Bug #14299
closed
pfBlockerNG does not honor the cURL source interface setting for DNSBL lists
Added by Charles Hamilton over 1 year ago.
Updated about 1 month ago.
Plus Target Version:
24.11
Affected Plus Version:
23.01
Affected Architecture:
All
Description
Pull request to fix the problem is on its way.
Files
More details:
https://redmine.pfsense.org/issues/12882#change-59903
The cURL interface can be specified via the WUI but the setting is ignored because the srcint variable is never defined during DNSBL list processing. You can see this in action by printing the value of srcint via the pfb_download function (screenshot attached: pfb_download-modified.png ). The srcint variable is empty when downloading DNSBL lists (attached screenshot: update-log.png ), which prevents the list from being downloaded if this feature is required. The PR linked in my previous comment fixes this problem.
This morning I noticed the following:
CRON PROCESS START [ v3.2.0_4 ] [ 04/23/23 08:00:00 ]
[ IPv4_PASS_Exceptions_v4 ]
( md5 feed ) cURL Error: 28 [ 04/23/23 08:01:09 ]
Connection timeout after 15016 ms Retry [1] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:01:29 ]
Connection timeout after 15003 ms Retry [2] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:01:49 ]
Connection timeout after 15006 ms |IPv4_PASS_Exceptions_v4|https://URL_REDACTED/IPv4_PASS_Exceptions.txt| Retry [3] in 5 seconds...
.. Unknown Failure Code [0]
Failed to download Feed for md5 comparison! Update skipped
[ IPv4_BLOCK_Exceptions_v4 ] [ 04/23/23 08:01:54 ]
( md5 feed ) cURL Error: 28 [ 04/23/23 08:03:04 ]
Connection timeout after 15002 ms Retry [1] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:03:24 ]
Connection timeout after 15015 ms Retry [2] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:03:44 ]
Connection timeout after 15015 ms |IPv4_BLOCK_Exceptions_v4|https://URL_REDACTED/IPv4_BLOCK_Exceptions.txt| Retry [3] in 5 seconds...
.. Unknown Failure Code [0]
Failed to download Feed for md5 comparison! Update skipped
[ IPv6_PASS_Exceptions_v6 ] [ 04/23/23 08:03:49 ]
( md5 feed ) cURL Error: 28 [ 04/23/23 08:04:58 ]
Connection timeout after 15007 ms Retry [1] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:05:18 ]
Connection timeout after 15014 ms Retry [2] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:05:38 ]
Connection timeout after 15016 ms |IPv6_PASS_Exceptions_v6|https://URL_REDACTED/IPv6_PASS_Exceptions.txt| Retry [3] in 5 seconds...
.. Unknown Failure Code [0]
Failed to download Feed for md5 comparison! Update skipped
[ IPv6_BLOCK_Exceptions_v6 ] [ 04/23/23 08:05:43 ]
( md5 feed ) cURL Error: 28 [ 04/23/23 08:06:52 ]
Connection timeout after 15007 ms Retry [1] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:07:12 ]
Connection timeout after 15022 ms Retry [2] in 5 seconds...
. cURL Error: 28 [ 04/23/23 08:07:32 ]
Connection timeout after 15016 ms |IPv6_BLOCK_Exceptions_v6|https://URL_REDACTED/IPv6_BLOCK_Exceptions.txt| Retry [3] in 5 seconds...
.. Unknown Failure Code [0]
Failed to download Feed for md5 comparison! Update skipped
I missed this part of the update process when making my changes on Friday, so I'm closing my previous pull request (https://github.com/pfsense/FreeBSD-ports/pull/1251) and opening another one.
EDIT: Done! Here's the new PR: https://github.com/pfsense/FreeBSD-ports/pull/1252
This has issue has been open for over a year and the original pull request is no longer valid so I've closed it, made the necessary changes, and opened another one: https://github.com/pfsense/FreeBSD-ports/pull/1379. This has been tested with pfBlockerNG v3.2.0_8 and v.3.2.0_7 (the latter on a production device).
- Subject changed from pfBlockerNG does not honor the cURL source interface setting for DNSBL lists. to pfBlockerNG does not honor the cURL source interface setting for DNSBL lists
- Status changed from New to Resolved
- Target version set to 2.8.0
- % Done changed from 0 to 100
- Plus Target Version set to 24.08
- Plus Target Version changed from 24.08 to 24.11
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
