pfBlockerNG ASN downloads only contain a header

jrey

@Wolf666

so what is in the pfblockerng.log file?
sorry, I responded to this based on the email and noticed that you included the log snippet in the post online --

That doesn't look like the correct response and appears to be running the wrong code - when applying the patch did you change the Path Strip Count from the default value of 2 to a 0 (zero)

specifically do you see this ?
you should specifically see this before the processing starts

.. completed (Download Valid)

anything in the error.log ?

is it possible the IP addresses are also in another list?
De-duplication on?
CIDR Aggregation on?

Not asking you to turn any of the above on or off, just how you have them set.

Thanks

Wolf666

@jrey
I uninstalled/reinstalled pfBlockerNG and applied the patch, now seems to work.

[ TWAS13414_v4 ]		 Downloading update .
  Downloading ASN: 13414.
 /usr/local/bin/curl -A "pfSense/pfBNG cURL download agent-49de62cd6bb042f3ec1e" -sS1 https://api.bgpview.io/asn/13414/prefixes > /tmp/pfbtemp10_46283 
.. completed (Download Valid)
. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  53       14         
  ------------------

Thank you.

jrey

@Wolf666

bingo. Path Strip Count right. Glad it is working for you. Thanks

manilx

@jrey It's been a month and still we're working around the issue. I wonder what is taking so long for a pfblocker package update......

jrey

@manilx said in pfBlockerNG ASN downloads only contain a header:

It's been a month

I don't think I would be too concerned at this point.
The patch provided currently resolves the issue and with 23.09 on the horizon, let's just wait until that is released and see what happens.

I do know that when @BBcan177 emailed me a couple of weeks back, although he had heard back from the api provider and provided me a copy of their answer, it honestly wasn't an answer at that point.

So could be entirely possible that he just hasn't made any progress with them; or

that it is addressed in the next release; or

is just busy with family life.

(Note: the only additional change I have made was to randomize the NDI part of the agent string (as mentioned in this thread) with every api call and have actually increased the number of ASN's being queried. All running fine with no issues.)

manilx

@jrey Yes, we can only wait and see. Thx for your input.

musivian

Good day, how do you guys make API with multiple ASN and result in plain text (all prefixes) using PHP. Thank you.

Bob.Dig

@jrey said in pfBlockerNG ASN downloads only contain a header:

I don't think I would be too concerned at this point.

I noticed with another problem with pfBlockerNG that the non-devil version was fixed and the devil was not. Both have the same version number... So I have to ask, are we sure that the ASN-problem isn't fixed in the non-devil version too?

jrey

@Bob-Dig

I can't speak to the -dev version - however,

I just updated to 23.09 beta and marked both of my local patches for (ASN) as "auto apply" before running the upgrade to 23.09.

After the update, the pfBlockerNG package is still showing current at 3.2.0_6,(ie there is no update tied specifically to 23.09) my patches are still applied and it still works. System has already been through 1 set of ASN updates with no issues at this time.

Bob.Dig

@jrey said in pfBlockerNG ASN downloads only contain a header:

I can't speak to the -dev version - however,

No need to, that was what I was running so it is not fixed for both. Good to know.

I have read your news on the beta.