search

britannic / blacklist

Blacklist and Adware Blocking for the Ubiquiti EdgeMax Router
Other
533 stars 35 forks source link

dlb.oisd.nl certificate issue #48

Closed Fastjur closed 1 year ago

Fastjur commented 1 year ago

Hi!

I was wondering if there might be a workaround for the following error. When I run update-dnsmasq, I get the following output:

ubnt@edgerouter:~$ sudo /config/scripts/update-dnsmasq -v
NOTI[001]17:43:03.451: Starting blacklist update...
INFO[002]17:43:03.466: Checking for stale blacklists...
INFO[003]17:43:03.501: blacklisted-subdomains: downloaded: 15
INFO[004]17:43:03.503: blacklisted-subdomains: extracted: 15
INFO[005]17:43:03.504: blacklisted-subdomains: dropped: 0
INFO[006]17:43:03.519: blacklisted-servers: downloaded: 2
INFO[007]17:43:03.521: blacklisted-servers: extracted: 2
INFO[008]17:43:03.525: blacklisted-servers: dropped: 0
INFO[009]17:43:03.564: global-whitelisted-domains: downloaded: 99
INFO[00a]17:43:03.565: global-whitelisted-domains: extracted: 99
INFO[00b]17:43:03.566: global-whitelisted-domains: dropped: 0
INFO[00c]17:43:03.592: whitelisted-servers: downloaded: 1
INFO[00d]17:43:03.593: whitelisted-servers: extracted: 1
INFO[00e]17:43:03.594: whitelisted-servers: dropped: 0
INFO[010]17:43:03.598: Downloading domains source NoBitCoin
INFO[00f]17:43:03.598: Downloading domains source simple_tracking
INFO[011]17:43:03.598: Downloading domains source OISD
WARN[012]17:43:04.653: Unable to get response for https://dbl.oisd.nl/basic/
INFO[013]17:43:04.682: simple_tracking: downloaded: 34
INFO[014]17:43:04.683: simple_tracking: extracted: 34
INFO[015]17:43:04.684: simple_tracking: dropped: 0
INFO[016]17:43:04.787: NoBitCoin: downloaded: 720
INFO[017]17:43:04.788: NoBitCoin: extracted: 714
INFO[018]17:43:04.789: NoBitCoin: dropped: 6
ERRO[019]17:43:04.803: Get "https://dbl.oisd.nl/basic/": x509: certificate has expired or is not yet valid: current time 2022-12-13T17:43:04+01:00 is after 2021-09-30T14:01:15Z
NOTI[01a]17:43:04.805: Total entries found: 871
NOTI[01b]17:43:04.806: Total entries extracted 865
NOTI[01c]17:43:04.807: Total entries dropped 6
INFO[01d]17:43:07.103: Successfully restarted dnsmasq
NOTI[01e]17:43:07.105: Blacklist update completed......

It seems that something is wrong with the dbl.oisd.nl/basic list, even though navigating to that URL seems to be fine in my browser. Is there a way to ignore the certificate issue, so I can test of it works on my network?

britannic commented 1 year ago

No, best practice is to ensure the certificate is valid to prevent bad actors poisoning DNS entries with a rogue server/list. Please post further questions to the DNS Adblocking & Blacklisting dnsmasq Configuration Integration Package thread.