core: Applying Unbound blacklist fails with error

I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

After adding a new entry in the Unbound blocklist whitelist (going from 2 to 3 elements) and pressing Download&Apply, it waits a while and then I am greeted with an error box stating

Error updating blocklists
An error occurred during script execution. Check the logs for details

Backend log shows

Timeout (120) executing : unbound dnsbl
Script action failed with Command ' /usr/local/opnsense/scripts/unbound/blocklists.py && /usr/local/opnsense/scripts/unbound/wrapper.py -b ' returned non-zero exit status 99. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 482, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command ' /usr/local/opnsense/scripts/unbound/blocklists.py && /usr/local/opnsense/scripts/unbound/wrapper.py -b ' returned non-zero exit status 99.

Subsequent attempts at pressing Download&Apply immediately return with the error box. I am currently unable to save at all.

To Reproduce

Steps to reproduce the behavior (I am not sure how reproducible it is on other installs):

Have Unbound blocklist active with Blocksite.list Fraud,Malware,Phishing,Ransomware,Scam; EasyList; EasyPrivacy; WindowsSpyblocker (spy)’
Have two elements in whitelist: foo.com, .foo.com
Download&Apply
Use for a while
Later, add third element bar.com to whitelist
Press Download&Apply

Expected behavior

Applies without trouble

Describe alternatives you considered

Rebooting the box perhaps? Not an option until at least the weekend. And I’d be workarounding, nox fixing things 😃

Screenshots

Relevant log files

See above for log

Additional context

Add any other context about the problem here.

Environment

Software version used and hardware type if relevant, e.g.:

OPNsense 22.7.4-amd64 Intel® Celeron® J4125 CPU @ 2.00GHz (4 cores, 4 threads)

About this issue

Original URL
State: closed
Created 2 years ago
Comments: 15 (9 by maintainers)

Most upvoted comments

so we agree that one of the reasons for the extremely slow blocklist download was incorrect IPv6 working on the local host?

Correct!

Thank you very much for yours and @AdSchellevis super quick response and fix. It really confirms why I should’ve switched over from pfSense earlier 😃

Feel free to close at your discretion. If my IPv6 ever breaks again, I’ll add a comment here and reopen.

haarp on Sep 20, 2022

@kulikov-a I’m ok with a short time-out, a couple of seconds is usually enough indeed.

AdSchellevis on Sep 17, 2022