Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    3.1.0_6 UPDATE

    Scheduled Pinned Locked Moved pfBlockerNG
    77 Posts 14 Posters 16.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan @A Former User
      last edited by

      @dobby_ said in 3.1.0_6 UPDATE:

      This are the current numbers after applying the patch!

      When the swap space start to get used, see that as a signal that your device, starting with memory, can't cope any more.
      Two solutions :
      Lower significantly the work load.
      Double your memory and CPU.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      ? 1 Reply Last reply Reply Quote 0
      • ?
        A Former User @Gertjan
        last edited by

        @gertjan

        When the swap space start to get used, see that as a
        signal that your device, starting with memory, can't
        cope any more.

        Ok that is right, but in normal the half of the ram and
        swap is free and this over a long time only if ClamAV,
        snort and pfblocker-ng are updating the lists and rules
        it goes here and there nearly 70 % of both, but after the update it goes back to the above shown levels.

        Two solutions :
        Lower significantly the work load.

        Could be the way for me, I run Snort, Squid & SquidGuard,
        and pfBlocker-NG plus ClamAV on a PC Engines APU4D4.
        In the future it comes on top of all, WiFi with Captive Portal and FreeRadius.

        Double your memory and CPU.

        In the near future this is planed for the whole setup.
        Only some MacBooks, 1 PC and 1 Laptop at home usage.
        So I really don´t know what to take I am between some
        different solutions and not at the moment ready to chose.

        But thanks anyway for the tip, you were right with the ram
        and cpu load. The older APU will then be a GPS based NTP
        and OpenLDAP server with some other services for the LAN.

        GertjanG 1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan @A Former User
          last edited by

          @dobby_ said in 3.1.0_6 UPDATE:

          Snort, Squid & SquidGuard, plus ClamAV

          Just for my own curiosity : knowing that 99,x % of all traffic is TLS these days, so the traffic payload is completely random for pfSense, what should ClamAV do ? Scanning virus in the packet headers ?

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          ? 1 Reply Last reply Reply Quote 0
          • ?
            A Former User @Gertjan
            last edited by

            @gertjan said in 3.1.0_6 UPDATE:

            what should ClamAV do ? Scanning virus in the packet headers ?

            I use Squid as a caching-proxy and let ClamAV do the av scanning on it.

            GertjanG 1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan @A Former User
              last edited by

              @dobby_

              Ok, that's the way to do it ;)

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • keyserK
                keyser Rebel Alliance @mcury
                last edited by keyser

                @mcury said in 3.1.0_6 UPDATE:

                @steveits said in 3.1.0_6 UPDATE:

                came out the other day but only for 2.6 apparently.

                It is also available for plus, updated yesterday.

                I wonder whats going on here… Rumors have it that it is Netgate that maintains this package now and @BBcan177 is no longer on board.

                Regardless if that is true or not, it makes less than NO sense to release not one but two minor fixes of the package where the most glaring obvious bug i still present.
                Has the package been hijacked, and is now delivering malware instead?

                We need some proper information about these release from whoever is responsible for the included changes and who approved it.

                Love the no fuss of using the official appliances :-)

                fireodoF ? S R 4 Replies Last reply Reply Quote 2
                • fireodoF
                  fireodo @keyser
                  last edited by fireodo

                  @keyser

                  Hi,

                  as far as I can see, has the content of pfblockerng.inc between line 4136 and 4142 completely been reworked (that was the part that made the problems
                  https://redmine.pfsense.org/issues/13154 )

                  But I agree - a clarification from Netgate or whoever would be very much appreciated!

                  Regards,
                  fireodo

                  Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
                  SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
                  pfsense 2.7.2 CE
                  Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches.

                  keyserK 1 Reply Last reply Reply Quote 0
                  • ?
                    A Former User @keyser
                    last edited by

                    @keyser

                    Has the package been hijacked, and is now delivering
                    malware instead?

                    Why? Because Netgate is now the maintainer? Then you could not trust the whole system (pfSense) and this makes
                    no sense for me. If I trust someone (Netgate) and use his entire system I will also trust them if they (Netgate) maintain a package!

