Cannot update lists in pblockerNG..Help?

kjemison1966 · Jul 19, 2015, 2:15 PM

Hello,

I recently upgrade my system to version 2.2.3 (Clean install)

and I wanted to setup my block lists using IBlocklist.com data.

I went to the IPv4 tab on pfblockerNG, entered an Alias name, went to the section IPv4 Lists, chose gz as my format, opened a new tab and logged into iblocklist, chose cidr and gz as my format…went to the Level1 list copied the url and pasted it into my newly created Alias on pfblockerNG and gave it a header name of Level1 (no spaces)... I repeated this process for Level2 and Level3.
I saved the configuration and waited for the Cron job to execute the update.

Upon viewing the log files for pfblockerNG I have the following output:
[ pfB_IBlock Level1 ] Download FAIL [ 07/19/15 10:00:12 ]
grep: /var/db/pfblockerng/deny/: No such file or directory
grep: /var/db/pfblockerng/deny/: No such file or directory

[ Level2 ] Downloading New File
[ pfB_IBlock Level2 ] Download FAIL [ 07/19/15 10:00:15 ]
grep: /var/db/pfblockerng/deny/: No such file or directory
grep: /var/db/pfblockerng/deny/: No such file or directory

[ Level3 ] Downloading New File
[ pfB_IBlock Level3 ] Download FAIL [ 07/19/15 10:00:18 ]
grep: /var/db/pfblockerng/deny/: No such file or directory
grep: /var/db/pfblockerng/deny/: No such file or directory

===[ Aliastables / Rules ]================================

No Changes to Firewall Rules, Skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

From here I opened up a new browser tab and pasted in one of the links for the gz files from iblocklist and the file downloaded with no problems.

I do see that within the log files an entry: "grep: /var/db/pfblockerng/deny/*: No such file or directory"

Is this the problem? No such directory?…. Should the installation of pfblockerNG have created this directory?

Thank you for any and all input on how to resolve this.

Sincerely,
Kell

BBcan177 · Jul 19, 2015, 7:03 PM

For IBlock use "P2P" and "GZ" format.

There are other better lists to use :
https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975

lmontinola · Jul 20, 2015, 10:15 AM

hi,

i too am getting the download fail… i have 2 ipv4 lists

http://bgp.he.net/search?search%5Bsearch%5D=facebook&commit=Search

and

http://bgp.he.net/search?search%5Bsearch%5D=spotify&commit=Search

i tried to disable pfblockerng and removed the tick mark on keep settings then clicked save and placed a enabled pfblockerng but i still get the same error.

tia

doktornotor · Jul 20, 2015, 10:32 AM

What "same error"? The lists you linked are "HTML" format.

lmontinola · Jul 20, 2015, 10:45 AM

i was referring to the downloading failed…

prior to pfblockerng i had a cron job which queries the radb.net database then saves it to a text file... i added that text file to the pfblockerng list and it works... i was able to manually access the two sites in the list... but for some reason, having pfblockerng is having problems downloading the output of the site... i checked the pfblockerng logs and i couldn't find any detailed info as to why this is happening..

lmontinola · Jul 22, 2015, 7:33 AM

update…. i think my machine got blocked from accessing the bhe server... here's a snippet from the pfblockerng.log... will stick to the cron job for now

[ spotify_he_net ] Downloading New File looking up bgp.he.net
connecting to bgp.he.net:80
requesting http://bgp.he.net/search?search%5Bsearch%5D=spotify&commit=Search

403 Forbidden

Forbidden
You don't have permission to access /search
on this server.

Apache/2.4.7 (Ubuntu) Server at bgp.he.net Port 80

fetch: http://bgp.he.net/search?search%5Bsearch%5D=spotify&commit=Search: Forbidden

[ pfB_audiostream spotify_he_net ] Download FAIL [ 07/22/15 12:00:11 ]

BBcan177 · Jul 22, 2015, 11:07 AM

To download from HE, you need to select the format as "html" or it will fail to download.

Disable this list for 24hrs as HE is denying access (rate-limiting) because you probably have this list attempting to download every hour using the wrong download format.

lmontinola · Jul 22, 2015, 4:46 PM

thanks for the input… turned off HE from the list and will turn it back on as suggested...

the list was actually working since i created the list last 7/15/15 but stopped working on 7/18/15... schedule was set to daily... will try setting to weekly and see if i get blocked again...

thanks for making a great package!!! now i only have to use packages from the pfsense list... no need to download the whois package for freebsd anymore!!!