"Fenris" <b...@fenrir.org.uk> wrote >> Recently (for a few weeks I think) I've been seeing errors from my >> sa-update script, like this: >> >> /etc/cron.daily/sa-update: >> >> http: GET >> http://khopesh.com/sa/khop-sc-neighbors/2011062101.tar.gz request >> failed: 404 Not Found: ... >> channel: could not find working mirror, channel failed >> >> Is anyone else using Adam's rules seeing this problem? It looks >> like either something has moved or his rules are not being updated >> at present.
2011062101 maps to June 21, which is quite old. Those rules should be auto-generated every few hours, with a sufficient cache of older entries to deal with the time required to expire old DNS records. That one is so old that it left the cache. The problem was an error in one of my experimental DNSBLs, which inexplicably decided one entry should point to 127.0.0. and leave off the trailing digit. My vetting script failed and I've been over a month un-noticed in not serving DNS from my private root (khopesh.com's NS records are slaves, they've been working fine since getting cut off). Fixed. Feel free to yell at me directly and earlier next time :-) ... Cc the list so others don't independently do the same. On 07/19/2011 09:02 AM, Jezz wrote: > I'm getting the same thing with khop-sc-neighbors, but not with the > other two that I use (khop-general and khop-dynamic). However I > haven't had any update from those latter two since 24 June, which is > also a little unusual. That's because I haven't updated any of the manual channels since February. I'll get around to that at some point, but it won't become high priority until 3.4.0 comes out, as the main benefit of those channels is that they newer rules before they get published themselves (e.g. khop-bl is good at bringing sa3.2.5 a little more up to date, though it also adds other DNSBLs and then compensates for the extra overlap, which is probably the only safe way to use some of them, like SEM). Also, I've been pushing things to the trunk more than my channels, though khop-dynamic is pretty much read for upstream publishing. Again, this is a limited time thing (I get burned out from all the SA rule writing I'm doing professionally!). Another hurdle is the conflict-of-interest bit; I got access to some nice data streams right before taking on my current job but need to ping those suppliers before actually using the data due to these changes. Otherwise, sc-neighbors would be significantly improved...
signature.asc
Description: OpenPGP digital signature