                    We need some proper information about these release
                    from whoever is responsible for the included changes
                    and who approved it.

                    Thinking one step ahead please, it is better in my eyes getting the hands on a package that is available and present, then one is not maintained any more!

                    I will be more lucky with a patch, given in a short time
                    that is working, I mean it is better then watching out the whole ticket parade and not patch is available.

                    keyserK 1 Reply Last reply Reply Quote 0
                    • keyserK
                      keyser Rebel Alliance @fireodo
                      last edited by

                      @fireodo said in 3.1.0_6 UPDATE:

                      @keyser

                      Hi,

                      as far as I can see, has the content of pfblockerng.inc between line 4136 and 4142 completely been reworked (that was the part that made the problems
                      https://redmine.pfsense.org/issues/13154 )

                      But I agree - a clarification from Netgate or whoever would be very much appreciated!

                      Regards,
                      fireodo

                      If that is completely reworked, why does it still suffer the same issue then? I haven't updated yet because of this, and as far as I can tell people are still applying the same "fix" by removing the ")" in line 4136. So something is still the same in that section.

                      Love the no fuss of using the official appliances :-)

                      1 Reply Last reply Reply Quote 0
                      • keyserK
                        keyser Rebel Alliance @A Former User
                        last edited by

                        @dobby_ said in 3.1.0_6 UPDATE:

                        Why? Because Netgate is now the maintainer? Then you could not trust the whole system (pfSense) and this makes
                        no sense for me. If I trust someone (Netgate) and use his entire system I will also trust them if they (Netgate) maintain a package!

                        Yes, I agree, if Netgate took over I still trust it although this release without release notes and with the bug still present does shake my confidence a bit.
                        But the question is: Is netgate the maintainer now? We have no information, and theoretically this update could come from some other source and was accidentally approved without throrough review (Given the bug is still there, I'm guessing there has been no review.....)

                        We need some proper information about these release
                        from whoever is responsible for the included changes
                        and who approved it.

                        Thinking one step ahead please, it is better in my eyes getting the hands on a package that is available and present, then one is not maintained any more!

                        I will be more lucky with a patch, given in a short time
                        that is working, I mean it is better then watching out the whole ticket parade and not patch is available.

                        Ehh no. The 3.1.0_4 build was supported up until recently by BBCAN, and until pfSense has made a new release (2.7/22.11) another pfBlockerNG-devel release is not needed unless it fixes the problem _4 had.

                        Love the no fuss of using the official appliances :-)

                        J 1 Reply Last reply Reply Quote 0
                        • fireodoF
                          fireodo
                          last edited by fireodo

                          @keyser said in 3.1.0_6 UPDATE:

                          I haven't updated yet because of this, and as far as I can tell people are still applying the same "fix" by removing the ")" in line 4136. So something is still the same in that section.

                          I saw the modifications in 3.1.0_6 FOR pfsense 2.6.0 - I dont know if that is also the case in pfsense+ 22.05!
                          (the previous version 3.1.0_5 for 2.6.0 still had the issue in line 4136)

                          Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
                          SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
                          pfsense 2.7.2 CE
                          Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches.

                          GertjanG 1 Reply Last reply Reply Quote 0
                          • GertjanG
                            Gertjan @fireodo
                            last edited by Gertjan

                            Read How to unblock duckduckgo and find why it's being blocked.

                            BB is still there 😊

                            And @keyser

                            No "help me" PM's please. Use the forum, the community will thank you.
                            Edit : and where are the logs ??

                            fireodoF 1 Reply Last reply Reply Quote 1
                            • fireodoF
                              fireodo @Gertjan
                              last edited by

                              @gertjan said in 3.1.0_6 UPDATE:

                              Read How to unblock duckduckgo and find why it's being blocked.

                              I saw that Thread ☺ and it was nice to see that he is still implicated in pfblockerng ...

                              Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
                              SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
                              pfsense 2.7.2 CE
                              Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches.

