Open Azgar1998 opened 12 months ago
You are filing this issue for a wrong repository. As you can read from the error message, this applies to any rules download, in your case the URL is rules.emergingthreats.net
. There is no support for proxies in /usr/local/opnsense/scripts/suricata/rule-updater.py
Additionally, setting these variables via environment will never work while using urllib3
. Not supported upstream: https://github.com/urllib3/urllib3/issues/1785
Hello,
I have opnsense 23.7.6. I would like to download the IDS rules with a proxy but it does not work
my config:
/root/.cshrc: setenv HTTP_PROXY http://proxy:8080 setenv HTTPS_PROXY http://proxy:8080 setenv http_proxy http://proxy:8080 setenv https_proxy http://proxy:8080 setenv FTP_PROXY http://proxy:8080 setenv ftp_proxy http://proxy:8080
/usr/local/etc/pkg.conf:
pkg_env : { http_proxy: "{http://proxy:8080}" https_proxy: "{http://proxy:8080}" }
/usr/local/opnsense/service/conf/configd.conf:
HTTP_PROXY=http://proxy:8080 HTTPS_PROXY=http://proxy:8080 http_proxy=http://proxy:8080 https_proxy=http://proxy:8080 FTP_PROXY=http://proxy:8080 ftp_proxy=http://proxy:8080
/var/log/system/system_20231023.log: rule-updater.py 24817 - [meta sequenceId="1"] download failed for https://rules.emergingthreats.net/open/suricata-6.0/emerging.rules.tar.gz (HTTPSConnectionPool(host='rules.emergingthreats.net', port=443): Max retries exceeded with url: /open/suricata-6.0/emerging.rules.tar.gz (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x8523c1a90>: Failed to establish a new connection: [Errno 60] Operation timed out')))
From the console: when I do a curl test with google it works
pkg -d update: OK pkg -d upgrade: OK
curl -v https://rules.emergingthreats.net: OK
the proxy has no filter
Thank for your help