pfBlockerNG web page on 10.10.10.1
-
System:
PC Engines APU2
Vendor: coreboot
BIOS: v4.16.0.3
2.6.0-RELEASE (amd64)
pfBlockerNG-devel 3.1.0_4Vlan 10 => 192.168.10.0/24
Vlan 20 => 192.168.20.0/24
Vlan 30 => 192.168.30.0/24
Vlan 40 => 192.168.40.0/24
Openvpn => 192.168.50.0/24Just started with pfBlockerNG and I am a bit confused. Looked to some vids and intro pages but can't find an answer to my question.
I did a default install. Just changed the SSL Port to 9443 because 8443 is already used.
Now, I thought that 10.10.10.1:9443 or 10.10.10.1 would give me a webpage of any kind concerning pfBlockerNG. But that's not the case. 10.10.10.1:9443 does not exists and 10.10.10.1 is blocked by pfBlockerNG itself. So I probably did something wrong here or I just misunderstood the concept of that vip address.
My pfBlockerNG firewall rules are limited to this:
The host from where I try to open the webpage is in the LAN segment.
-
@czar666 The VIP is supposed to be an unused address used internally by pfBlocker ("This address should be in an Isolated Range that is not already used in the Network"). Is 10.10.10.1 your router? Confused how port 8443 could be "in use"... Pages blocked by DNSBL are resolved to an IP showing a web page indicating it's blocked (or a cert error for HTTPS pages).
-
@steveits you are right, port 8443 is not used at all on 10.10.10.1. That was a mistake of me. And thanks for you clear answer. The page I see is the correct one. I just got confused because it says that 10.10.10.1 is blocked by pfBlockerNG.
-
@czar666 said in pfBlockerNG web page on 10.10.10.1:
because it says that 10.0.0.1 is blocked by pfBlockerNG
Actually it says "10.10.10.1"...you're connecting directly to the block page. :)
-
@steveits I changed it. That's what I get when I don't read my text before clicking on submit :-)
But I still don't get it. Why is the block page... blocked? -
@czar666 10.10.10.1 is used because pfBlocker wants to send the browser somewhere...so the person sees a message that it's blocked and not a browser "can't connect to server" error. It's an IP not used on any interface, but because pfSense knows about it, it can route packets to it. So when browsing directly to http://10.10.10.1 pfSense does what's it's supposed to and shows the block page (the page you'd see if you browsed to http://badsite.example.com).
-
@steveits Ok I finally get it. Thanks for your patience. +1 for this :-).
-
pfBlockerNG is ancient.
pfBlockerng-devel 3.1.0_4 is way better.edit : ooops ....
@czar666 said in pfBlockerNG web page on 10.10.10.1:
2.4.5-RELEASE-p1 (amd64)
with 2.4.5 - also ancient - you actually don't have a choice.
-
@gertjan Check my first post system settings. My signature is very old :-). I am not allowed to change it. If someone can => please delete my signature.
-
Maybe @johnpoz can help you with your signature.
Use pfBlockerng-devel 3.1.0_4, it's way better.
-
@gertjan
But thanks anyway, I am sure now it's much better ;-) -
@czar666 I have deleted your sig per your request, given you a couple of thumbs ups - if you get 5 you can then edit your own signature again.
edit: there you go, now your at 5 rep points, you should be able to no put in what you want for your signature.
