Hello Andrew,
RipGrep caused my issue. When I replaced ripgrep with ggrep the script started to work fine.
From installation giude:
> 5) OPTIONAL: Install RipGrep and mawk for greatly improved performance:
> Note: RipGrep is not available on all CPU architectures, use 'ggrep' if affected.
> # pkg_add ripgrep mawk
Actually, RipGrep IS available for i386, but in this case it doesn't work as expected.
Thank you!
test73# doas -u _pfbadhost bash -x pf-badhost.sh -O openbsd
doas (root@test73.my.domain) password:
+ version=0.5p0
+ release_date=2021-01-10
+ release_name='Psychological Operations'
+ set -ef
+ _AGENT='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0'
+ _LOG=1
+ _STRICT=1
+ _RETRY=3
+ _IPV4=1
+ _IPV6=0
+ _AGGREGATE=0
+ _GEOBLOCK=0
+ _BOGON_4=0
+ _BOGON_6=0
+ _HAIL_MARY=0
+ _LOGIN_LIMIT=25
++ cat
+ _COUNTRY_CODES='# CN
# IR
# KP'
++ cat
+ _ASN_LIST='# AS64496'
++ cat
+ _BLOCKLISTS='### Local File Example
# file:/path/to/local/file
### Download popular IPv4 blocklists
https://www.binarydefense.com/banlist.txt
https://rules.emergingthreats.net/blockrules/compromised-ips.txt
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset
### Firehol level 3 can be a little aggressive.
### Ill leave it up to users to choose to enable.
# https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset
### Spamhause DROP lists (Dont Route Or Peer)
https://www.spamhaus.org/drop/drop.txt
https://www.spamhaus.org/drop/edrop.txt
https://www.spamhaus.org/drop/dropv6.txt
### Block Shodan
https://isc.sans.edu/api/threatlist/shodan/?text
### Block botnets + command and control servers
https://feodotracker.abuse.ch/downloads/ipblocklist.txt
https://sslbl.abuse.ch/blacklist/sslipblacklist.txt
### Optional lists -- uncomment to enable
### Block IPv4 Martians
# https://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
### Ozgur Kazancci Community Block List
### This is a list of IPs that Ozgur has found
### to have been missed by the pf-badhost default lists
# https://ozgur.kazancci.com/ban-me.txt
### StopForumSpam.com Toxic IP Ranges
### Download Rate limited to 24/day, so disabled by default
# https://www.stopforumspam.com/downloads/toxic_ip_cidr.txt
# https://www.stopforumspam.com/downloads/listed_ip_1_ipv46.gz
### Blocklist.de - uncomment to enable
### Combined list of all blocklist.de lists
# https://lists.blocklist.de/lists/all.txt
### SSH attackers
# https://lists.blocklist.de/lists/22.txt
# https://lists.blocklist.de/lists/ssh.txt
# https://lists.blocklist.de/lists/bruteforcelogin.txt
### FTP attackers
# https://lists.blocklist.de/lists/21.txt
