Bug 13072 - Blocklist updated but old (not listed) IP address still blocked
Summary: Blocklist updated but old (not listed) IP address still blocked
Alias: None
Product: IPFire
Classification: Unclassified
Component: --- (show other bugs)
Version: 2
Hardware: unspecified Unspecified
: - Unknown - Minor Usability
Assignee: Stefan Schantl
QA Contact:
Depends on:
Reported: 2023-03-27 08:43 UTC by Larsen
Modified: 2023-04-18 16:37 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Larsen 2023-03-27 08:43:46 UTC
I just noticed that an IP address was still being blocked by the firewall although it wasn't contained in the blocklist anymore.

# date
Mon Mar 27 10:19:05 AM CEST 2023

# grep "Successfully updated BLOCKLIST_DE" /var/log/messages | tail -n1
Mar 27 10:15:18 atl-ipfire ipblocklist: <INFO> Successfully updated BLOCKLIST_DE blocklist.

# ll /var/lib/ipblocklist/BLOCKLIST_DE.conf
-rw-r--r-- 1 nobody nobody 663K Mar 27 10:15 /var/lib/ipblocklist/BLOCKLIST_DE.conf

# grep BLOCKLIST_DE.conf
-> empty

# ipset list BLOCKLIST_DE | grep

As a workaround, I disabled the blocklist use in the GUI and reloaded the firewall rules:

# ipset list BLOCKLIST_DE | grep
ipset v7.15: The set with the given name does not exist

Re-enabled blocklist:

# ipset list BLOCKLIST_DE | grep
-> empty
Comment 1 Michael Tremer 2023-03-28 13:43:39 UTC
@Stefan: Could you please have a look at this?
Comment 2 Stefan Schantl 2023-03-28 16:07:46 UTC
Hello Larsen,

thanks for reporting this issue.

I've sent a fix to the development mailing list which should be part of the next core update:


Please test and report back any remain issues.

Thanks in advance,

Comment 3 Larsen 2023-03-29 10:24:19 UTC
Thanks, will wait for the next core update and then test.