Text only | Text with Images

OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: Q3tNHn on December 10, 2024, 07:22:05 PM

Title: UT1 blacklist not showing category.
Post by: Q3tNHn on December 10, 2024, 07:22:05 PM
Hi all,
I am following this tutorial to set up web filtering on my OPNsense instance: https://docs.opnsense.org/manual/how-tos/proxywebfilter.html
But UT1 blacklist is not showing any category after I successfully download and apply the list.
Please help!
Title: Re: UT1 blacklist not showing category.
Post by: Q3tNHn on December 10, 2024, 07:32:07 PM
Now I can't even start Squid service. Here's the error message:

Starting squid.
CPU Usage: 5.075 seconds = 4.996 user + 0.079 sys
Maximum Resident Size: 1308160 KB
Page faults with physical i/o: 0
2024/12/10 13:27:02| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3128
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3128
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3129
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3129
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3129 (interception enabled)
2024/12/10 13:27:02| WARNING: empty ACL: acl bump_nobumpsites ssl::server_name "/usr/local/etc/squid/nobumpsites.acl"
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:2121
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:2121 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:2121
2024/12/10 13:27:02| Disabling Authentication on port [::1]:2121 (interception enabled)
2024/12/10 13:27:07| ERROR: '.ai-nude.adult' is a subdomain of '.adult'
2024/12/10 13:27:07| ERROR: You need to remove '.ai-nude.adult' from the ACL named 'remoteblacklist_ut1'
2024/12/10 13:27:07| Not currently OK to rewrite swap log.
2024/12/10 13:27:07| storeDirWriteCleanLogs: Operation aborted.
2024/12/10 13:27:07| FATAL: Bungled /usr/local/etc/squid/squid.conf line 72: acl remoteblacklist_ut1 dstdomain "/usr/local/etc/squid/acl/ut1"
2024/12/10 13:27:07| Squid Cache (Version 6.10): Terminated abnormally.
/usr/local/etc/rc.d/squid: WARNING: failed to start squid
Title: Re: UT1 blacklist not showing category.
Post by: meyergru on December 10, 2024, 07:55:40 PM
You are correct, that seems like a bug. Obviously, the UI does not correctly extract the categories after download of the ACLs. One can see that they are fetched correctly by looking at more /usr/local/etc/squid/acl/UT1.index.

You should raise an issue here (https://github.com/opnsense/plugins).

The second error is a misconfiguration and the error messages clearly state which.

Title: Re: UT1 blacklist not showing category.
Post by: NetworkIT on December 11, 2024, 05:55:39 AM
@Q3tNHn - I have same error when i upgraded my OPNSense to 24.7.10.
I thought my proxy corrupted and now i can see not only me.
Please OPnsense, help us fix this bug please
Title: Re: UT1 blacklist not showing category.
Post by: meyergru on December 11, 2024, 11:54:01 AM
I can almost guarantee you that there will be no fix unless someone reports a bug on Github. I do not use that feature, so I won't.

Title: Re: UT1 blacklist not showing category.
Post by: droumanet on December 20, 2024, 09:23:20 AM
Issue has been submitted and confirmed: https://github.com/opnsense/plugins/issues/4392

Edit 2024-12-27: By the way, I manage an other OPNSense firewall in 24.1 version and it's able to manage categories, read list and so on... a bug is probably the cause in 24.7 version.
Title: Re: UT1 blacklist not showing category.
Post by: zkduzvzpene on January 09, 2025, 07:21:53 PM
Hello,
I also have the same issue with the 24.7.11_2.
Cross finger that will be fixed soon 🤞
Title: Re: UT1 blacklist not showing category.
Post by: xxup on January 10, 2025, 05:41:50 AM
Me too.
Title: Re: UT1 blacklist not showing category.
Post by: droumanet on April 07, 2025, 11:39:38 PM
Using 25.1.4 version and list UT1: categories are back.
Seems to be ok now.
Title: Re: UT1 blacklist not showing category.
Post by: pakabilond on August 13, 2025, 10:06:50 PM
Hi everyone 👋
I'm running OPNsense version 25.7.1 and noticed that the Blacklist section isn't showing up where I'd expect it—under Services > Web Proxy or in the usual ACL areas. I've double-checked my configuration and packages, but still no luck.
Has anyone else encountered this in 25.7.1?
Is there a known change or workaround to restore blacklist visibility or functionality?
Appreciate any insights or suggestions—thanks in advance!
Title: Re: UT1 blacklist not showing category.
Post by: droumanet on August 27, 2025, 11:59:06 AM
That's right.
I use 25.7.2 and I've (again) this problem!

Tried with
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz (initial working link)
ftp://ftp.ut-capitole.fr/blacklist/blacklists_for_pfsense_reducted.tar.gz
ftp://ftp.ut-capitole.fr/blacklist/blacklists.tar.gz
Title: Re: UT1 blacklist not showing category.
Post by: ludarkstar99 on September 01, 2025, 03:31:24 PM
Hi,

This issue is due to code incompatibility, as the core has undergone changes in how it handles runtime model fields.

For now, instead of using the Capitole URL that provides the full set of categories, we must insert them one by one using the links available at:
https://dsi.ut-capitole.fr/blacklists/download/

just register the ones you want to block.
Text only | Text with Images