                                                  • D
                                                                    dauhee
                                                                    last edited by

                                                                    @nimrod said in shalla list off:

                                                                    http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                                    http://dsi.ut-capitole.fr does not appear to be alive any more

                                                                    JonathanLeeJ 3 Replies Last reply Reply Quote 0
                                                                    • JonathanLeeJ
                                                                      JonathanLee @dauhee
                                                                      last edited by

                                                                      @dauhee It seems to be working still for me in California

                                                                      Screenshot 2023-01-02 at 4.55.01 PM.png
                                                                      (Image: Testing blacklist)

                                                                      Screenshot 2023-01-02 at 4.56.39 PM.png
                                                                      (Image: Download complete)

                                                                      Email: fabrice.prigent@ut-capitole.fr
                                                                      he manages this blacklist if you are having issues, I recently emailed a update for DoH addresses to add to the blacklist he is returning to check emails Jan 3rd I think the auto response said.

                                                                      Make sure to upvote

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • JonathanLeeJ
                                                                        JonathanLee @dauhee
                                                                        last edited by

                                                                        @dauhee said in shalla list off:

                                                                        http://dsi.ut-capitole.fr

                                                                        Screenshot 2023-01-02 at 5.01.45 PM.png

                                                                        It seems to be working email that email address if you want to add URL items.

                                                                        I recently emailed to add DoH

                                                                        Make sure to upvote

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • JonathanLeeJ
                                                                          JonathanLee @dauhee
                                                                          last edited by JonathanLee

                                                                          @dauhee

                                                                          https://forum.netgate.com/topic/176693/dns-over-443/6?_=1672707245355

                                                                          I was having major issues with DoH bypassing my DNS and just doing whatever it wanted port hopping to DNS on HTTPS. If you want, I can send you that blacklist and you just have to use an Apache server to download it on pfSense.

                                                                          Link to a working url blacklist for pfsense squidguard package:

                                                                          Squidguard Package: I saved the download of the open-source software just in case zip of tar gz file
                                                                          squidGuard-1.3.tar.zip

                                                                          Google Drive Link to a working URL blacklist for Pfsense Squidguard package that I use for a 2100 Max:
                                                                          https://drive.google.com/file/d/1KsE8H5Q_wa7cT2knU0iQynCQ_A_xPIVc/view?usp=share_link

                                                                          The official source of the blacklist listed above:
                                                                          http://dsi.ut-capitole.fr/blacklists/index_en.php

                                                                          Keep in mind the list above is the pfsense reducted version for lower memory firewalls:
                                                                          http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

                                                                          Loading this, you could load this blacklist on the Linux box. Just type at a prompt:

                                                                          service apache2 start

                                                                          make sure you copy the blacklist over to /var/www/foldernamehere
                                                                          store that blacklist inside that folder.

                                                                          now use the ip address of the linux box with http://192.168.1.10/foldernamehere/blacklistfile

                                                                          Now download it into the firewall box with your custom apache server.

                                                                          Make sure to upvote

                                                                          J 1 Reply Last reply Reply Quote 0
                                                                          • J
                                                                            jdeloach @JonathanLee
                                                                            last edited by

                                                                            @jonathanlee

                                                                            Just an FYI, I know this is not a popular option, but myself I have updates turned off for Shallalist and UT1 but still have the list enabled. All the files are stored on your computer unless you deleted them.

                                                                            It is outdated but it still catches several hundred hits for the categories that I have selected. I think it is given that there is probably not a replacement for this list so you either use the outdated list as is or you just disable it and move on. Folks have been complaining about this for a year now so it is time to let it die. The world is not going to end if this list does not get resurrected.

                                                                            If we, the users, can't find a replacement for this list, I think it is unfair to expect the pfBlockerNG maintainer to pull a replacement for it out of his ass.

                                                                            JonathanLeeJ 1 Reply Last reply Reply Quote 0
                                                                            • JonathanLeeJ
                                                                              JonathanLee @jdeloach
                                                                              last edited by JonathanLee

                                                                              @jdeloach Do you possibly still have the shalla list in .tar.gz? I want to save it. We should make a github with the lists for use with both squidguard and pfblocking.

                                                                              Make sure to upvote

                                                                              J 1 Reply Last reply Reply Quote 0
                                                                              • J
                                                                                jdeloach @JonathanLee
                                                                                last edited by

                                                                                @jonathanlee said in shalla list off:

                                                                                @jdeloach Do you possibly still have the shalla list in .tar.gz? I want to save it. We should make a github with the lists for use with both squidguard and pfblocking.

                                                                                You probably already have these files on your pfsense computer. Check the following directories for the compressed files:
                                                                                /var/db/pfblockerng/shallalist.tar.gz
                                                                                /var/db/pfblockerng/ut1.tar.gz

                                                                                The uncompressed files in following directories:
                                                                                /var/db/pfblockeng/shallalist/(uncompressed category files)
                                                                                /var/pfblockerng/ut1/(uncompressed category files)

                                                                                The above files should be on anyone's computer that has ever had shallalist and ut1 enabled in pfBlockerNG. Keep in mind these files will be outdated.

                                                                                JonathanLeeJ 2 Replies Last reply Reply Quote 0
                                                                                • JonathanLeeJ
                                                                                  JonathanLee @jdeloach
                                                                                  last edited by

                                                                                  @jdeloach I had to format my system shortly after shalla went down :(

                                                                                  Make sure to upvote

                                                                                  D 1 Reply Last reply Reply Quote 0
                                                                                  • D
                                                                                    dauhee @JonathanLee
                                                                                    last edited by

                                                                                    @jonathanlee oh wow, thank you very much. yes http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz is working for me now. it was late at night and maybe I didn't check the link properly or in the middle of me setting up squid proxy I did something wrong

                                                                                    really appreciated for the information

                                                                                    JonathanLeeJ 2 Replies Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post