Messages

the only thing I can assume is that ipinfo removed the "Content-Disposition" header ( it's hosted in cloudflare it doesn't make sense ).
because in geoip.py it gets the name from there. and that header doesn't exist now, tested with curl verbose. I don't know how it was before.

I've forced the name ending in .gz in there so it goes thru the .gzip code instead of the zip code with
filename = "ipinfo_lite.csv.gz"
and it worked.

Code Select Expand

        if url is not None and url.lower().startswith('http'):
            # flush data from remote url to temp file and unpack from there
            with tempfile.NamedTemporaryFile() as tmp_stream:
                try:
                    r = requests.get(url)
                except Exception as e:
                    syslog.syslog(syslog.LOG_ERR, 'geoip update failed : %s' % e)
                    return result
                if r.status_code == 200:
                    msg = EmailMessage()
                    msg["Content-Disposition"] = r.headers.get("Content-Disposition", '')
                    filename = msg.get_filename()
                    syslog.syslog(syslog.LOG_NOTICE, 'filename : %s .' % filename)
                    filename = "ipinfo_lite.csv.gz"
                    tmp_stream.write(r.content)
                    tmp_stream.seek(0)
                    if not filename or filename.lower().endswith('.zip'):
                        syslog.syslog(syslog.LOG_NOTICE, 'found .zip format, process')
                        cls.process_zip(tmp_stream, result)
                    elif filename.endswith('.gz'):
                        syslog.syslog(syslog.LOG_NOTICE, 'found .gz format, process')
                        cls.process_gzip(tmp_stream, result)
                    # dump location hash (detect changes in geoIP source selection)
                    open(cls._src_hash_file, 'w').write(cls._source_hash())
                else:
                    syslog.syslog(syslog.LOG_ERR,
                                  'geoip update failed : %s [http_code: %s]' % (r.text.replace('\n', ''), r.status_code)
                    )



No, I'm almost sure it always worked like this. with a redirection, I didn't mean that was the problem, was just explaining.

I tried to follow/debug the script but got lost ...
/usr/local/opnsense/scripts/filter/download_geoip.py

I don't understand why it says a zip instead of a gz like befoe and like it really is.

I've been using ipinfo for GeoIP for months with no problems, updating daily, and yesterday it stopped updating

it was like this every day before

Code Select Expand

<165>1 2025-12-03T17:07:01-03:00 OPNsense-VPN.localhost firewall 6400 - [meta sequenceId="1"] found .gz format, process
<165>1 2025-12-03T17:07:20-03:00 OPNsense-VPN.localhost firewall 6400 - [meta sequenceId="2"] geoip updated (files: 496 lines: 5785121)

yesterday

Code Select Expand

<165>1 2025-12-04T17:08:03-03:00 OPNsense-VPN.localhost firewall 24737 - [meta sequenceId="1"] found .zip format, process
<163>1 2025-12-04T17:08:03-03:00 OPNsense-VPN.localhost firewall 24737 - [meta sequenceId="2"] geoip update failed : File is not a zip file
<165>1 2025-12-04T17:08:03-03:00 OPNsense-VPN.localhost firewall 24737 - [meta sequenceId="3"] geoip updated (files: 0 lines: 0)

downloading same configured url manually https://ipinfo.io/data/ipinfo_lite.csv.gz?token=xxxx with curl gives a 302 redirection and then goes to a real and good .gz

I don't understand ..

Time is truncated and Source and Destination have a lot of wasted space. That's at least how I see it.

Source and Destination have extra whitespace for "Lookup hostnames".

Heh: Perhaps a good application for a template?

Hostnames are two different new columns when you check it.
templates are just for the filters I think. There's no template for shown columns nor you can add or remove dynamically at least from what I've tested.

I'm an old school guy from the times of "static html"  .. where the browser adjusted the windows real state space in a smart way when rendering or adjusting size.
Now everything of course is dynamic, and refreshing live and columns moving and adjusting width each refresh won't be a good user experience.
So I suppose you have to make a trade off. I'm not complaining.

> wasted space seems the same

No, it's not the same.


Cheers,
Franco

Time is truncated and Source and Destination have a lot of wasted space. That's at least how I see it.

ok, thanks. applied both.
wasted space seems the same but now I least I can resize, I'm happy with that.

I just updated today.
Live view is horrible now. Fixed columns, wasted space in some columns and text truncated in others like time for example without even be able to resize.

that makes sense ... I actually just noticed when kept getting "You have new mail" in the console while I was debugging something else ... Probably won't even notice it it weren't for that ...

ok, that's better. no output and it won't prevent real errors popping out in the future

Code Select Expand

( /sbin/pfctl -q -t 'sshlockout' -T expire '3600' )
but the real question is, nobody else is suffering this ?
I don't have customized anything, those 2 crontab came like that in the standard installation I suppose.

I'm afraid i will lose that fix after an update or something.

this seems like a stupid thing but i can't nobody else is suffering it so i can't believe is not fixed.

I'm using latest OPNsense 25.7.7_4-amd64
I have this in crontab

Code Select Expand

root@OPNsense-VPN:/etc # crontab -l
# or /usr/local/etc/cron.d and follow the same format as
# /etc/crontab, see the crontab(5) manual page.
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
REQUESTS_CA_BUNDLE=/usr/local/etc/ssl/cert.pem
#minute hour    mday    month   wday    command
1       *       *       *       *       (/usr/local/sbin/configctl -d syslog archive) > /dev/null
*/4     *       *       *       *       (/usr/local/sbin/ping_hosts.sh) > /dev/null
0       22      *       *       *       (/usr/local/sbin/configctl -d firmware changelog cron) > /dev/null
0,15,30,45      *       *       *       *       (/sbin/pfctl -t 'virusprot' -T expire '3600') > /dev/null
0,15,30,45      *       *       *       *       (/sbin/pfctl -t 'sshlockout' -T expire '3600') > /dev/null
*       *       *       *       *       (/usr/local/bin/flock -n -E 0 -o /tmp/updaterrd.lock /usr/local/opnsense/scripts/health/updaterrd.php) > /dev/null
1       3       1       *       *       (/usr/local/sbin/configctl -d filter schedule bogons) > /dev/null
*       *       *       *       *       (/usr/local/bin/flock -n -E 0 -o /tmp/filter_update_tables.lock /usr/local/opnsense/scripts/filter/update_tables.py --quick) > /dev/null


If i run the /sbin/pfctl the redirection of stdout in not enough because you get "0/0 addresses expired." in stderr

Code Select Expand

root@OPNsense-VPN:/etc # (/sbin/pfctl -t 'virusprot' -T expire '3600') > /dev/null
0/0 addresses expired.

because of this i'm getting mails every 15 minutes ( output in crontab )

i've fixed adding 2>&1 but it was lost after because an update I think.


anyway this seems like a pretty stupid thing or I am missing something and I'm the stupid one?

thanks.