3.1.0_6 UPDATE

lohphat · Oct 19, 2022, 5:54 PM

I upgraded from _4 to _6, had to manually restart unbound (as usual), and had to reapply the pre-existing patch in /net/usr/local/pkg/pfblockerng/pfblockerng.inc

...
-                $r = explode(')', $result, 2);
+                $r = explode(' ', $result, 2);
...

Watching the git commits, there was activity in the pfblockerng.inc file but not the above change.

Is there a Redmine bug tracking that?

SteveITS · Oct 19, 2022, 6:29 PM

@lohphat said in 3.1.0_6 UPDATE:

Is there a Redmine bug tracking that?

yes

@steveits said in 3.1.0_6 UPDATE:

https://redmine.pfsense.org/issues/13154

The code changes didn't find their way into _5 or _6.

DefenderLLC · Oct 20, 2022, 12:07 AM

FYI, 3.1.0_7 is out now with the included fix... Just installed it on my 6100 and everything is working fine.

lohphat · Oct 20, 2022, 1:01 AM

@cloudified Same here. As usual, had to manually restart unbound

DefenderLLC · Oct 20, 2022, 1:01 AM

@lohphat said in 3.1.0_6 UPDATE:

@cloudified Same here. As usual, had to manually restart unbound

Same here. This is only my 2nd time upgrading pfBlocker and I guess that's expected behavior.

JMV43 0 · Oct 20, 2022, 1:11 AM

@bbcan177 Is 3.1.0_7 out for +22.05?

DefenderLLC · Oct 20, 2022, 1:17 AM

@jmv43-0 It is, which is why I just posted that. I noticed it as an available upgrade in Package Manager on my 6100 running 22.05+. Plus he already said it would be coming out this week.

A Former User · Oct 20, 2022, 10:04 AM

pfBlocker-NG 3.1.0_7 and acme 0.7.3 as today they are available for 22.05 I updated in time and all is fine since
the update. Look at the numbers now;

SteveITS · Oct 20, 2022, 4:10 PM

@cloudified said in 3.1.0_6 UPDATE:

I guess that's expected behavior

More or less...I seem to recall a post from BBCan177 a while back, saying it was a bug in pfSense's package system, so he can't fix it.

turker · Oct 20, 2022, 5:15 PM

3.1.0_7. everything is fine, but Old rules are not deleted on widget

DefenderLLC · Oct 20, 2022, 5:21 PM

@turker said in 3.1.0_6 UPDATE:

3.1.0_7. everything is fine, but Old rules are not deleted on widget

@turker Do a force reload and restart the pfBlocker services.

turker · Oct 20, 2022, 5:44 PM

@cloudified
i do Force reload pfBlocker services and restarted, pfsense restarted. Nothing changed.

DefenderLLC · Oct 20, 2022, 6:09 PM

@turker are you getting any table memory errors? That might indicate that you need to increase your Firewall Maximum Table Entries in the System / Advanced / Firewall & NAT section. I had to increase mine from 400,000 to 1,000,000 to account for all of the pfBlocker lists I have configured.

jdeloach · Oct 20, 2022, 6:26 PM

@cloudified
@turker

Did you manually create firewall rules for those aliases or did it create them automatically? Check your firewall rules and see if those aliases still appear in your firewall rules, if they do, delete those firewall rules.

I've seen cases where I created rules with aliases in pfBlocker but didn't delete them and they would still show up in that table, like you are showing.

DefenderLLC · Oct 20, 2022, 6:25 PM

@jdeloach said in 3.1.0_6 UPDATE:

@cloudified

Did you manually create firewall rules for those aliases or did it create them automatically? Check your firewall rules and see if those aliases still appear in your firewall rules, if they do, delete those firewall rules.

I've seen cases where I created rules with aliases in pfBlocker but didn't delete them and they would still show up in that table, like you are showing.

I think you meant to reply to @turker.

jdeloach · Oct 20, 2022, 6:27 PM

@cloudified
Yeah, I just saw that and edited my post. Thanks!

turker · Oct 20, 2022, 6:53 PM

jdeloach · Oct 20, 2022, 7:04 PM

@cloudified said in 3.1.0_6 UPDATE:

@turker are you getting any table memory errors? That might indicate that you need to increase your Firewall Maximum Table Entries in the System / Advanced / Firewall & NAT section. I had to increase mine from 400,000 to 1,000,000 to account for all of the pfBlocker lists I have configured.

One other comment, there has been a lot of discussion in numerous posts on this forum as to what value, Firewall Maximum Table Entries should be. They are several cases where folks have used anywhere from 400,000 to 10,000,000. I think most consider 2,000,000 to be a good number to use but it seems to vary depending on each users system, memory and which/how many lists folks choose to use. I just checked my system and I have 4,000,000, why, I don't know, it works so I don't plan to change it.

As far as the default value, that bug/error has been around since day one with this package, even before BBcan177, took over as the maintainer, if remember correctly. I think the pfSense/Netgate/maintainer GODS think it is a low priority fix and have ignored it all these years.

turker · Oct 20, 2022, 7:32 PM

@cloudified said in 3.1.0_6 UPDATE:

@turker are you getting any table memory errors?
No.

turker · Oct 20, 2022, 8:10 PM

The problem may be caused by me.
Rule 5 seems to be assigned to the interface but i have 4 interfaces. I deleted one.
Looks like it was assigned to the deleted interface.