shalla list off
-
@nimrod this list states PfSense
-
@jonathanlee said in shalla list off:
@nimrod this list states PfSense
Yes. And that can be anything from pfBlocker, to Snort, Suricata or Squidguard.
-
Hello, this list is different, and does in fact work for Squidguard inside of a Netgate 2100 Max running PfSense software version 22.05. I just tested URL shorteners and it shows blacklist blocked. I understand that you are only using PfBlockNG. However I noticed the items your testing show a different blacklist URL over the URL that I have provided. Please note, "Squidguard in Pfsense has a problem with the size of the database. pfblockerNG (a specific package or pfsense) might be the solution: an explanation" (Per BlackList Website).
I am sorry I thought this URL would also work for the other package as it is not branded as a specific package, only branded as PfSense and marked as reduced for home firewalls to provide a fix for the size of the database issue.
URLs that you showed for your post are that do not work for me also:
https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gzftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
The above URLs also did not work on my Pfsense with Squidguard, they would not load because of the database size issue.
URL that works for my Pfsense:
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz
I thought it was worth posting this URL as it might work for your package PfBlockNG. This is a different URL.
(Image: URL Blacklist running successful blocks for websites by category blocks provided by the URL above)
-
@jonathanlee said in shalla list off:
Hello, this list is different, and does in fact work for Squidguard inside of a Netgate 2100 Max running PfSense software version 22.05. I just tested URL shorteners and it shows blacklist blocked. I understand that you are only using PfBlockNG. However I noticed the items your testing show a different blacklist URL over the URL that I have provided. Please note, "Squidguard in Pfsense has a problem with the size of the database. pfblockerNG (a specific package or pfsense) might be the solution: an explanation" (Per BlackList Website).
I am sorry I thought this URL would also work for the other package as it is not branded as a specific package, only branded as PfSense and marked as reduced for home firewalls to provide a fix for the size of the database issue.
URLs that you showed for your post are that do not work for me also:
https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gzftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
The above URLs also did not work on my Pfsense with Squidguard, they would not load because of the database size issue.
URL that works for my Pfsense:
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz
I thought it was worth posting this URL as it might work for your package PfBlockNG. This is a different URL.
(Image: URL Blacklist running successful blocks for websites by category blocks provided by the URL above)
None of those files in that web folder will will work with pfBlockerNG because they are all tar archives inside the tar archive. Such format is not supported.
-
-
@nimrod said in shalla list off:
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz
http://dsi.ut-capitole.fr does not appear to be alive any more
-
@dauhee It seems to be working still for me in California
(Image: Testing blacklist)
(Image: Download complete)Email: fabrice.prigent@ut-capitole.fr
he manages this blacklist if you are having issues, I recently emailed a update for DoH addresses to add to the blacklist he is returning to check emails Jan 3rd I think the auto response said. -
@dauhee said in shalla list off:
http://dsi.ut-capitole.fr
It seems to be working email that email address if you want to add URL items.
I recently emailed to add DoH
-
https://forum.netgate.com/topic/176693/dns-over-443/6?_=1672707245355
I was having major issues with DoH bypassing my DNS and just doing whatever it wanted port hopping to DNS on HTTPS. If you want, I can send you that blacklist and you just have to use an Apache server to download it on pfSense.
Link to a working url blacklist for pfsense squidguard package:
Squidguard Package: I saved the download of the open-source software just in case zip of tar gz file
squidGuard-1.3.tar.zipGoogle Drive Link to a working URL blacklist for Pfsense Squidguard package that I use for a 2100 Max:
https://drive.google.com/file/d/1KsE8H5Q_wa7cT2knU0iQynCQ_A_xPIVc/view?usp=share_linkThe official source of the blacklist listed above:
http://dsi.ut-capitole.fr/blacklists/index_en.phpKeep in mind the list above is the pfsense reducted version for lower memory firewalls:
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gzLoading this, you could load this blacklist on the Linux box. Just type at a prompt:
service apache2 start
make sure you copy the blacklist over to /var/www/foldernamehere
store that blacklist inside that folder.now use the ip address of the linux box with http://192.168.1.10/foldernamehere/blacklistfile
Now download it into the firewall box with your custom apache server.
-
Just an FYI, I know this is not a popular option, but myself I have updates turned off for Shallalist and UT1 but still have the list enabled. All the files are stored on your computer unless you deleted them.
It is outdated but it still catches several hundred hits for the categories that I have selected. I think it is given that there is probably not a replacement for this list so you either use the outdated list as is or you just disable it and move on. Folks have been complaining about this for a year now so it is time to let it die. The world is not going to end if this list does not get resurrected.
If we, the users, can't find a replacement for this list, I think it is unfair to expect the pfBlockerNG maintainer to pull a replacement for it out of his ass.
-
@jdeloach Do you possibly still have the shalla list in .tar.gz? I want to save it. We should make a github with the lists for use with both squidguard and pfblocking.
-
@jonathanlee said in shalla list off:
@jdeloach Do you possibly still have the shalla list in .tar.gz? I want to save it. We should make a github with the lists for use with both squidguard and pfblocking.
You probably already have these files on your pfsense computer. Check the following directories for the compressed files:
/var/db/pfblockerng/shallalist.tar.gz
/var/db/pfblockerng/ut1.tar.gzThe uncompressed files in following directories:
/var/db/pfblockeng/shallalist/(uncompressed category files)
/var/pfblockerng/ut1/(uncompressed category files)The above files should be on anyone's computer that has ever had shallalist and ut1 enabled in pfBlockerNG. Keep in mind these files will be outdated.
-
@jdeloach I had to format my system shortly after shalla went down :(
-
@jonathanlee oh wow, thank you very much. yes http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz is working for me now. it was late at night and maybe I didn't check the link properly or in the middle of me setting up squid proxy I did something wrong
really appreciated for the information
-
@dauhee Make sure to save the file off of the firewall just in case you need it in the future, and it is no longer available to the US. Happy New Year !!
-
If you want shalla check out
http://web.archive.org/web/20210502020725/http://www.shallalist.de/Downloads/shallalist.tar.gz
Its an older outdate version of the list I use to use before the website was no longer active
-
http://web.archive.org/web/20210502020725/http://www.shallalist.de/Downloads/shallalist.tar.gz
Use the wayback machine for the website before the shut it off, the last list they had is available in a historical context
-