Core 129 errors

Help on building IPFire & Feature Requests
Post Reply
User avatar
H&M
Posts: 445
Joined: May 29th, 2014, 9:38 pm
Location: Europe

Core 129 errors

Post by H&M » April 13th, 2019, 6:02 pm

Hi,

I have these error messages at boot - just updated to core 129 from 127 (with not a single problem):
PS: I rebooted the machine twice, same messages. Between reboots I manually updated the GeoIP database with xt_geoip_update

Code: Select all

iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'OUTGOINGFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -j REJECT
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A FORWARDFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'FORWARDFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A FORWARDFW -m geoip --dst-cc AP -o ppp0 -j REJECT
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'OUTGOINGFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -j REJECT
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'OUTGOINGFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -j REJECT
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A FORWARDFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'FORWARDFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A FORWARDFW -m geoip --dst-cc AP -o ppp0 -j REJECT
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -m limit --limit 10/min --limit-burst 20 -j LOG --log-prefix 'OUTGOINGFW '
Could not open /usr/share/xt_geoip/AP.iv4: No such file or directory
iptables v1.6.2: Could not read geoip database
ERROR: iptables --wait -A OUTGOINGFW -m geoip --dst-cc AP -o ppp0 -j RE

And this one:

Code: Select all

Starting the D-Bus Messagebus Daemon...
dbus[13058]: Unknown group "netdev" in message bus configuration file  [  OK  ]

As far as I can check, the iptables chain GEOIPBLOCK seems to have some counts for the countries I blocked (CN being on top)... but just wanted to be sure that above messages are not a serious problem causing the GeoIP block malfunctioning...

Any ideas?
Thank you,
H&M

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8235
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: Core 129 errors

Post by Arne.F » April 14th, 2019, 6:11 am

Looks like there was removed selected country code (AP) from the maxmind database or there is an error at converting it.

The DBUS message in not new... the netdev group is not present on IPFire but dbus is installed as needed dependency of some software it connot really used because there is no desktop so it cannot ask the user for informations.

Please create bugs for both issues.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

User avatar
H&M
Posts: 445
Joined: May 29th, 2014, 9:38 pm
Location: Europe

Re: Core 129 errors

Post by H&M » April 15th, 2019, 6:53 pm

Arne.F wrote:
April 14th, 2019, 6:11 am
Looks like there was removed selected country code (AP) from the maxmind database or there is an error at converting it.
Arne,
You are right - the Asia/Pacific region (noted AP) is no longer listed in /usr/share/xt_geoip and also not displayed by /cgi-bin/geoip-block.cgi.
Found the other cause (besides the fact that AP no longer exist): I did used AP in one of the personal GeoIP groups (created with /cgi-bin/fwhosts.cgi).
I erased it from my personal geoIP groups.
IPFire_GeoIP_AsiaPacific_AP.PNG
IPFire_GeoIP_AsiaPacific_AP.PNG (7.61 KiB) Viewed 292 times
Bug https://bugzilla.ipfire.org/show_bug.cgi?id=12054has been successfully created
Arne.F wrote:
April 14th, 2019, 6:11 am
The DBUS message in not new... the netdev group is not present on IPFire but dbus is installed as needed dependency of some software it connot really used because there is no desktop so it cannot ask the user for informations.

Please create bugs for both issues.
Netdev/Dbus: https://bugzilla.ipfire.org/show_bug.cgi?id=12055

Thanks!
H&M

Side note: This GeoIP database is quite ... not ISO based.
I see in the list of countries the XK but this XK is not listed in ISO-316602 / 2013 (latest revision of 2 digit country codes).
Either this, either wikipedia is not up to date with ISO-3166-2...https://en.wikipedia.org/wiki/List_of_I ... ntry_codes

Post Reply