# https://lists.blocklist.de/lists/ftp.txt
# https://lists.blocklist.de/lists/proftpd.txt
### HTTP/Apache attackers
# https://lists.blocklist.de/lists/80.txt
# https://lists.blocklist.de/lists/443.txt
# https://lists.blocklist.de/lists/apache.txt
### SMTP/E-Mail Attackers
# https://lists.blocklist.de/lists/25.txt
# https://lists.blocklist.de/lists/110.txt
# https://lists.blocklist.de/lists/143.txt
# https://lists.blocklist.de/lists/993.txt
# https://lists.blocklist.de/lists/email.txt
# https://lists.blocklist.de/lists/mail.txt
# https://lists.blocklist.de/lists/imap.txt
# https://lists.blocklist.de/lists/courierimap.txt
# https://lists.blocklist.de/lists/courierpop3.txt
# https://lists.blocklist.de/lists/pop3.txt
# https://lists.blocklist.de/lists/postfix.txt
### VOIP/SIP Attackers
# https://lists.blocklist.de/lists/asterisk.txt
# https://lists.blocklist.de/lists/sip.txt
### IRC / Bots
# https://lists.blocklist.de/lists/ircbot.txt
# https://lists.blocklist.de/lists/bots.txt'
++ cat
+ _USER_RULES='
### Examples: (uncomment to enable)
# !169.254.169.254
# !2001:19f0:ffff::1
# !255.255.255.255
# Multicast
# 224.0.0.0/3
### NAT64/DNS64 Discovery
# !192.0.0.170
# !192.0.0.171
### Carrier Grade NAT (RFC 6598) Address Space
# !100.64.0.0/10
### Unique Local IPv6
# !fc00::/7'
+ _TOR_WHITELIST=0
+ _TOR_BLOCK_ALL=0
+ _TOR_BLOCK_EXIT=0
+ _RFC3330=1
+ _RFC5156=1
+ _WHITELIST=0
++ cat
+ _SUBNET_MERGE_PERL='#!/usr/bin/perl -lp0a
$_=join$\,sort map{1x(s/\d*./unpack B8,chr$&/ge>4?$&:32)&$_}@F;1while s/^(.*)
\1.*/$1/m||s/^(.*)0
\1.$/$1/m;s!^.*!(join'\''.'\'',map{ord}split'\'''\'',pack B32,$&).'\''/'\''.length$&!gme'
+ command -v emulate
+ command -v typeset
+ main -O openbsd
+ trap TRAP_ABORT ERR INT
+ _registrar_url[0]=https://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest
+ _registrar_url[1]=https://ftp.arin.net/pub/stats/arin/delegated-arin-extended-latest
+ _registrar_url[2]=https://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest
+ _registrar_url[3]=https://ftp.apnic.net/stats/apnic/delegated-apnic-latest
+ _registrar_url[4]=https://ftp.ripe.net/ripe/stats/delegated-ripencc-latest
+ _rfc3330[0]='!0.0.0.0/8'
+ _rfc3330[1]='!10.0.0.0/8'
+ _rfc3330[2]='!14.0.0.0/8'
+ _rfc3330[3]='!24.0.0.0/8'
+ _rfc3330[4]='!39.0.0.0/8'
+ _rfc3330[5]='!127.0.0.0/8'
+ _rfc3330[6]='!128.0.0.0/16'
+ _rfc3330[7]='!169.254.0.0/16'
+ _rfc3330[8]='!172.16.0.0/12'
+ _rfc3330[9]='!191.255.0.0/16'
+ _rfc3330[10]='!192.0.0.0/24'
+ _rfc3330[11]='!192.0.2.0/24'
+ _rfc3330[12]='!192.88.99.0/24'
+ _rfc3330[14]='!192.168.0.0/16'
