Hi togehther,
since 03/01/2026 my IPS is displayed as stoped in the webgui.
I deleted all installed rule sets, but the rule sets can not be installed after them over the webgui again.
The error message is: Can’t connect to rules.emergingthreats.net:443 (Name or service not known).
Did anybody knows, what I do for the re-installation of the rule sets?
Many thanks.
Matthias
Hallo @matze1402
Welcome to the IPFire community.
This message suggests that you have some problem with your DNS so I would look at the overall status on your DNS WUI page and also the status of the individual DNS servers that you have enabled.
Hello Adolf, many thanks for your quick response…
I use vodafone as internet provider an DHCP is configured on the red interface.
I have add the google DNS server, but the result is the same.
Any idea what other checks I can do?
That is the wrong entry. That is for DNS Forwarding.
Look in the same Networking menu column but the second entry named Domain Name System.
This is what mine looks like as an example.
Okay, I have deleted this entry. Under DNS I see the problem: reverse lookup has a problem. I will restart the provider hardware…
Hi Adolf,
I have restarted the providers Hardware and the IPFire, but the result is the same. During Shutdown I saw the following messages from the system:
During restart IPFire the following message were displayed:
The DNS Status is “defect” again… 
Okay, then go to Logs - System Logs and in the drop down box labelled Section: select RED and then press the update button. This will then show the messages from the dhcp communication between IPFire and your ISP so we can see if that is completing correctly or not.
Okay, that shows that the connection to your ISP has been successfully made so the problem is not from there.
I have tested adding 8.8.8.8 and 8.8.4.4 and they worked fine with me so no problem with the servers.
Those DNS errors in your log don’t look good.
Can you show the result of ls -hal /var/lib/unbound on your IPFire systems command line?
The ownership and permissions are correct, which is what I thought might have got corrupted, but somehow the file is now empty. It should be around 1.8K.
It should also have a file date of at least 4th Jan if not 5th of Jan 2026 as the fcron crontab does an update of the DNS Trust Anchor every day but the file in your system has a date of 2nd Jan.
Just for Information: After came back from the year end hilday on 3th of January this year, the WebGui shows an mesage, that /dev/sda4 is 100% full. After deleting of some backups the device have 84% free space, now 79%…
Ah, if the root partition was full then when the update for the root.key was done there would not have been enough room and the update would have failed leaving an empty file there.
If you have now made space then the root.key file should get updated sometime in the next day.
If you need it quicker then I am looking at the command required and testing things out on a vm test bed system.
Can I initiate something for recovering the file? The last backup was made on 02/11/2025 with ipfire-2.29-core198.
That won’t help you as the root.key is not backed up as it is updated every day.
Will come back with the command to test when I have evaluated it, as I want to be certain it is a correct command.
Is this the root cause for the problem with DNS and IPS? The backups were deleted on the same day (03/01/2026) .from the device. Can the root.key file automaticly updated with this problem?
Thank you very much… 
I believe so because the unbound DNS system cannot start without a valid root.key.
That is a good question. I suspect not, because it needs unbound to be running to update the root.key because normally. there would be an existing working key and a new one would be written and then unbound would be reloaded to use it and if it was empty then unload would then fail to run.
I just tried copying a root.key file from one system to my vm system but that does not work as the key is now marked as invalid due to errors while building the chain of trust.
So with this sort of result from my evaluations, I would suggest that your best bet is to do a fresh install and then do a restore from your backup.
Make sure to download a copy of the backup before doing the install and also not the required information such as mac addresses for each of the nics and the IP address for each of the nics so you have that available for the fresh install.
Try the command
