Autocomplete form problem / log files view problem
-
Hi - first post, new to pfsense and pfBlockerNG,
So I have few issues and I'll start with the first few, I am running pfsense+ (21.05.02) on 6100 and pfBlockerNG-devel 3.1.0_1.-
Firewall --> pfBlockerNG --> IP --> IPv4, when adding a new, the autocomplete form in 'source' fiels under IPv4 Source Definitions (regardless which format I select e.g. ASN, GeoIP, etc...) doesn't work - it acts as plain text field.
-
Firewall --> pfBlockerNG --> Log Browser, log window always remain blank/empty - doesn't matter which Log/File type / Log/File combination I choose.
-
Can I create an Alias of a single country from GeoIP? I have tried to select the country and set action to 'Alias' but I don't see the alias created anywhere (also I do not have in the GeoIP page a category 'world' with all countries - only continents)
-
Few times I have had page freezes, especially when going to unified report but sometimes in other pages
Thank you!
-
-
@chameleon Welcome to the forums!
Firewall --> pfBlockerNG --> IP --> IPv4, when adding a new, the autocomplete form in 'source' fiels under IPv4 Source Definitions (regardless which format I select e.g. ASN, GeoIP, etc...) doesn't work - it acts as plain text field.
The Source field has nothing to do with how the list is displayed. It is used to select what method pfsense will use to parse the list correctly into a format that pfblocker can use it. If you are adding lists from the "Feeds" tab leave the Source alone as it is already preconfigured correctly for the feed.
Firewall --> pfBlockerNG --> Log Browser, log window always remain blank/empty - doesn't matter which Log/File type / Log/File combination I choose.
Lists dont load automatically when you configure them. You have to run Firewall/pfBlockerNG/Update with "Force" Option set to Reload, or you can wait for the next scheduled update as per the settings in Firewall/pfBlockerNG/IPv4 setup. Also make sure that you have pfblocker enabled at Firewall/pfBlockerNG/Settings.
Can I create an Alias of a single country from GeoIP? I have tried to select the country and set action to 'Alias' but I don't see the alias created anywhere (also I do not have in the GeoIP page a category 'world' with all countries - only continents)
All aliases created by pfblocker are found in Firewall/URLs. You can drill down to specific countries by clicking the green pencil on the right of each of the continents. There is no "world" group, there would never be a need for that.
As your new to pfblocker this might be a good resource: https://nguvu.org/pfsense/pfSense-pfblockerng-configuration-guide/
-
@dma_pf Thank you very much for your answers, I have went through the configuration guide and my issues still remains, I'll provide more information:
-
Of course my pfBlockerNG enable and working, it is filtering at the moment few lists from the "feeds", what I am trying to create described in the configuration file - in red is what's not working for me - for me this field is just clear text, no data is parsed.
-
Below - no matter what I select - log box remains always empty:
-
How I can create a pfblocker alias for a single country? I understand I can select the country with the green pencil but when I choose 'alias' as an action, no alias is created.
Thanks you!
-
-
Of course my pfBlockerNG enable and working, it is filtering at the moment few lists from the "feeds", what I am trying to create described in the configuration file - in red is what's not working for me - for me this field is just clear text, no data is parsed.
I think you've found a bug. I tried to recreate what you are were trying to do by these steps.
- Go to Firewall/pfBlockerNG/IPI/Pv4.
- Select Add to create a new alias.
- Followed these instructions:
- When entering the value for the Source field. I was only able to type "AS3" then the page completely froze up. After about 2 minutes a drop down list of ASN popped up but I could still not type another number into the files. Firefox displayed an error message that stated, "This page is slowing down Firefox. To speed up the browser stop this page." Even with the drop down list popped up the screen was unresponsive. I could not select any values in the drop down or continue typing into the Source field. Eventually the drop down disappeared and the Source field was blank. I tried it as well on Edge and got the very similar results.
I'm on pfsense CE 2.52 with pfblocker 3.1.0_1.
-
@chameleon said in Autocomplete form problem / log files view problem:
when adding a new, the autocomplete form in 'source' fiels under IPv4 Source Definitions (regardless which format I select e.g. ASN, GeoIP, etc...) doesn't work - it acts as plain text field.
