Diversion Error when block list updates

[snapieee]

I’m seeing the same problem with big.oisd.nl/dnsmasq2, and it started about three weeks ago.

When I open Diversion, I immediately get an error—even before doing anything:

 Error
 https://big.oisd.nl/dnsmasq2
 appears not to be a valid compatible file format, skipping

I then try updating the blocklist manually, and I hit another error:

 processing file 1 of 4
 https://big.oisd.nl/dnsmasq2
 remote file newer: downloading new file
curl: (28) Failed to connect to big.oisd.nl port 443 after 3121 ms: Couldn'r
Warning: Problem : timeout. Will retry in 1 seconds. 3 retries left.
curl: (28) Failed to connect to big.oisd.nl port 443 after 3094 ms: Couldn'r
Warning: Problem : timeout. Will retry in 2 seconds. 2 retries left.
curl: (28) Failed to connect to big.oisd.nl port 443 after 3117 ms: Couldn'r
Warning: Problem : timeout. Will retry in 4 seconds. 1 retries left.
curl: (28) Failed to connect to big.oisd.nl port 443 after 3100 ms: Couldn'r

 Error: https://big.oisd.nl/dnsmasq2
 appears not to be a valid compatible file format, skipping

Checking the system log shows Skynet blocking an outbound connection from my WAN IP to 146.59.95.220, which I later confirmed belongs to oisd.nl.

nslookup oisd.nl
Server:  GT-AX6000
Address:  192.168.x.x

Non-authoritative answer:
Name:    oisd.nl
Addresses:  2001:41d0:601:1100::4db3
          146.59.95.220

To get around that, I whitelisted the domain in Skynet:

firewall whitelist domain "oisd.nl"

============================================================================

[i] Adding oisd.nl To Whitelist
[i] Whitelisting 146.59.95.220
[i] Saving Changes

============================================================================

After that, I tried updating the blocklist in Diversion again, and it worked without any issues:

 processing file 1 of 4
 https://big.oisd.nl/dnsmasq2
 remote file newer: downloading new file
##################################################################### 100.0%
 --> OK, file is in Dnsmasq local or server format, optimal for Diversion
 processing file 1 done

Fast forward two days—I open Diversion and try a manual update, and the same error is back. I also see the same outbound block in the syslog from Skynet. When I check the Skynet whitelist, oisd.nl is no longer there. I re-whitelist the domain, update the blocklist in Diversion, and everything works again.

At this point, I have no idea why the domain was removed from the skynet whitelist in the first place or why it keeps getting removed.

===================================================

I've seen DNS servers also fail to adequately resolve the IP address of big.oisd.nl before. If I am able to resolve the IP, I usually also try to ping the IP once. I also test using different DNS services to see if they produce a different IP because sometimes the address changes before the cache of the server has had time to catch up. But last time I had this issue, I waited 24 hours like @dave14305 , and the maintainer of the oisd list recommended. Then I was finally able to resolve the list again.

I noticed this dns odd behavior as well. When I whitelist the domain in Skynet under normal conditions, I see the expected output:

[i] Adding oisd.nl To Whitelist
[i] Whitelisting 146.59.95.220
[i] Saving Changes

However, when this DNS issue is happening, I see a different message instead, and the domain never actually gets added to the Skynet whitelist because the IP can’t be resolved:

[i] Adding oisd.nl To Whitelist
[i] Saving Changes

I wait a little bit, about 5 min, then try to whitelist and it works fine this time.

 

[thelonelycoder]

Diversion automatically adds the domain to the shared whitelist which Skynet uses.

 

[snapieee]

Even though I whitelisted the domain in Skynet, I’m seeing the exact same behavior again today.

• I try to update the blocking list manually
• Diversion fails with the same error: “Failed to connect to big.oisd.nl”
• A ping from the router returns “operation not permitted”
• In the syslog, I see an outbound block from my WAN IP to an oisd.nl IP
• I check the Skynet whitelist and oisd.nl is no longer there—it was removed again
• I manually whitelist the domain in Skynet
• I retry the Diversion blocklist update, and it works

This is the same cycle I described earlier. What I’m trying to understand is why the domain or IP keeps getting removed from the Skynet whitelist when Diversion updates its blocking-list.