+ _rfc3330[14]='!198.18.0.0/15'
+ _rfc3330[15]='!223.255.255.0/24'
+ _rfc3330[16]='!224.0.0.0/3'
+ _rfc5156[0]='!2001:10::/28'
+ _rfc5156[1]='!2001::/32'
+ _rfc5156[2]='!2001:db8::/32'
+ _rfc5156[3]='!2002::/16'
+ _rfc5156[4]='!3ffe::/16'
+ _rfc5156[5]='!5f00::/8'
+ _rfc5156[6]='!::FFFF:0:0/96'
+ _rfc5156[7]='!fc00::/7'
+ _rfc5156[8]='!fe80::/10'
+ _rfc5156[9]='!ff00::/8'
+ readonly version release_date release_name
+ readonly _rfc3330 _rfc5156 _registrar_url _SUBNET_MERGE_PERL
+ readonly _COUNTRY_CODES _ASN_LIST _BLOCKLISTS _USER_RULES
+ typeset -i _array_index=0 _a_counter=0 _g_counter=0 _l_counter=0 _r_counter=0
+ typeset -u _asn _cc
+ typeset -l _opt_arg
+ typeset _i
+ _CHECK_ONLY=0
+ _NO_UID_CHECK=0
+ _PRINT_ONLY=0
+ _VERBOSE=1
+ getopts 46ABDE:F:GH:J:K:O:R:T:VZ:a:b:g:hj:l:no:r:u:w:x _opts
+ case "${_opts}" in
+ typeset -l -r _OS_TYPE=openbsd
+ getopts 46ABDE:F:GH:J:K:O:R:T:VZ:a:b:g:hj:l:no:r:u:w:x _opts
+ readonly _CHECK_ONLY _NO_UID_CHECK _PRINT_ONLY _VERBOSE
+ readonly _AGENT _LOG _STRICT _IPV4 _IPV6 _AGGREGATE _GEOBLOCK _BOGON_4 _BOGON_6 _HAIL_MARY _TOR_WHITELIST _TOR_BLOCK_ALL _TOR_BLOCK_EXIT _RFC3330 _RFC5156 _WHITELIST
+ case "${_OS_TYPE}" in
+ test -n ''
++ CHECK_CMD doas
++ typeset _cmd=doas
++ command -v -- doas
+ getroot=/usr/bin/doas
+ test -n ''
+ netget=ftp
+ test -n ''
+ authlog_path1=/var/log/authlog
+ test -n ''
+ authlog_path2=/var/log/authlog.0.gz
+ test -n ''
++ CHECK_CMD zcat
++ typeset _cmd=zcat
++ command -v -- zcat
+ authlog_unzip=/usr/bin/zcat
+ readonly getroot netget authlog_path1 authlog_path2 authlog_unzip
+ '[' 0 -eq 1 ']'
+ VAR_SANITY_CHECK
+ typeset _cmd
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 1
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 1
+ case "$1" in
+ return 0
+ IS_INT 25
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 3
+ case "$1" in
+ return 0
+ IS_INT 1
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ IS_INT 1
+ case "$1" in
+ return 0
+ IS_INT 0
+ case "$1" in
+ return 0
+ '[' 1 -ne 1 ']'
+ '[' 25 -lt 1 ']'
+ '[' 3 -lt 1 ']'
+ '[' 0 -eq 1 ']'
+ '[' 0 -eq 1 ']'
+ '[' 0 -eq 1 ']'
+ readonly _RETRY _LOGIN_LIMIT
+ PRE_EXEC_TESTS
+ typeset _cmd
++ AWK_TEST
++ echo 5e58386636aa775c2106140445
++ myawk -- 'END {print log(2)}'
++ mygrep -c 'log result out of range'
++ command -v rg
++ nice rg -c 'log result out of range' -
pf-badhost.sh: line 431: 96159 Illegal instruction nice rg "$@" -
++ true
+ '[' '' -eq 0 ']'
pf-badhost.sh: line 956: [: : integer expression expected
+ awk_patch=0
+ command -v aggregate
+ agg4=0
+ command -v aggregate6
+ agg6=0
+ command -v aggy
