Adding a large list as an alias under "URL Table (IPs)" fails.
-
I'm trying to add this list as an alias:
https://www.usom.gov.tr/url-list.txtThe list contains 404.168 entries. So I know I have to make this adjustment:
Then I try to create the alias:
But I get this:
I tried editing the
system.incfile and increase the timeout values to 600:
But that did not help either.
Is this a bug or is there something I can do to tackle this issue?
-
@scilek Try pfBlocker
-
@Bob-Dig
Is that a recommendation or don't I have a choice? -
@scilek said in Adding a large list as an alias under "URL Table (IPs)" fails.:
don't I have a choice?
It looks like you have no choice. Doing it with your settings in pfSense doesn't work for me either, with pfBlocker, no problem.
-
@scilek that list your pointing at doesn't contain IPs or subnets - it contains domain names. It has a few ips in it - but most of it is domains.
Which all would have to be resolved.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz Yes, and that takes a lot of time, and I understand that. But I still cannot understand why that should trigger a 504 error. It doesn't have to be like that.
-
@johnpoz For me it wasn't stopping so I closed the window. in pfBlocker, it took seconds. I only looked briefly, saw many IPs and deleted it. Haven't checked if it was complete.
-
@scilek doesn't matter to be honest - that function is for IPs and subnets.. I don't even know if works at all even if you had only 1 fqdn in it.
I don't think I ever got a full download of it just in my browser.. Let alone pfsense having to resolve every one of the you say some 400k entries to an IP(s)..
But that alias is not meant for domains, it meant for IPs and subnets..
Even if was pure IPs and subnets - the note says large 30k+ records, your way over 10x that..
-
@johnpoz I think I know why it fails. Once again, I realized that a software man cannot afford to be lazy. I scanned the entries, and realised (to my amazement) that there are many invalid entries, i.e. ones that contain characters that cannot exist in a domain name, the most common one being the humble "/" (slash). It appears someone did a sloppy job there. "Mystery solved, I guess; right?" (https://www.youtube.com/watch?v=dDmqOott-_4)
