[BUG] Duplicate values in globalblacklist.conf

enoch85 commented 1 year ago

Describe the bug

Been running this on my nginx server for a few years, and now suddenly it starts behaving strange, unloading nginx and so on (at least I think this script is the cause, needs further investigation). What bothers me right now though is that it produces dubplicate values in the conf.

root@nginx:/usr/local/sbin# nginx -t
nginx: [warn] duplicate network "138.199.57.151", value: "0", old value: "1" in /etc/nginx/conf.d/globalblacklist.conf:18867
nginx: [warn] duplicate network "143.244.38.129", value: "0", old value: "1" in /etc/nginx/conf.d/globalblacklist.conf:18883
nginx: [warn] duplicate network "195.181.163.194", value: "0", old value: "1" in /etc/nginx/conf.d/globalblacklist.conf:18978
nginx: [warn] duplicate network "5.188.120.15", value: "0", old value: "1" in /etc/nginx/conf.d/globalblacklist.conf:19105
nginx: [warn] duplicate network "89.187.173.66", value: "0", old value: "1" in /etc/nginx/conf.d/globalblacklist.conf:19152
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

To Reproduce

Steps to reproduce the behavior:

Run the script in an updated manner

Expected behavior

No duplicates

Screenshots

Copy of nginx.conf

If applicable please paste your nginx.conf file here (paste in between the markers)


Paste nginx.conf here

Copy of vhost / website / host .conf file

If applicable please paste your site/vhost configuration file in between the code ticks (paste in between the markers)


Paste site config here

Server (please complete the following information):

Operating System:
[X] Ubuntu
[ ] Alpine
[ ] Arch Linux
[ ] Debian
[ ] CentOS
[ ] Fedora
[ ] Deepin
[ ] Windows
[ ] Other

Specify Exact Version of OS:


Linux nginx 5.4.0-125-generic #141-Ubuntu SMP Wed Aug 10 13:42:03 UTC 2022 x86_64 x86_64 x86_64 GNU/Linu
Ubuntu 20.04

Nginx Version [post output of sudo nginx -v]


 nginx version: nginx/1.18.0 (Ubuntu)

Other Environments [include Version information]
[ ] Plesk
[ ] CPanel
[ ] Synology NAS
[ ] Other
Specify Other / Specific Version Information Here:
Any other applicable log / error messages that may help us to help you.


Paste any log / error messages here (paste in between the ```     ``` markers)

Additional information

I will update this if needed with more info later on.

mitchellkrogza commented 1 year ago

It's normal behaviour, we have well known IP ranges that are whitelisted 0 and further down the chain with daily updates some of those IP's appear on the blacklist we pull then setting them to 1 you will see over a few days the IP's warned will change. It's only a warning and does not affect performance nor put any system stability at risk. The whitelists rule supreme which is why when a well known IP is blacklisted we trust it and set it back to 0

enoch85 commented 1 year ago

Okay, closing then. Thanks for the quick response!

mitchellkrogza / nginx-ultimate-bad-bot-blocker