Text only | Text with Images

OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Droppie391 on January 16, 2020, 04:31:07 PM

Title: GeoIP not Updating
Post by: Droppie391 on January 16, 2020, 04:31:07 PM
after updating to 19.7.9_1, creating an account with mindmap, generating a license key and entering the url,
we still (after 3 days) have not been able to retrieve the zip file.

testing with python from the cli we see the following errors popping up:

Code Select

Python 3.7.6 (default, Jan  7 2020, 01:19:35)
[Clang 6.0.0 (tags/RELEASE_600/final 326565)] on freebsd11
Type "help", "copyright", "credits" or "license" for more information.
>>> from geoip import download_geolite
>>> download_geolite()
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/urllib3/contrib/pyopenssl.py", line 485, in wrap_socket
    cnx.do_handshake()
  File "/usr/local/lib/python3.7/site-packages/OpenSSL/SSL.py", line 1915, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/usr/local/lib/python3.7/site-packages/OpenSSL/SSL.py", line 1639, in _raise_ssl_error
    raise SysCallError(errno, errorcode.get(errno))
OpenSSL.SSL.SysCallError: (32, 'EPIPE')

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 672, in urlopen
    chunked=chunked,
  File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 376, in _make_request
    self._validate_conn(conn)
  File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 994, in _validate_conn
    conn.connect()
  File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py", line 394, in connect
    ssl_context=context,
  File "/usr/local/lib/python3.7/site-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/local/lib/python3.7/site-packages/urllib3/contrib/pyopenssl.py", line 491, in wrap_socket
    raise ssl.SSLError("bad handshake: %r" % e)
ssl.SSLError: ("bad handshake: SysCallError(32, 'EPIPE')",)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/requests/adapters.py", line 449, in send
    timeout=timeout
  File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 720, in urlopen
    method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
  File "/usr/local/lib/python3.7/site-packages/urllib3/util/retry.py", line 436, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='download.maxmind.com', port=443): Max retries exceeded with url: /app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=<KEY>&suffix=zip (Caused by SSLError(SSLError("bad handshake: SysCallError(32, 'EPIPE')")))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/opnsense/scripts/filter/lib/geoip.py", line 62, in download_geolite
    r = requests.get(url)
  File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 75, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 60, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='download.maxmind.com', port=443): Max retries exceeded with url: /app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=<KEY>&suffix=zip (Caused by SSLError(SSLError("bad handshake: SysCallError(32, 'EPIPE')")))
>>>

it looks like there is a problem starting a ssl session from python but as we`re no python specialists...

The download from a browser work fine by the way so the url is working correctly.
Edit (fabian) remove license key and add code tags
Title: Re: GeoIP not Updating
Post by: chemlud on January 16, 2020, 04:52:52 PM
Would you mind redacting your licence key if you want to use it further?

Did you try removing the GeoIP alias and creating a new one?

My Alias updated successfully within the last 24 h

Code Select
Last updated    2020-01-15T14:22:42
Total number of ranges    441743
Title: Re: GeoIP not Updating
Post by: dcol on January 16, 2020, 06:07:58 PM
Mine updated yesterday as well. I also had to recreate the alias and rule. Now seems to work ok.
Title: Re: GeoIP not Updating
Post by: Droppie391 on January 17, 2020, 10:49:25 AM
the license key was only setup to do this test and is removed now, thanks for hinting  ;)
Ive deleted all geoblock rules and created them anew, waiting now for the updates...
Title: (SOLVED) Re: GeoIP not Updating
Post by: Droppie391 on January 28, 2020, 08:24:44 AM
well, after lots of hair-pulling it works. there was no ipv6 default route set on the test machine...
Text only | Text with Images