Bogon MD5 mismatch



  • I've been noticing in my System log that the bogon update is failing because of an MD5 mismatch.
    My version information is:
    2.0.3-RELEASE (i386)
    built on Fri Apr 12 10:22:57 EDT 2013

    Here's what I have in the log:

    Jun 17 20:10:05 root: rc.update_bogons.sh is beginning the update cycle.
    Jun 17 20:10:05 root: Could not download http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt.md5 (md5 mismatch)
    Jun 17 20:10:05 root: rc.update_bogons.sh is starting up.
    Jun 17 20:10:05 root: rc.update_bogons.sh is ending the update cycle.
    Jun 17 20:10:05 root: rc.update_bogons.sh is sleeping for 9326

    This happens every time the process wakes up. A few weeks back I tried downloading the files manually and comparing the hash and everything seemed to check out. The strange thing is that if I go to Diagnostics->Tables, select Bogons and click Download, it works fine:

    Jun 18 08:49:04 root: rc.update_bogons.sh is starting up.
    Jun 18 08:49:04 root: rc.update_bogons.sh is beginning the update cycle.
    Jun 18 08:49:04 root: Bogons file downloaded: no changes.
    Jun 18 08:49:04 root: rc.update_bogons.sh is ending the update cycle.

    When I click download though, I've noticed that the webpage takes a long time to return. It just hangs there for a while waiting for the page to refresh, but when I go to the log I see the information above like it finished correctly.

    I've tried rebooting and it still does this. I even went into the script and did some debugging (output some variables to make sure the MD5 hash matched) and everything seems fine and it worked when I ran the script manually as well.

    I found an old thread on this where users were getting the MD5 mismatch in their logs during the automated bogon update but it was said to be fixed.
    It's just strange that the script seems to work, but only if I run it manually, not when it's automatically run by the system.

    Any one else notice this issue or know how to fix it?

    Thanks


  • Rebel Alliance Developer Netgate

    The file and server are OK on our side.

    $ fetch http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt   
    bogon-bn-nonagg.txt                          100% of  185  B  20 kBps
    $ fetch http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt.md5
    bogon-bn-nonagg.txt.md5                      100% of  78  B 8305  Bps
    $ md5 bogon-bn-nonagg.txt
    MD5 (bogon-bn-nonagg.txt) = 9fb7d3a1645fbbe899e4c0938b6858f1
    $ cat bogon-bn-nonagg.txt.md5
    MD5 (/home/cmb/bogons/bogon-bn-nonagg.txt) = 9fb7d3a1645fbbe899e4c0938b6858f1

    Perhaps something between your pfSense box and the Internet at-large (a proxy? Something else?) is preventing it from downloading properly, or it's getting bad/invalid content.



  • I definitely don't think there's anything wrong with the files. As I said, the automatic update fails but if I click to download the latest update that works. I don't think it's anything with the internet since the manual updates work. Any idea why it would work manual and not automatic? I assume both ways use the same script, /etc/rc.update_bogons.sh?



  • Is this even relevant any more?  I was under the impression that all blocks had been allocated except the RFC1918 private addresses and the RFC3927 link-local addresses.


Log in to reply