unblock_bfm_ips error: A valid IP was not provided

[CAISC]

I see multiple lines in file - var/log/directadmin/errortaskq.log


2022:01:08-18:10:19: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-18:22:08: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-18:35:27: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-18:47:35: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-18:59:44: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-19:11:26: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-19:23:29: Tally::unblock_bfm_ips error: A valid IP was not provided<br>
2022:01:08-19:35:18: Tally::unblock_bfm_ips error: A valid IP was not provided<br>


These are getting logged in after every few seconds.
Looks like BFM in directadmin is not able to parse IPv6 correctly while unblocking after certain time interval.

How to fix this.

Thanks

 

[factor]

Do you have IPV6 actualy all setup? DA doesnt turn on IPV6 features automatically by default.

 

[CAISC]

Yes its All setup properly and running fine.
Specially cross checked direct admin conf, exim and other services all configured to work with IPv4 + IPv6.

In-fact we have several sites running over dedicated IPv6.

Thanks

 

[DirectAdmin Support]

Thanks for the report.
I've just added a change to reword:

A valid IP was not provided

To now be:

A valid IP was not provided (%s) Info: '%s'

where () will contain the IP address.
This will be in the Alpha binaries in about ~12+ hours.
After updating, let me know what the value of the (IP) is and we'll be able to narrow down what's going on.

Compare with:
/usr/local/directadmin/data/admin/ip_blacklist

which I believe is where it's getting it from..
Let me know if you find anything obviously off in the ip_blacklist file.
It should be "1.2.3.4=timestamp".
If it's IPv6, let met know the value (feel free to change digits for privacy, but keep them in the same range, so I should get the same error with the changed value)

 

[CAISC]

Thanks for the update,

I am waiting for several other changes/updates along with this one, done in Alpha channel to be passed on to Current channel so I can check them out. When can we expect current channel with all the Alpha changes released?

Will keep you updated.

 

[CAISC]

where () will contain the IP address.
This will be in the Alpha binaries in about ~12+ hours.
After updating, let me know what the value of the (IP) is and we'll be able to narrow down what's going on.

So now post update, I see error with more details -

A valid IP was not provided (185.X.10.0/24) Info: 'when=1642673162 + (60 * unblock_brute_ip_time=1440) <= now=1643375644'<br>
A valid IP was not provided (207.X.X.0/24) Info: 'when=1641998635 + (60 * unblock_brute_ip_time=1440) <= now=1643375644'<br>
A valid IP was not provided (216.X.X.0/24) Info: 'when=1643112924 + (60 * unblock_brute_ip_time=1440) <= now=1643375644'<br>

 

[Remco00]

These error messages still occur every minute in errortaskq.log:

2022:05:30-17:32:26: Tally::unblock_bfm_ips error: A valid IP was not provided (141.98.10.0/24) Info: 'when=1647534092 + (60 * unblock_brute_ip_time=86400) <= now=1653924746'
A valid IP was not provided (191.240.116.0/24) Info: 'when=1642772300 + (60 * unblock_brute_ip_time=86400) <= now=1653924746'
A valid IP was not provided (5.34.206.0/24) Info: 'when=1641939862 + (60 * unblock_brute_ip_time=86400) <= now=1653924746'
A valid IP was not provided (5.34.207.0/24) Info: 'when=1645403330 + (60 * unblock_brute_ip_time=86400) <= now=1653924746'

The ip-addresses are vissible in BFM Block List:

lfd: (NETBLOCK) 141.98.10.0/24 (LT/Lithuania/-) has had more than 4 blocks in the last 86400 secs
lfd: (NETBLOCK) 191.240.116.0/24 (BR/Brazil/-) has had more than 4 blocks in the last 86400 secs
lfd: (NETBLOCK) 5.34.206.0/24 (US/United States/-) has had more than 4 blocks in the last 86400 secs
lfd: (NETBLOCK) 5.34.207.0/24 (UA/Ukraine/-) has had more than 4 blocks in the last 86400 secs

It looks like BFM/CSF is nog handling netblocks correctly.