PfBlocker not updating after initial list download and only trying once a day
-
You would use p2p,gz format.
With my version of pfBlockerNG, I have the following counts for those Lists:
http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Hijack.orig
536 IBlock_BT_Hijack.orighttp://list.iblocklist.com/?list=llvtlsjyoyiczbkjsxpf&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Spy.orig
3565 IBlock_BT_Spy.origHey BBcan177, Well that matches up with what I have when I do wc -l on both lists and both PFsense systems. Great you and I are experiencing the same situation then (Great Base line). When I go over to the iblocklist.com website the stated Number of ranges are different.
https://www.iblocklist.com/list.php?list=usrcshglbiilevmyfhse –> Number of ranges = 496, not 536
https://www.iblocklist.com/list.php?list=llvtlsjyoyiczbkjsxpf --> Number of ranges = 3201, not 3565When I download the list manually to my Win7 PC, and do line count I get 496, & 3201 respectively. I could understand if our lists were smaller if PFblocker was dedupping some ranges, but both our lists are larger than what we are being given. This leads me to believe that PBflocker is not updating the list correctly. Is my logic flawed?
Both my PFsense systems are production, so I can't Beta test at the moment. If I can find some hardware to spare I'll PM you later.
Again thanks for all your help!
Ash, -
You would use p2p,gz format.
With my version of pfBlockerNG, I have the following counts for those Lists:
http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Hijack.orig
536 IBlock_BT_Hijack.orighttp://list.iblocklist.com/?list=llvtlsjyoyiczbkjsxpf&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Spy.orig
3565 IBlock_BT_Spy.origHey BBcan177, Well that matches up with what I have when I do wc -l on both lists and both PFsense systems. Great you and I are experiencing the same situation then (Great Base line). When I go over to the iblocklist.com website the stated Number of ranges are different.
https://www.iblocklist.com/list.php?list=usrcshglbiilevmyfhse –> Number of ranges = 496, not 536
https://www.iblocklist.com/list.php?list=llvtlsjyoyiczbkjsxpf --> Number of ranges = 3201, not 3565When I download the list manually to my Win7 PC, and do line count I get 496, & 3201 respectively. I could understand if our lists were smaller if PFblocker was dedupping some ranges, but both our lists are larger than what we are being given. This leads me to believe that PBflocker is not updating the list correctly. Is my logic flawed?
Both my PFsense systems are production, so I can't Beta test at the moment. If I can find some hardware to spare I'll PM you later.
Again thanks for all your help!
Ash, -
You would use p2p,gz format.
With my version of pfBlockerNG, I have the following counts for those Lists:
http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Hijack.orig
536 IBlock_BT_Hijack.orighttp://list.iblocklist.com/?list=llvtlsjyoyiczbkjsxpf&fileformat=p2p&archiveformat=gz
wc -l IBlock_BT_Spy.orig
3565 IBlock_BT_Spy.origHey BBcan177, Well that matches up with what I have when I do wc -l on both lists and both PFsense systems. Great you and I are experiencing the same situation then (Great Base line). When I go over to the iblocklist.com website the stated Number of ranges are different.
https://www.iblocklist.com/list.php?list=usrcshglbiilevmyfhse –> Number of ranges = 496, not 536
https://www.iblocklist.com/list.php?list=llvtlsjyoyiczbkjsxpf --> Number of ranges = 3201, not 3565When I download the list manually to my Win7 PC, and do line count I get 496, & 3201 respectively. I could understand if our lists were smaller if PFblocker was dedupping some ranges, but both our lists are larger than what we are being given. This leads me to believe that PBflocker is not updating the list correctly. Is my logic flawed?
Both my PFsense systems are production, so I can't Beta test at the moment. If I can find some hardware to spare I'll PM you later.
Again thanks for all your help!
Ash,wcrowder - Maybe I have this backwards, But, the use of CIDR would allow my PFsense list to be SMALLER than that of the Original list. The fact that my PFsense list is larger does not make any sence if the PFsense is summarizing the IP ranges in order to reduce the amount of data to hold. In addition the other lists I have are the same qty on pfsense and iblocklists.com. Sorry I just do not see how this is applicable. I see see my PFsense as not updating to the correct number of ranges provided by iblocklist.com. Please understand I mean no disrespect, just don't see how CIDR is going to change only 2 lists. If I am blindly missing something, please feel free to explain. Thanks for your help.
BBcan177 - Do you think that my logic in my reply on "November 12, 2014, 12:18:45 pm" makes since? Thanks again for your help.
Ash,
-
wcrowder was leading you in the right direction :)
Take for example this Range from the IBlock BT Spyware List
Range Format
221.181.73.214-221.181.73.221:Converts to the following in CIDR Notation
221.181.73.214/31
221.181.73.216/30
221.181.73.220/31So comparing Line Count in Range to CIDR is not going to be exact depending on the Ranges in a particular list.
Hope this makes it clearer.
-
wcrowder was leading you in the right direction :)
Take for example this Range from the IBlock BT Spyware List
Range Format
221.181.73.214-221.181.73.221:Converts to the following in CIDR Notation
221.181.73.214/31
221.181.73.216/30
221.181.73.220/31So comparing Line Count in Range to CIDR is not going to be exact depending on the Ranges in a particular list.
Hope this makes it clearer.
BBcan177 - Thanks, and I guess that settles that. :) So it looks like the only way I have to validate that lists are updating is just if they change from time to time.
wcrowder - Sorry, & Thank you. I guess I had that backwards.
Ash,
