Bug 13820

Summary: URLFilter should delete obsolete blacklists when they are updated
Product: IPFire Reporter: lucatrv <lucatrv>
Component: ---Assignee: Stefan Schantl <stefan.schantl>
Status: CLOSED FIXED QA Contact:
Severity: Major Usability    
Priority: - Unknown - CC: adolf.belka, daniel.weismueller, michael.tremer
Version: 2   
Hardware: all   
OS: All   

Description lucatrv 2025-02-13 22:17:48 UTC 
I installed IPFire 2.29 Core Update 191, and enabled the proxy URL filter. At first the block categories looked more or less like those shown in the URL filter guide (https://www.ipfire.org/docs/configuration/network/proxy/url-filter).

Then I followed the instructions under section "URL filter maintenance" to update them from the official University of Toulouse source, and I ended up with a merged mix of old/obsolete categories which do not exist anymore in the source (in particular: `ads`, `aggressive`, `drugs`, `mail`, `porn`, `proxy`, `violence`) and new categories (see: https://github.com/olbat/ut1-blacklists). This means that now for instance I have both the old out-of-date `mail` and the new `webmail` blacklists mixed up together.

By logging in to the console, I confirmed that under `/var/ipfire/urlfilter/blacklists/` all current blacklist folders are updated, while all obsolete blacklist folders remained at their original state.

To avoid this, upon successful blacklists update, all the blacklists which are not present in the source repository (apart from `custom`) should be deleted. If useful to anyone (although I do not see the reason) a flag `Keep obsolete blacklists` could be added, unset by default.
Comment 1 lucatrv 2025-02-14 18:19:45 UTC 
I would like to add some thoughts to my previous post. Maybe some users would like to keep blacklists from more than one source. To make this possible, URLFilter would need to be updated to support up to X sources (for instance X = 3).

The WebGUI should then have 3 configuration fields available, each one supporting a source URL and an automatic update schedule. Then within `/var/ipfire/urlfilter/blacklists/` the following folders should be created:
custom
source1
source2
source3

Every time a source is updated, the relative folder should be synced with the upstream repository, deleting obsolete blacklists.

This would be the most flexible and practical solution.
Comment 2 Adolf Belka 2025-04-16 13:21:12 UTC 
As this bug is related to IPFire-2.x then the component should always be --- as per the IPFire bug reporting documentation.
Comment 3 Adolf Belka 2026-02-20 13:06:10 UTC 
*** Bug 13944 has been marked as a duplicate of this bug. ***
Comment 4 Michael Tremer 2026-02-20 13:12:12 UTC 
At this point in time, we are not looking to support more than one provider at the same time. This would be a lot of work to implement and have too little benefit.

We just need to cleanup everything in the directory except the custom directory. That can be implemented with a simple find command.
Comment 5 lucatrv 2026-02-20 13:18:06 UTC 
I agree, especially now that DBL is coming. So my second post should be neglected.
Comment 7 Adolf Belka 2026-02-23 14:20:53 UTC 
Has been merged into CU200 Testing