UT1 blacklist not showing category.

Q3tNHn · December 10, 2024, 07:22:05 PM

Hi all,
I am following this tutorial to set up web filtering on my OPNsense instance: https://docs.opnsense.org/manual/how-tos/proxywebfilter.html
But UT1 blacklist is not showing any category after I successfully download and apply the list.
Please help!

Q3tNHn · December 10, 2024, 07:32:07 PM

Now I can't even start Squid service. Here's the error message:

Starting squid.
CPU Usage: 5.075 seconds = 4.996 user + 0.079 sys
Maximum Resident Size: 1308160 KB
Page faults with physical i/o: 0
2024/12/10 13:27:02| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3128
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3128
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3129
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3129
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3129 (interception enabled)
2024/12/10 13:27:02| WARNING: empty ACL: acl bump_nobumpsites ssl::server_name "/usr/local/etc/squid/nobumpsites.acl"
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:2121
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:2121 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:2121
2024/12/10 13:27:02| Disabling Authentication on port [::1]:2121 (interception enabled)
2024/12/10 13:27:07| ERROR: '.ai-nude.adult' is a subdomain of '.adult'
2024/12/10 13:27:07| ERROR: You need to remove '.ai-nude.adult' from the ACL named 'remoteblacklist_ut1'
2024/12/10 13:27:07| Not currently OK to rewrite swap log.
2024/12/10 13:27:07| storeDirWriteCleanLogs: Operation aborted.
2024/12/10 13:27:07| FATAL: Bungled /usr/local/etc/squid/squid.conf line 72: acl remoteblacklist_ut1 dstdomain "/usr/local/etc/squid/acl/ut1"
2024/12/10 13:27:07| Squid Cache (Version 6.10): Terminated abnormally.
/usr/local/etc/rc.d/squid: WARNING: failed to start squid

meyergru · December 10, 2024, 07:55:40 PM

You are correct, that seems like a bug. Obviously, the UI does not correctly extract the categories after download of the ACLs. One can see that they are fetched correctly by looking at more /usr/local/etc/squid/acl/UT1.index.

You should raise an issue here.

The second error is a misconfiguration and the error messages clearly state which.

NetworkIT · December 11, 2024, 05:55:39 AM

@Q3tNHn - I have same error when i upgraded my OPNSense to 24.7.10.
I thought my proxy corrupted and now i can see not only me.
Please OPnsense, help us fix this bug please

meyergru · December 11, 2024, 11:54:01 AM

I can almost guarantee you that there will be no fix unless someone reports a bug on Github. I do not use that feature, so I won't.

droumanet · December 20, 2024, 09:23:20 AM

Issue has been submitted and confirmed: https://github.com/opnsense/plugins/issues/4392

Edit 2024-12-27: By the way, I manage an other OPNSense firewall in 24.1 version and it's able to manage categories, read list and so on... a bug is probably the cause in 24.7 version.

zkduzvzpene · January 09, 2025, 07:21:53 PM

Hello,
I also have the same issue with the 24.7.11_2.
Cross finger that will be fixed soon 🤞

xxup · January 10, 2025, 05:41:50 AM

Me too.

droumanet · April 07, 2025, 11:39:38 PM

Using 25.1.4 version and list UT1: categories are back.
Seems to be ok now.

pakabilond · August 13, 2025, 10:06:50 PM

Hi everyone 👋
I'm running OPNsense version 25.7.1 and noticed that the Blacklist section isn't showing up where I'd expect it—under Services > Web Proxy or in the usual ACL areas. I've double-checked my configuration and packages, but still no luck.
Has anyone else encountered this in 25.7.1?
Is there a known change or workaround to restore blacklist visibility or functionality?
Appreciate any insights or suggestions—thanks in advance!

droumanet · August 27, 2025, 11:59:06 AM

That's right.
I use 25.7.2 and I've (again) this problem!

Tried with
http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz (initial working link)
ftp://ftp.ut-capitole.fr/blacklist/blacklists_for_pfsense_reducted.tar.gz
ftp://ftp.ut-capitole.fr/blacklist/blacklists.tar.gz

ludarkstar99 · Reply #11 - Re: UT1 blacklist not showing category.

Hi,

This issue is due to code incompatibility, as the core has undergone changes in how it handles runtime model fields.

For now, instead of using the Capitole URL that provides the full set of categories, we must insert them one by one using the links available at:
https://dsi.ut-capitole.fr/blacklists/download/

just register the ones you want to block.

UT1 blacklist not showing category.

Q3tNHn

December 10, 2024, 07:22:05 PM

Q3tNHn

December 10, 2024, 07:32:07 PM #1

meyergru

December 10, 2024, 07:55:40 PM #2 Last Edit: December 20, 2024, 10:29:17 AM by meyergru

NetworkIT

December 11, 2024, 05:55:39 AM #3

meyergru

December 11, 2024, 11:54:01 AM #4

droumanet

December 20, 2024, 09:23:20 AM #5 Last Edit: December 27, 2024, 11:21:35 PM by droumanet

zkduzvzpene

January 09, 2025, 07:21:53 PM #6

xxup

January 10, 2025, 05:41:50 AM #7

droumanet

April 07, 2025, 11:39:38 PM #8

pakabilond

August 13, 2025, 10:06:50 PM #9

droumanet

August 27, 2025, 11:59:06 AM #10

ludarkstar99

Today at 03:31:24 PM #11