Defender app update (harbour-defender) - my very own ‘Sailfish Devember’

And replied on openrepos :slight_smile:

As building all on device some BuildRequires made some problem (trying to break my system with all those mesa and Gles dependencies :frowning: )
But now I have a RPM for aarch64 and need someone to test it on 10 II.

Brave 10 II people PM me with their e-mail…
(as I have no 10 II I need someone to test it, please)

1 Like

Thanks @peterleinchen :smiley:

Is there a reason why the default .conf isn’t available on github? The original author didn’t put it either in defender v1, but it’s quite easy to extract it from the rpm (so not really a security feature if any).

TBH no idea.
I have this file already in my local repo but did not push it yet. Will do so in next update (v0.5.6) with some fix regarding this sporadically emptying (refresh to default) of /etc/hosts.

1 Like

By courtesy of @orangecat we now already have also an aarch64 package on openrepos.

@peterleinchen Could you add GoodbyeAds to the app ?

For some weird reason, I never managed to get any of “Unified hosts” working (stuck in update loop). So GoodbyeAds might be a nice addition.


‘~’ is just a shorthand for the current user’s home directory.

$ python
Python 2.7.17 (default, May 09 2013, 12:34:56) 
[GCC 8.3.0 20190222 (Sailfish OS gcc 8.3.0-3)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.path.expanduser("~/.config")

Well, it works. I just had to let it update for some time (long long minutes, but eventually it’ll update).

I’ve added them to the defender.conf file, and they work fine. I’ve send the file for @peterleinchen to test it and hopefully add them to the next defender update.

As I have written ‘some’ posts earlier, it may take lots of time when mixin/enabling more sources. I had seen times of more than 15 minutes…

@orangecat Thanks, I had it half prepared only and did not yet get to it…

I tested already and either found another long run bug (iw dev wlan0 link) testing internet connectivity. Or it is just that mixing sources of GoodbyeAds may just run veeeeeeeeeeeery looooooooooooooong.
Needs more testing. @orangecat could you also just try to mix different sources and let it run (for hours?), I enabled main source and youtube source and went to bed, this morning it was okay (but log rotated, so I am not sure: systemctl status -l harbour-defender).

I initially tried the youtube source alone and it updated fairly quicly, in a few minutes.

Then, I enabled and updated 10 sources:

  • Unified hosts (adware + malware)
  • Adaway, yoyos, sysctl, the 2 of disconnect, MVPS, and the 3 of goodbye ads

That took a long time. I check every few minutes, but after around 15-20min still updating, I decided to forget about it.
A couple of hours later, I opened the app and it was done :+1:

The main goodbyeads source is much much bigger than all of Unified hosts: 242872+ entries compared to just 82,949 for the first unified one.

1 Like

Yes, reading docu of GoodbyeAds it is more like that they join all known (other) sources and make one big file, so most probaly we only need GoodbyeAds at all?

And as python is not so good in loops / nested commands it may really be that it needs hours combining (sorting out doublettes) sources.

Yes probably. But it’s good idea to keep all sources and let user decide.

With my 10 sources, I get 380000 blocked entries, so not a lot of redundancies.

1 Like

Oops, I did forget to announce that v0.5.6 is out! :wink:


@peterleinchen I hope you still maintain Defender because I have an important suggestion. Updating the sources can take an extremely long time, I’ve now been trying for a 4th day in a row. I was forced to interrupt it and start again several times to no avail. It keeps showing the same progress even when I’ve deliberately turned my VPN off. Could you please indicate the actual progress in the GUI so that we know something’s actually happening?

I have the same issue. After 12 hours it was still updating

Works for me: 3.4 and 4.2. I only get the first list though, which covers a lot of ground.

Oh d*#n, it looks like MVPS is the culprit.
When running the one sees that there is a certificate error connecting to

But connecting via browser or openssl works flawlessly.

Does python use another certificate store? (tested with SFOS 3.2 only now) uses LetsEncrypt whose root cert might have been run out…

But in general:
as said some :wink: posts earlier there might be problems with some “hosts providers”.
And if so the updater silently dies and leave the notification up.
There is a new func (In pulley menu) to get rid of it.
Then you need to try with a single source only and find the bad one. To be noted in some wiki post right early in this topic…

I might catch this but then it would look like the update process worked. But it left the hosts file untouched! So I may think I leave it as is?

Yes, DST Root CA X3 Expiration (September 2021)

1 Like