                              1 Reply Last reply Reply Quote 0
                              • J
                                jdeloach @keyser
                                last edited by

                                @keyser said in 3.1.0_6 UPDATE:

                                @dobby_ said in 3.1.0_6 UPDATE:

                                But the question is: Is netgate the maintainer now? We have no information, and theoretically this update could come from some other source and was accidentally approved without throrough review (Given the bug is still there, I'm guessing there has been no review.....)

                                Ehh no. The 3.1.0_4 build was supported up until recently by BBCAN, and until pfSense has made a new release (2.7/22.11) another pfBlockerNG-devel release is not needed unless it fixes the problem _4 had.

                                What problem did _4 have? I am a long user of this package and was not aware of any bugs/issues.

                                GertjanG 1 Reply Last reply Reply Quote 0
                                • GertjanG
                                  Gertjan @jdeloach
                                  last edited by

                                  @jdeloach said in 3.1.0_6 UPDATE:

                                  What problem did _4 have?

                                  Scroll to the top, start reading ;)

                                  @keyser said in 3.1.0_6 UPDATE:

                                  and as far as I can tell people are still applying the same "fix" by removing the ")" in line 4136.

                                  No "help me" PM's please. Use the forum, the community will thank you.
                                  Edit : and where are the logs ??

                                  J 1 Reply Last reply Reply Quote 0
                                  • J
                                    jdeloach @Gertjan
                                    last edited by

                                    @gertjan said in 3.1.0_6 UPDATE:

                                    @jdeloach said in 3.1.0_6 UPDATE:

                                    What problem did _4 have?

                                    Scroll to the top, start reading ;)

                                    @keyser said in 3.1.0_6 UPDATE:

                                    and as far as I can tell people are still applying the same "fix" by removing the ")" in line 4136.

                                    I don't see any issues listed in any of the messages, that I have ever had. Granted I don't use Netgate hardware and only run CE 2.6.0. Swap space is always 0% and CPU usage is never spikes above about 3%.

                                    By the way I'm running Snort as well as pfBlockerNG.

                                    ? keyserK 2 Replies Last reply Reply Quote 0
                                    • BBcan177B
                                      BBcan177 Moderator
                                      last edited by

                                      Before the pitch forks come out... I am still here and nothing has changed but its been challenging lately ... working on a release which should hopefully be available later this week or next week for the 2.6 and 2.7 branches. Thanks for the patience!

                                      Its been quite a ride since 2014:
                                      https://twitter.com/BBcan177/status/1354556985652506624

                                      "Experience is something you don't get until just after you need it."

                                      Website: http://pfBlockerNG.com
                                      Twitter: @BBcan177  #pfBlockerNG
                                      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                                      fireodoF keyserK lohphatL J 5 Replies Last reply Reply Quote 16
                                      • fireodoF
                                        fireodo @BBcan177
                                        last edited by fireodo

                                        @bbcan177 said in 3.1.0_6 UPDATE:

                                        Before the pitch forks come out..

                                        😂 😂 😂

                                        Thanks for the patience!

                                        Thank YOU for clarification and Thank You for your work! (has to be said)

                                        Kind regards,
                                        fireodo

                                        Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
                                        SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
                                        pfsense 2.7.2 CE
                                        Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches.

                                        DefenderLLCD 1 Reply Last reply Reply Quote 3
                                        • S SteveITS referenced this topic on
                                        • DefenderLLCD
                                          DefenderLLC @fireodo
                                          last edited by

                                          @fireodo said in 3.1.0_6 UPDATE:

                                          @bbcan177 said in 3.1.0_6 UPDATE:

                                          Before the pitch forks come out..

                                          😂 😂 😂

                                          Thanks for the patience!

                                          Thank YOU for clarification and Thank You for your work! (has to be said)

                                          Kind regards,
                                          fireodo

                                          Amen!

                                          fireodoF 1 Reply Last reply Reply Quote 0
                                          • fireodoF
                                            fireodo @DefenderLLC
                                            last edited by

                                            @cloudified said in 3.1.0_6 UPDATE:

                                            Amen!

                                            😅

                                            Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
                                            SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
                                            pfsense 2.7.2 CE
                                            Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.