pfSense Gold Subscription

Author Topic: URL Table (IPs) - BUG.  (Read 256 times)

0 Members and 1 Guest are viewing this topic.

Offline cyber7

  • Full Member
  • ***
  • Posts: 130
  • Karma: +4/-1
    • View Profile
    • cyber7 - technologies for a better tomorrow
URL Table (IPs) - BUG.
« on: November 03, 2016, 04:01:08 am »
Trying to add my AS Facebook listing from my local URL I get:
Code: [Select]
Unable to fetch usable data from URL http://<IP>/aliastables/facebook.txtThis is with 2.3.2-p1

I had a look on GIT and April 2016 this was reported, but closed as "duplicate", although pointing to 2.2.4...

https://redmine.pfsense.org/issues/6564

Please could someone tell me what I am doing wrong?  The file "facebook.txt" only contains 10.0.0.111 at the moment.

I can do a "
Code: [Select]
curl http://<IP>/aliastables/facebook.txt" from the command-line and do then get the content of the file...
 
« Last Edit: November 03, 2016, 06:23:53 am by cyber7 »
When you pause to think, do you start again?

2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15
and
pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

Offline cyber7

  • Full Member
  • ***
  • Posts: 130
  • Karma: +4/-1
    • View Profile
    • cyber7 - technologies for a better tomorrow
Re: URL Table (IPs) - BUG.
« Reply #1 on: November 03, 2016, 04:45:23 am »
further on this:

If I use an external source IP List, I get this to work.  So, it seems like it is a block on my local network...?
When you pause to think, do you start again?

2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15
and
pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

Offline cyber7

  • Full Member
  • ***
  • Posts: 130
  • Karma: +4/-1
    • View Profile
    • cyber7 - technologies for a better tomorrow
Re: URL Table (IPs) - BUG. (2.3.2-p1)
« Reply #2 on: November 03, 2016, 05:49:20 am »
 >:( >:( >:(

If I edit the /cf/conf/config.xml file and add into the <aliases> section the following:
Code: [Select]
                <alias>
                        <name>facebook</name>
                        <type>urltable</type>
                        <url>http://IPIPIPIP/aliastables/facebook.txt</url>
                        <updatefreq>128</updatefreq>
                        <address>http://IPADDRESS/aliastables/facebook.txt</address>
                        <descr><![CDATA[Facebook AS List.]]></descr>
                        <detail><![CDATA[http://bgp.he.net/search?search%5Bsearch%5D=facebook&amp;commit=Search]]></detail>
                </alias>
it does seem to work...

I can then do a:
Code: [Select]
pfctl -t facebook -T replace -f /usr/local/www/aliastables/facebook.txtonce the full list of IP's have been collected with:
Code: [Select]
whois -h whois.radb.net -- "-i origin AS32934" | awk "/^route:/ {print $2;}" | awk '{print $2}' | sort | uniq > facebook.txtwithout problems

Can one of you please confirm the correct way of specifying an URL TABLE ALIAS without having to edit/break the config file?

PS - This does not STICK if you reboot, you have to re-import your TXT file with the above PFCTL command...

« Last Edit: November 04, 2016, 04:11:59 am by cyber7 »
When you pause to think, do you start again?

2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15
and
pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

Offline cyber7

  • Full Member
  • ***
  • Posts: 130
  • Karma: +4/-1
    • View Profile
    • cyber7 - technologies for a better tomorrow
Re: URL Table (IPs) - BUG.
« Reply #3 on: November 03, 2016, 06:34:08 am »
I can also confirm that I can create an URL TABLE ALIAS using this environment file from my production system...

When you pause to think, do you start again?

2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15
and
pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

Offline cyber7

  • Full Member
  • ***
  • Posts: 130
  • Karma: +4/-1
    • View Profile
    • cyber7 - technologies for a better tomorrow
Re: URL Table (IPs) - BUG.
« Reply #4 on: November 04, 2016, 06:18:29 am »
To assist with the problem I wrote a workaround with scripting and startup files here:
http://wp.me/p2jcLn-xr

Please visit the site to get this working.

As a last point, I hate having to edit configuration files of broken software, so please pfSense fix this for us?
When you pause to think, do you start again?

2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15
and
pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense