pfblockerNG ASN bgpview trouble
-
Great thanks - so then the version of the patch I originally provided you still applies to both. good to know (I guess)
Means something I changed since that earlier version is what sent me down the path won't apply path when I upgrade to 24.03 --
Oh darn, I just shut my 2.7.2 virtual network down. Let me fire it back up and look at those two ASnumbers you provided ..
Thanks
-
@jrey Retesting this ASN again, now works everywhere. So I think we are good. Maybe it was just a hiccup.
-
Interesting, can you share the log snippet where it failed ?
I tried 2.7.2 and for me it failed on the first attempt but picked it up on the auto retry.
[ AS40027_v4 ] Downloading update [ 08/18/24 11:01:12 ] . Downloading ASN: 40027. .. completed (Download Valid) . completed .. [ AS8881_v4 ] Downloading update . Downloading ASN: 8881. .. Failed to download ASN . .. completed (Download Valid) . completed .. [ AS1299_v4 ] Downloading update [ 08/18/24 11:01:13 ] . Downloading ASN: 1299. .. completed (Download Valid) . completed .. -
@jrey said in pfblockerNG ASN bgpview trouble:
Interesting, can you share the log snippet where it failed ?
Where is that exactly, sry still not an experienced pfBlocker User.
Also I thought I hadn't this bevor on that firewall but I guess I am wrong and it was there so it could be an old list... -
In the log here -- you will have to scroll through to find the one that failed (don't need the whole file just the part for the one that failed.
-
Restoring previously downloaded file contents... [ 08/9/24 20:45:57 ] [PFB_FILTER - 2] Invalid URL (not allowed2) [ AS8881 [ VERSATEL, DE ] ] [ 08/17/24 18:21:15 ] [PFB_FILTER - 2] Invalid URL (not allowed2) [ AS8881 ] [ 08/17/24 18:21:32 ] -
That's different.
Doesn't look related to the actual "download" of the file. but rather something bad left over from when it didn't download -- so it though it needed to restore the previous one 08/9/24 and then tried to process it.
if the latest download worked (the file in question has IPs listed) and "worked" as you stated above "Retesting this ASN again, now works everywhere. So I think we are good. Maybe it was just a hiccup." would likely be a good caption for the event.
if the [PFB_FILTER - 2] error shows up again, that might be something else to look at, I've never logged one of those and it is a completely different block of code.
Cheers
-
@jrey Sry, reading the log again, the first line I posted is not related to this but something before that.
And yes the file is working fine. Maybe I was to fast klicking reload again or something, it is an install on a VPS.
-
The problem is with BGPview.io which is now owned by Recorded Future. They are rate limiting their service due to some users who hit their services too much. The current code in pfB contains a User Agent Header which is being blocked en masse by them. I have requested that if they rate limit to block specific Agent strings as the suffix of the Agent String is unique to the user.
I have been emailing their support team for several weeks and they are saying it's low priority. I have also asked for their usage policy which they say they will add to their FYI page but it's low on their to do.
So I assume if it's working for some users, it could be they changed the Agent String. But if that were to happen en masse, it's back to the same result.
I am looking at an alternative ASN source as BGPview.io and previously Hurricane Electric don't want to support Open Source projects. Most likely will try to use ipinfo if their free options are accurate enough.
-
M michmoor referenced this topic on
-
Came across the same issue on one of our boxes. For the time being, have disabled the ASN download and copied over the relevant original files to reload into the affected system.
-
B Bob.Dig referenced this topic on
