Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG update errors

    Scheduled Pinned Locked Moved
    Plus 23.01 Development Snapshots (Retired)
    5
    6
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dennypageD
      dennypage
      last edited by dennypage

      Following the update to 23.01-RC and pfBlockerNG-devel, I am receiving a daily flurry of errors such as these in the system log:

      Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_Africa_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_Africa_v4 <br />[ SC, SC_rep ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_Asia_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_Asia_v4 <br />[ KH, KH_rep, CN, CN_rep, IR, IR_rep, IQ, IQ_rep, KZ, KZ_rep, KP, KP_rep, PK, PK_rep, SY, <br />SY_rep, TR, TR_rep, VN, VN_rep ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_Europe_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_Europe_v4 <br />[ BY, BY_rep, BA, BA_rep, BG, BG_rep, HR, HR_rep, CZ, CZ_rep, EE, EE_rep, HU, HU_rep, XK, <br />XK_rep, LV, LV_rep, LT, LT_rep, MD, MD_rep, ME, ME_rep, MK, MK_rep, RU, RU_rep, RS, RS_rep, <br />SK, SK_rep, SI, SI_rep, UA, UA_rep ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_NAmerica_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_NAmerica_v4 <br />[ PA, PA_rep ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_SAmerica_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_SAmerica_v4 <br />[ BO, BO_rep, CL, CL_rep, CO, CO_rep, UY, UY_rep ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_PRI1_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI1_v4 <br />[ Abuse_Feodo_C2_v4, Abuse_SSLBL_v4, CINS_army_v4, ET_Block_v4, ET_Comp_v4, ISC_Block_v4, Spamhaus_Drop_v4, Spamhaus_eDrop_v4, Talos_BL_v4 ]
Feb  6 12:30:52 fw php-cgi[82398]: rc.update_urltables: /etc/rc.update_urltables: ERROR: could not update pfB_PRI2_v4 content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI2_v4 <br />[ Alienvault_v4 ]

      The failure is occurring in function process_alias_urltable (line 2718 of /etc/inc/pfsense-utils.inc) as a result of the call to filter_var($url, FILTER_VALIDATE_URL) function returning false.

      I am not at all sure, but am wondering if the issue may be that the URL being validated is not escaped:

      https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI1_v4 <br />[ Abuse_Feodo_C2_v4, Abuse_SSLBL_v4, CINS_army_v4, ET_Block_v4, ET_Comp_v4, ISC_Block_v4, Spamhaus_Drop_v4, Spamhaus_eDrop_v4, Talos_BL_v4 ]

      Whereas the URL pfBlocker has stored in the configuration has escaped the less-than and greater-than surrounding the break:

      https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI1_v4 &lt;br /&gt;[ Abuse_Feodo_C2_v4, Abuse_SSLBL_v4, CINS_army_v4, ET_Block_v4, ET_Comp_v4, ISC_Block_v4, Spamhaus_Drop_v4, Spamhaus_eDrop_v4, Talos_BL_v4 ]
      dennypageD 1 Reply Last reply Reply Quote 0
      • dennypageD
        dennypage @dennypage
        last edited by

        @dennypage It turns out that my speculation about the escaping of less-than and greater than was incorrect.

        The problem is the presence of a space in the URL.

        The following will validate:

        https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI1_v4&nbsp;&lt;br&nbsp;/&gt;[&nbsp;Abuse_Feodo_C2_v4,&nbsp;
Abuse_SSLBL_v4,&nbsp;CINS_army_v4,&nbsp;ET_Block_v4,&nbsp;ET_Comp_v4,&nbsp;ISC_Block_v4,&nbsp;Spamhaus_Drop_v4,&nbsp;Spamhaus_eDrop_v4,&nbsp;Tal
os_BL_v4&nbsp;]

        As will this:

        https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_PRI1_v4

        For that matter, so will this:

        https://127.0.0.1:443/nonexistenturl?nooption

        I don't know if this is an issue for pfSense or pfBlockerNG.

        @BBcan177 ?

        P 1 Reply Last reply Reply Quote 1
        • P
          p1erre @dennypage
          last edited by

          @dennypage same issue on my site

          M 1 Reply Last reply Reply Quote 0
          • M
            mrsunfire @p1erre
            last edited by

            Same here

            Netgate 6100 MAX

            cmcdonaldC 1 Reply Last reply Reply Quote 0
            • dennypageD dennypage referenced this topic on
            • dennypageD dennypage referenced this topic on
            • dennypageD dennypage referenced this topic on
            • cmcdonaldC
              cmcdonald Netgate Developer @mrsunfire
              last edited by

              Issue is being addressed with @BBcan177 . Stay tuned

              Need help fast? https://www.netgate.com/support

              R 1 Reply Last reply Reply Quote 4
              • R
                rpotter28 @cmcdonald
                last edited by

                @cmcdonald Just got here to report this... Thanks Christian for being active on it!

                1 Reply Last reply Reply Quote 0
                • T tman222 referenced this topic on
                • T tman222 referenced this topic on
                • dennypageD dennypage referenced this topic on
                • First post
                  Last post