Have you already run an update to download the GeoIP data? (and set up Maxmind etc.) Autocomplete works fine for me for Geo, but with the ASN list I see what you mean it's super slow on a new PC. I assume it's waiting for the filtering of the list since it does catch up. For our clients we have only used Geo so I never noticed. This particular router has v3.0.0_16.
@chameleon said in Autocomplete form problem / log files view problem:
Can I create an Alias of a single country from GeoIP? I have tried to select the country and set action to 'Alias' but I don't see the alias created anywhere
Select Action:Alias Native, then you have to run an update in pfBlocker to create it. Then you can use it in any rule. The IPv4 (6) list can contain one or more countries. Most have a _rep (reputation?) list as well.
-
@steveits said in Autocomplete form problem / log files view problem:
@chameleon said in Autocomplete form problem / log files view problem:
when adding a new, the autocomplete form in 'source' fiels under IPv4 Source Definitions (regardless which format I select e.g. ASN, GeoIP, etc...) doesn't work - it acts as plain text field.
Have you already run an update to download the GeoIP data? (and set up Maxmind etc.) Autocomplete works fine for me for Geo, but with the ASN list I see what you mean it's super slow on a new PC. I assume it's waiting for the filtering of the list since it does catch up. For our clients we have only used Geo so I never noticed. This particular router has v3.0.0_16.
Yes - GeoIP data and Maxmind all updated, for me Autocomplete simply doesn't work, not for GeoIP and not for ASN (or anything else), the behaviour you and @dma_pf experience is known and usual workaround would be to copy/paste the full ASN number into the source field so fetching the data is quicker, but for me - nothing happens when I type - simply clear text and it won't try to autocomplete / retrieve data.
@chameleon said in Autocomplete form problem / log files view problem:
Can I create an Alias of a single country from GeoIP? I have tried to select the country and set action to 'Alias' but I don't see the alias created anywhere
Select Action:Alias Native, then you have to run an update in pfBlocker to create it. Then you can use it in any rule. The IPv4 (6) list can contain one or more countries. Most have a _rep (reputation?) list as well.
Thanks you for this - I forgot to reload...so after playing with it for a while, I see that any change I make to GeoIP (changing country for example) will create a new alias but will also delete the previous one, is there any way to keep the old alias and not to automatically delete?
-
@chameleon I haven’t looked at the code or anything but do you have JavaScript disabled?
Re aliases, you can create an alias with multiple countries or one per country it’s up to you. Each entry on the ipv4 tab can contain multiple lines.
-
@steveits said in Autocomplete form problem / log files view problem:
@chameleon I haven’t looked at the code or anything but do you have JavaScript disabled?
No idea, where to check this?Re aliases, you can create an alias with multiple countries or one per country it’s up to you. Each entry on the ipv4 tab can contain multiple lines.
Yes that I know, but what do I do if I want to have few different rules, each for a different European country?
-
@chameleon said in Autocomplete form problem / log files view problem:
Yes that I know, but what do I do if I want to have few different rules, each for a different European country?
Have you tried creating the alias by using a url like this?
It worked for me:
You can find the complete url for the countries here:
-
@chameleon said in Autocomplete form problem / log files view problem:
what do I do if I want to have few different rules, each for a different European country
I may not be understanding correctly, but if I wanted rules by country I would create an alias for each country, and then create a rule for each alias. screen cap:
-
@dma_pf @SteveITS @BBcan177 Thank you guys, so it all starts with the problem I have where the 'source' field doesn't behave as expected and is not linked to any list - I think in that respect I finally found the bug (and a workaround) - for me this applies to all formats (so far I tested 'Auto', GeoIP and ASN). So as described before, whenever I try to add a new custom list (Firewall-->pfBlockerNG-->IP-->IPv4), the 'source' field is broken and only act as plain text
So I discovered that if I try and save it at this state before completing it (so in this example I left Name / Description / header empty), I will get the same page but with an error - in this new page the 'Source' field works just fine
So I can now create my aliases in this way.
As for the second problem (Logs - logs file box always remains empty regardless file type / file selection), So far I can say this is browser related - I work on a Mac, using Safari, in Chrome this works fine (although from some reason it worked once today for me in Safari but I so far did not figured out why it is inconsistent and if it is because of some settings or the browser itself).
Thank you guys for all your help and support!