+ go_agg=0
+ command -v perl
+ perl_exist=1
+ for _cmd in 'cmp' 'find' 'gunzip' 'nc' "${netget}"
+ CHECK_CMD cmp
+ typeset _cmd=cmp
+ command -v -- cmp
+ for _cmd in 'cmp' 'find' 'gunzip' 'nc' "${netget}"
+ CHECK_CMD find
+ typeset _cmd=find
+ command -v -- find
+ for _cmd in 'cmp' 'find' 'gunzip' 'nc' "${netget}"
+ CHECK_CMD gunzip
+ typeset _cmd=gunzip
+ command -v -- gunzip
+ for _cmd in 'cmp' 'find' 'gunzip' 'nc' "${netget}"
+ CHECK_CMD nc
+ typeset _cmd=nc
+ command -v -- nc
+ for _cmd in 'cmp' 'find' 'gunzip' 'nc' "${netget}"
+ CHECK_CMD ftp
+ typeset _cmd=ftp
+ command -v -- ftp
+ '[' 0 -ne 1 ']'
+ CHECK_PRIVILEGE
++ whoami
+ '[' _pfbadhost '!=' _pfbadhost ']'
+ '[' 0 -eq 1 ']'
+ '[' 0 -ne 1 ']'
++ CHECK_CMD pfctl
++ typeset _cmd=pfctl
++ command -v -- pfctl
+ pfctl=/sbin/pfctl
+ CHECK_DRIVE
+ '[' -f /etc/pf-badhost.txt ']'
+ '[' -w /etc/pf-badhost.txt ']'
+ true
+ '[' 1 -eq 1 ']'
+ '[' -d /var/log/pf-badhost ']'
+ '[' -r /var/log/pf-badhost ']'
+ true
+ '[' -f /var/log/pf-badhost/pf-badhost.log ']'
+ '[' -w /var/log/pf-badhost/pf-badhost.log ']'
+ true
+ '[' -f /var/log/pf-badhost/pf-badhost.log.0.gz ']'
+ '[' -w /var/log/pf-badhost/pf-badhost.log.0.gz ']'
+ true
+ URL_FETCH https://github.com /dev/null
+ typeset _URL _OUTPUT_FILE
+ typeset -i _counter _STDOUT
+ _counter=0
+ test -n 3
+ '[' -z /dev/null ']'
+ '[' -z https://github.com ']'
+ '[' /dev/null = - ']'
+ _STDOUT=0
+ _URL=https://github.com
+ _OUTPUT_FILE=/dev/null
+ true
+ (( _counter++ ))
+ true
+ '[' 1 -le 3 ']'
+ '[' 1 -gt 1 ']'
+ '[' 0 -eq 1 ']'
+ myfetch https://github.com
++ CHECK_CMD ftp
++ typeset _cmd=ftp
++ command -v -- ftp
+ typeset _cmd=/usr/bin/ftp
+ case "${netget}" in
+ nice /usr/bin/ftp -o - -V -U 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0' -w 30 -- https://github.com
+ return
+ readonly awk_patch perl_exist agg4 agg6 go_agg
+ '[' 0 -ge 1 ']'
+ _array_index=0
++ printf '%s\n' '
### Examples: (uncomment to enable)
# !169.254.169.254
# !2001:19f0:ffff::1
# !255.255.255.255
# Multicast
# 224.0.0.0/3
### NAT64/DNS64 Discovery
# !192.0.0.170
# !192.0.0.171
### Carrier Grade NAT (RFC 6598) Address Space
# !100.64.0.0/10
### Unique Local IPv6
# !fc00::/7'
++ SANITIZE_ARRAY
++ mygrep -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$'
++ command -v rg
++ nice rg -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$' -
++ myawk -- '{print $1}'
++ command -v mawk
++ nice mawk -- '{print $1}' -
++ mysort -u
++ command -v gsort
++ nice sort -u -
pf-badhost.sh: line 431: 97881 Illegal instruction nice rg "$@" -
++ true
+ '[' 0 -ge 1 ']'
