Issue on Import

[Johnster001]

Getting an error on import:

/ip firewall address-list remove [find where list="pwlgrzs-blacklist"] ; /import file-name=blacklist.rsc

failure: 2001:41d0:203:22be:: is not a valid dns name

[ortorob73]

There are ipv6 ip's in the list which need to be removed or fixed

Il Sab 11 Feb 2023, 22:30 Johnster001 @.***> ha scritto:

Getting an error on import:

/ip firewall address-list remove [find where list="pwlgrzs-blacklist"] ; /import file-name=blacklist.rsc

failure: 2001:41d0:203:22be:: is not a valid dns name

— Reply to this email directly, view it on GitHub https://github.com/pwlgrzs/Mikrotik-Blacklist/issues/8, or unsubscribe https://github.com/notifications/unsubscribe-auth/AVX6VWE66P7Y5FCSB3YP4MLWXAAHLANCNFSM6AAAAAAUY5CAEY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[Johnster001]

Is this new or something that always needs to be done on import?

[pwlgrzs]

I guess I haven't filtered out IPv6 addresses on recent source update, I will look into this.

[pwlgrzs]

@Johnster001 just FYI failure you see in the log will not prevent you from successfully adding other IPs to the firewall.

[pwlgrzs]

@Johnster001 @ortorob73 could you please check if the list will correctly import on your devices?

[Johnster001]

@pwlgrzs Sorry, for the delay, I had to rebuild my router and haven't re-imported yet. I can let you know when I do if you'd like.

[pwlgrzs]

@Johnster001 sure, no worries, let me know if you see any issues. Just note updated list is pretty long now and if you have a device with small storage it may cause issues (I have added relevant warning to the readme).

[Johnster001]

@pwlgrzs I did have that issue before the rebuild, the list brought the storage so low that I couldn't even create a config backup. I am admittedly a little leery of trying again with the router rebuild, but I have a backup unit that I can try it on first. I'll let you know how it goes.

[pwlgrzs]

@Johnster001 yeah, that what's going on with my HEX. I am considering creating a "light" list without pfSense additions which are pretty heavy, what do you think?

[Johnster001]

@pwlgrzs I have a Hex as well. That would be great. Let me know if you come up with one and I'll try it out.

[pwlgrzs]

@Johnster001 I have uploaded light version (4 times lighter actually). Give it a try, you will need to add "-light" to download script on the device: Replace:

• https://raw.githubusercontent.com/pwlgrzs/Mikrotik-Blacklist/master/blacklist.rsc

with

• https://raw.githubusercontent.com/pwlgrzs/Mikrotik-Blacklist/master/blacklist-light.rsc

[pwlgrzs]

So I run a quick test with light list (it's 20k entries):

before: 9 of 16MB used after: 10.8 of 16MB used

well, definitely should not kill the device now. Did you have a chance to check @Johnster001 ?

[Johnster001]

Just installed the lite version, seems to have taken up about the same amount of disk space as it did for you, so I think I'm good. It will be interesting to see if there's any traffic on the firewall rule going forward. Thanks!

[pwlgrzs]

I will look into adding other pfSense lists to lite version but keep it as light.