Actions
Bug #13596
closed
pfBlockerNG-devel Unbound does not start when using DNSBL python regex with multiple commented lines
Status:
Resolved
Priority:
Low
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
Enabling Regex Blocking in Unbound python mode and adding comments in Python Regex List cant prevent unbound from starting, giving the following error:
[54695:0] error: pythonmod: python error: Traceback (most recent call last):
File "pfb_unbound.py", line 229, in init_standard pfb['python_enable'] = config.getboolean('MAIN', 'python_enable')
File "/usr/local/lib/python3.9/configparser.py", line 828, in getboolean return self._get_conv(section, option, self._convert_to_boolean,
File "/usr/local/lib/python3.9/configparser.py", line 808, in _get_conv return self._get(section, conv, option, raw=raw, vars=vars,
File "/usr/local/lib/python3.9/configparser.py", line 803, in _get return conv(self.get(section, option, **kwargs))
File "/usr/local/lib/python3.9/configparser.py", line 799, in get return self._interpolation.before_get(self, section, option, value,
File "/usr/local/lib/python3.9/configparser.py", line 395, in before_get self._interpolate_some(parser, option, L, value, section, defaults, 1)
File "/usr/local/lib/python3.9/configparser.py", line 412, in _interpolate_some p = rest.find("%") AttributeError: 'list' object has no attribute 'find'
Tested with:
Success
foo bar
Success
foo # test bar
Fail
foo # test bar # test
Updated by BBcan177 . over 2 years ago
Can you post the /var/unbound/pfb_unbound.ini file contents working and not working?
And what version of pfSense?
Updated by Marcos M over 2 years ago
On pfSense dev snapshots (FreeBSD 14) with latest pfBlockerNG-devel.
SUCCESS
foo bar
; pfBlockerNG DNSBL Unbound python configuration file ; pfb_unbound.ini [ File created: 10/26/22 18:11:35 ] [MAIN] dnsbl_ipv4 = 172.16.0.5 python_enable = on python_ipv6 = off python_reply = on python_blocking = on python_hsts = on python_idn = off python_tld_seg = 1 python_tld = off python_tlds = python_nolog = off python_cname = off python_control = off [REGEX] Regex_1 = foo Regex_2 = bar
SUCCESS
foo # test bar
; pfBlockerNG DNSBL Unbound python configuration file ; pfb_unbound.ini [ File created: 10/26/22 18:10:52 ] [MAIN] dnsbl_ipv4 = 172.16.0.5 python_enable = on python_ipv6 = off python_reply = on python_blocking = on python_hsts = on python_idn = off python_tld_seg = 1 python_tld = off python_tlds = python_nolog = off python_cname = off python_control = off [REGEX] test = foo Regex_2 = bar
FAIL
foo # test bar # test
; pfBlockerNG DNSBL Unbound python configuration file ; pfb_unbound.ini [ File created: 10/26/22 18:09:13 ] [MAIN] dnsbl_ipv4 = 172.16.0.5 python_enable = on python_ipv6 = off python_reply = on python_blocking = on python_hsts = on python_idn = off python_tld_seg = 1 python_tld = off python_tlds = python_nolog = off python_cname = off python_control = off [REGEX] test = foo test = bar
Updated by BBcan177 . over 2 years ago
Ok I see the issue. It's because the existing code takes the comment and uses that as the key value. So "test" is a duplicate key.
Will fix that up to look for duplicate key names.
As a note, the key value is used in the logging and Reporting to reference the regex.
Thanks for reporting.
Actions