+ _array_index=0
++ PRINT_URL
++ printf '%s\n' '### Local File Example
# file:/path/to/local/file
### Download popular IPv4 blocklists
https://www.binarydefense.com/banlist.txt
https://rules.emergingthreats.net/blockrules/compromised-ips.txt
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset
### Firehol level 3 can be a little aggressive.
### Ill leave it up to users to choose to enable.
# https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset
### Spamhause DROP lists (Dont Route Or Peer)
https://www.spamhaus.org/drop/drop.txt
https://www.spamhaus.org/drop/edrop.txt
https://www.spamhaus.org/drop/dropv6.txt
### Block Shodan
https://isc.sans.edu/api/threatlist/shodan/?text
### Block botnets + command and control servers
https://feodotracker.abuse.ch/downloads/ipblocklist.txt
https://sslbl.abuse.ch/blacklist/sslipblacklist.txt
### Optional lists -- uncomment to enable
### Block IPv4 Martians
# https://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
### Ozgur Kazancci Community Block List
### This is a list of IPs that Ozgur has found
### to have been missed by the pf-badhost default lists
# https://ozgur.kazancci.com/ban-me.txt
### StopForumSpam.com Toxic IP Ranges
### Download Rate limited to 24/day, so disabled by default
# https://www.stopforumspam.com/downloads/toxic_ip_cidr.txt
# https://www.stopforumspam.com/downloads/listed_ip_1_ipv46.gz
### Blocklist.de - uncomment to enable
### Combined list of all blocklist.de lists
# https://lists.blocklist.de/lists/all.txt
### SSH attackers
# https://lists.blocklist.de/lists/22.txt
# https://lists.blocklist.de/lists/ssh.txt
# https://lists.blocklist.de/lists/bruteforcelogin.txt
### FTP attackers
# https://lists.blocklist.de/lists/21.txt
# https://lists.blocklist.de/lists/ftp.txt
# https://lists.blocklist.de/lists/proftpd.txt
### HTTP/Apache attackers
# https://lists.blocklist.de/lists/80.txt
# https://lists.blocklist.de/lists/443.txt
# https://lists.blocklist.de/lists/apache.txt
### SMTP/E-Mail Attackers
# https://lists.blocklist.de/lists/25.txt
# https://lists.blocklist.de/lists/110.txt
# https://lists.blocklist.de/lists/143.txt
# https://lists.blocklist.de/lists/993.txt
# https://lists.blocklist.de/lists/email.txt
# https://lists.blocklist.de/lists/mail.txt
# https://lists.blocklist.de/lists/imap.txt
# https://lists.blocklist.de/lists/courierimap.txt
# https://lists.blocklist.de/lists/courierpop3.txt
# https://lists.blocklist.de/lists/pop3.txt
# https://lists.blocklist.de/lists/postfix.txt
### VOIP/SIP Attackers
# https://lists.blocklist.de/lists/asterisk.txt
# https://lists.blocklist.de/lists/sip.txt
### IRC / Bots
# https://lists.blocklist.de/lists/ircbot.txt
# https://lists.blocklist.de/lists/bots.txt'
++ SANITIZE_ARRAY
++ mygrep -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$'
++ command -v rg
++ nice rg -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$' -
++ myawk -- '{print $1}'
++ command -v mawk
++ nice mawk -- '{print $1}' -
++ mysort -u
++ command -v gsort
++ nice sort -u -
pf-badhost.sh: line 431: 30211 Illegal instruction nice rg "$@" -
++ true
++ '[' 0 -eq 1 ']'
++ '[' 0 -eq 1 ']'
+ '[' 0 -ge 1 ']'
+ _array_index=0
++ SANITIZE_COUNTRY_CODES
++ printf '%s\n' '# CN
# IR
# KP'
++ tr '[:lower:]' '[:upper:]'
++ SANITIZE_ARRAY_NO_SORT
++ mygrep -- '^[[:upper:]]{2}$'
++ command -v rg
++ nice rg -- '^[[:upper:]]{2}$' -
++ mygrep -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$'
++ myawk -- '{print $1}'
++ command -v mawk
++ nice mawk -- '{print $1}' -
pf-badhost.sh: line 431: 63709 Illegal instruction nice rg "$@" -
++ true
++ mysort -u
++ command -v gsort
++ nice sort -u -
++ command -v rg
++ nice rg -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$' -
pf-badhost.sh: line 431: 42617 Illegal instruction nice rg "$@" -
++ true
+ '[' 0 -ge 1 ']'
+ _array_index=0
++ printf '%s\n' '# AS64496'
++ SANITIZE_ARRAY
++ mygrep -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$'
++ command -v rg
++ nice rg -v -- '^#|^;|^[[:space:]]*#|^[[:space:]]*;|^[[:space:]]*$' -
++ myawk -- '{print $1}'
++ command -v mawk
++ nice mawk -- '{print $1}' -
++ mysort -u
++ command -v gsort
++ nice sort -u -
pf-badhost.sh: line 431: 44278 Illegal instruction nice rg "$@" -
++ true
+ readonly _country_code _user_rule _user_url
++ mktemp -d
+ listdir=/tmp/tmp.U6CyvCAELl
++ mktemp -d
+ geodir=/tmp/tmp.0ipa93JGzP
++ mktemp -d
+ workdir=/tmp/tmp.uBlLvQaVBr
++ mktemp -d
+ scratchdir=/tmp/tmp.vnRWaL7AIf
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ v4list=/tmp/tmp.vnRWaL7AIf/scratch.a9TmUIAb
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ v6list=/tmp/tmp.vnRWaL7AIf/scratch.ZmDiQDGz
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ user_rules=/tmp/tmp.vnRWaL7AIf/scratch.5M1iTs1Y
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ finout=/tmp/tmp.vnRWaL7AIf/scratch.Cyb7HKvr
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ oldconf=/tmp/tmp.vnRWaL7AIf/scratch.MGTjmEO6
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ authlog=/tmp/tmp.vnRWaL7AIf/scratch.ocpaNyWt
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ gztemp=/tmp/tmp.vnRWaL7AIf/scratch.9h3S3Rw1
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ tor_rawlist=/tmp/tmp.vnRWaL7AIf/scratch.mUClVf2T
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ tor_blacklist=/tmp/tmp.vnRWaL7AIf/scratch.ZwBdTCEK
++ TMP_FILE_SCRATCH
++ mktemp -- /tmp/tmp.vnRWaL7AIf/scratch.XXXXXXXX
+ tor_whitelist=/tmp/tmp.vnRWaL7AIf/scratch.jaWmeNnn
+ readonly listdir geodir workdir scratchdir v4list v6list user_rules finout oldconf authlog gztemp tor_rawlist tor_blacklist tor_whitelist
+ cd -- /tmp/tmp.uBlLvQaVBr
+ '[' 0 -eq 1 ']'
+ readonly _asn_array
+ '[' 0 -eq 1 ']'
+ '[' 0 -eq 1 ']'
+ '[' 0 -eq 1 ']'
+ '[' 0 -gt 0 ']'
+ CUSTOM_LISTS
+ true
+ '[' 0 -eq 1 ']'
+ LIST_GEN
+ find /tmp/tmp.U6CyvCAELl -type f -size 0 -delete
+ '[' 0 -eq 1 ']'
+ NO_AGG
+ '[' 1 -eq 1 ']'
+ find /tmp/tmp.U6CyvCAELl -type f -exec gunzip -dcf -- '{}' +
+ PARSE_V4
+ mygrep -o -- '((25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])(/(3[0-2]|[1-2][[:digit:]]|[1-9]))?'
+ command -v rg
+ nice rg -o -- '((25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])(/(3[0-2]|[1-2][[:digit:]]|[1-9]))?' -
+ mysort -uV
+ command -v gsortpf-badhost.sh: line 431: 26999 Illegal instruction (core dumped) nice rg "$@" -
+ nice sort -uV -
+ true
+ '[' 0 -eq 1 ']'
+ PRINT_LIST
+ PRIVATE_ADDRESS_FILTER
+ '[' 1 -ne 1 ']'
+ '[' 1 -eq 1 ']'
+ '[' 1 -ne 1 ']'
+ '[' 1 -ne 1 ']'
+ WHITELIST_FILTER
+ '[' 0 -eq 1 ']'
+ cat
+ RFC3330_FILTER
+ mygrep -v '^0\.0\.0\.0/8|^10\.0\.0\.0/8|^14\.0\.0\.0/8|^24\.0\.0\.0/8|^39\.0\.0\.0/8|^127\.0\.0\.0/8|^128\.0\.0\.0/16|^169\.254\.0\.0/16|^172\.16\.0\.0/12|^191\.255\.0\.0/16|^192\.0\.0\.0/24|^192\.0\.2\.0/24|^192\.88\.99\.0/24|^192\.168\.0\.0/16|^198\.18\.0\.0/15|^223\.255\.255\.0/24|^224\.0\.0\.0/4|^224\.0\.0\.0/3|^240\.0\.0\.0/4'
+ command -v rg
+ nice rg -v '^0\.0\.0\.0/8|^10\.0\.0\.0/8|^14\.0\.0\.0/8|^24\.0\.0\.0/8|^39\.0\.0\.0/8|^127\.0\.0\.0/8|^128\.0\.0\.0/16|^169\.254\.0\.0/16|^172\.16\.0\.0/12|^191\.255\.0\.0/16|^192\.0\.0\.0/24|^192\.0\.2\.0/24|^192\.88\.99\.0/24|^192\.168\.0\.0/16|^198\.18\.0\.0/15|^223\.255\.255\.0/24|^224\.0\.0\.0/4|^224\.0\.0\.0/3|^240\.0\.0\.0/4' -
+ RFC5156_FILTER
+ mygrep -vi '^::FFFF:0:0/96|^fe80::/10|^fc00::/7|^2001:db8::/32|^2002::/16|^2001::/32|^5f00::/8|^3ffe::/16|^2001:10::/28|^ff00::/8'
+ command -v rg++ date
+ printf '# Date Created: %s\n' 'Mon Jun 5 08:15:52 CEST 2023'pf-badhost.sh: line 431: 90512 Illegal instruction (core dumped) nice rg "$@" -
+ true
+ nice rg -vi '^::FFFF:0:0/96|^fe80::/10|^fc00::/7|^2001:db8::/32|^2002::/16|^2001::/32|^5f00::/8|^3ffe::/16|^2001:10::/28|^ff00::/8' -
+ PRINT_STATS
+ typeset authlog_num v4_num v4_total v6_num v6_total
+ sed 's/^/# /g'
++ wc -l --
++ tr -cd '[:digit:]'
+ authlog_num=0
+ '[' 0 -eq 1 ']'
+ printf '\n'
+ '[' 1 -eq 1 ']'
++ mygrep -cv -- '/[[:digit:]]{1,2}$'
++ command -v rg
++ nice rg -cv -- '/[[:digit:]]{1,2}$' -
pf-badhost.sh: line 431: 20508 Illegal instruction (core dumped) nice rg "$@" -
+ true
++ true
+ v4_num=
++ V4_TOTAL
++ '[' 0 -eq 1 ']'
++ mygrep -- '/[[:digit:]]{1,2}$'
++ command -v rg
++ nice rg -- '/[[:digit:]]{1,2}$' -
++ myawk -F / -- '{print 2^(32 - $2)}'
++ command -v mawk
++ nice mawk -F / -- '{print 2^(32 - $2)}' -
++ myawk -v v4num= -- '{sum+=$1} END {printf "%0.0f", sum + v4num}'
++ command -v mawk
++ nice mawk -v v4num= -- '{sum+=$1} END {printf "%0.0f", sum + v4num}' -
pf-badhost.sh: line 431: 45629 Illegal instruction (core dumped) nice rg "$@" -
++ true
+ v4_total=0
+ printf 'IPv4 addresses in table: %s\n' 0
+ '[' 0 -eq 1 ']'
+ printf '\n\n'
+ '[' -s /tmp/tmp.vnRWaL7AIf/scratch.5M1iTs1Y ']'
+ '[' 0 -eq 1 ']'
+ '[' -s /tmp/tmp.vnRWaL7AIf/scratch.jaWmeNnn ']'
+ '[' -s /tmp/tmp.vnRWaL7AIf/scratch.ZwBdTCEK ']'
+ printf '\n# System Rules:\n\n'
+ '[' 0 -eq 1 ']'
+ LIST_INSTALL
++ head -2 -- /etc/pf-badhost.txt
++ wc -c
+ typeset 'old_offset= 0'
++ head -2 -- /tmp/tmp.vnRWaL7AIf/scratch.Cyb7HKvr
++ wc -c
+ typeset 'new_offset= 0'
+ cmp -- /etc/pf-badhost.txt /tmp/tmp.vnRWaL7AIf/scratch.Cyb7HKvr ' 0' ' 0'
+ printf '\nNo blocklist changes...\n'
No blocklist changes...
+ '[' 1 -eq 1 ']'
++ date
+ printf '# Last Run (no changes): %s\n' 'Mon Jun 5 08:15:54 CEST 2023'
+ cat --
+ cp -- /tmp/tmp.vnRWaL7AIf/scratch.MGTjmEO6 /var/log/pf-badhost/pf-badhost.log
+ chmod 640 /var/log/pf-badhost/pf-badhost.log
++ PRINT_STATS
++ typeset authlog_num v4_num v4_total v6_num v6_total
+++ wc -l --
+++ tr -cd '[:digit:]'
++ authlog_num=0
++ '[' 0 -eq 1 ']'
++ printf '\n'
++ '[' 1 -eq 1 ']'
+++ mygrep -cv -- '/[[:digit:]]{1,2}$'
+++ command -v rg
+++ nice rg -cv -- '/[[:digit:]]{1,2}$' -
+++ true
++ v4_num=
+++ V4_TOTAL
+++ '[' 0 -eq 1 ']'
+++ mygrep -- '/[[:digit:]]{1,2}$'
+++ command -v rg
+++ nice rg -- '/[[:digit:]]{1,2}$' -
+++ myawk -F / -- '{print 2^(32 - $2)}'
+++ command -v mawk
+++ nice mawk -F / -- '{print 2^(32 - $2)}' -
+++ myawk -v v4num= -- '{sum+=$1} END {printf "%0.0f", sum + v4num}'
+++ command -v mawk
+++ nice mawk -v v4num= -- '{sum+=$1} END {printf "%0.0f", sum + v4num}' -
pf-badhost.sh: line 431: 54806 Illegal instruction (core dumped) nice rg "$@" -
+++ true
++ v4_total=0
++ printf 'IPv4 addresses in table: %s\n' 0
++ '[' 0 -eq 1 ']'
++ printf '\n\n'
+ WARNING '
IPv4 addresses in table: 0'
+ '[' 1 -eq 0 ']'
+ '[' 1 -eq 1 ']'
+ '[' 1 -eq 0 ']'
+ '[' 1 -eq 0 ']'
+ WARN_ERR '
IPv4 addresses in table: 0'
+ echo ''
+ logger -t pf-badhost -s -- '
IPv4 addresses in table: 0'
pf-badhost:
IPv4 addresses in table: 0
+ echo ''
+ CLEANUP
+ rm -rf -- /tmp/tmp.U6CyvCAELl /tmp/tmp.0ipa93JGzP /tmp/tmp.vnRWaL7AIf /tmp/tmp.uBlLvQaVBr
test73#
On Sat, 3 Jun 2023 17:37:08 -0500
Andrew Daugherity <andrew.daugherity@gmail.com> wrote:
> Unfortunately it looks like sh -x does not trace into functions, and
> it is something inside "main" which is crashing:
>
> > > set -x or something.
> > Sorry, I should have started with that.
> >
> > test73# doas -u _pfbadhost pf-badhost -O openbsd
> > [ ... ]
> > + command -v typeset
> > + > /dev/null
> > + 2>&1
> > + main -O openbsd
> > Illegal instruction
> > [ ... ]
> > Illegal instruction (core dumped)
> >
> > No blocklist changes...
> > Illegal instruction (core dumped)
>
> Both sh and ksh seem to behave that way, but bash will trace inside
> functions. Try calling the script with 'bash -x' and hopefully you
> can pinpoint which binary called by main() is crashing.
>
> -Andrew
>
Radek
No comments:
Post a Comment