Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    3.1.0_6 UPDATE

    Scheduled Pinned Locked Moved pfBlockerNG
    77 Posts 14 Posters 16.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • lohphatL
      lohphat
      last edited by

      I upgraded from _4 to _6, had to manually restart unbound (as usual), and had to reapply the pre-existing patch in /net/usr/local/pkg/pfblockerng/pfblockerng.inc

      ...
      -                $r = explode(')', $result, 2);
      +                $r = explode(' ', $result, 2);
      ...
      

      Watching the git commits, there was activity in the pfblockerng.inc file but not the above change.

      Is there a Redmine bug tracking that?

      SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_1)

      1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @SteveITS
        last edited by

        @lohphat said in 3.1.0_6 UPDATE:

        Is there a Redmine bug tracking that?

        yes

        @steveits said in 3.1.0_6 UPDATE:

        https://redmine.pfsense.org/issues/13154

        The code changes didn't find their way into _5 or _6.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 1
        • DefenderLLCD
          DefenderLLC
          last edited by

          FYI, 3.1.0_7 is out now with the included fix... Just installed it on my 6100 and everything is working fine.

          lohphatL 1 Reply Last reply Reply Quote 1
          • lohphatL
            lohphat @DefenderLLC
            last edited by

            @cloudified Same here. As usual, had to manually restart unbound

            SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_1)

            DefenderLLCD 1 Reply Last reply Reply Quote 1
            • DefenderLLCD
              DefenderLLC @lohphat
              last edited by

              @lohphat said in 3.1.0_6 UPDATE:

              @cloudified Same here. As usual, had to manually restart unbound

              Same here. This is only my 2nd time upgrading pfBlocker and I guess that's expected behavior.

              S 1 Reply Last reply Reply Quote 0
              • J
                JMV43 0 @BBcan177
                last edited by

                @bbcan177 Is 3.1.0_7 out for +22.05?

                DefenderLLCD 1 Reply Last reply Reply Quote 0
                • DefenderLLCD
                  DefenderLLC @JMV43 0
                  last edited by DefenderLLC

                  @jmv43-0 It is, which is why I just posted that. I noticed it as an available upgrade in Package Manager on my 6100 running 22.05+. Plus he already said it would be coming out this week.

                  1 Reply Last reply Reply Quote 0
                  • ?
                    A Former User
                    last edited by

                    pfBlocker-NG 3.1.0_7 and acme 0.7.3 as today they are available for 22.05 I updated in time and all is fine since
                    the update. Look at the numbers now;

                    6.jpg

                    8.jpg

                    7.jpg

                    1 Reply Last reply Reply Quote 0
                    • S
                      SteveITS Galactic Empire @DefenderLLC
                      last edited by

                      @cloudified said in 3.1.0_6 UPDATE:

                      I guess that's expected behavior

                      More or less...I seem to recall a post from BBCan177 a while back, saying it was a bug in pfSense's package system, so he can't fix it.

                      Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                      When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                      Upvote 👍 helpful posts!

                      1 Reply Last reply Reply Quote 1
                      • T
                        turker
                        last edited by

                        3.1.0_7. everything is fine, but Old rules are not deleted on widget
                        errors.jpg

                        DefenderLLCD 1 Reply Last reply Reply Quote 0
                        • DefenderLLCD
                          DefenderLLC @turker
                          last edited by

                          @turker said in 3.1.0_6 UPDATE:

                          3.1.0_7. everything is fine, but Old rules are not deleted on widget
                          errors.jpg

                          @turker Do a force reload and restart the pfBlocker services.

                          T J 2 Replies Last reply Reply Quote 1
                          • T
                            turker @DefenderLLC
                            last edited by

                            @cloudified
                            i do Force reload pfBlocker services and restarted, pfsense restarted. Nothing changed.

                            DefenderLLCD 1 Reply Last reply Reply Quote 0
                            • DefenderLLCD
                              DefenderLLC @turker
                              last edited by

                              @turker are you getting any table memory errors? That might indicate that you need to increase your Firewall Maximum Table Entries in the System / Advanced / Firewall & NAT section. I had to increase mine from 400,000 to 1,000,000 to account for all of the pfBlocker lists I have configured.

                              J T 2 Replies Last reply Reply Quote 1
                              • J
                                jdeloach @DefenderLLC
                                last edited by jdeloach

                                @cloudified
                                @turker

                                Did you manually create firewall rules for those aliases or did it create them automatically? Check your firewall rules and see if those aliases still appear in your firewall rules, if they do, delete those firewall rules.

                                I've seen cases where I created rules with aliases in pfBlocker but didn't delete them and they would still show up in that table, like you are showing.

                                DefenderLLCD 1 Reply Last reply Reply Quote 1
                                • DefenderLLCD
                                  DefenderLLC @jdeloach
                                  last edited by

                                  @jdeloach said in 3.1.0_6 UPDATE:

                                  @cloudified

                                  Did you manually create firewall rules for those aliases or did it create them automatically? Check your firewall rules and see if those aliases still appear in your firewall rules, if they do, delete those firewall rules.

                                  I've seen cases where I created rules with aliases in pfBlocker but didn't delete them and they would still show up in that table, like you are showing.

                                  I think you meant to reply to @turker.

                                  J 1 Reply Last reply Reply Quote 2
                                  • J
                                    jdeloach @DefenderLLC
                                    last edited by

                                    @cloudified
                                    Yeah, I just saw that and edited my post. Thanks!

                                    1 Reply Last reply Reply Quote 1
                                    • T
                                      turker
                                      last edited by

                                      1aliases.png 1IP.PNG 1wid.PNG

                                      1 Reply Last reply Reply Quote 0
                                      • J
                                        jdeloach @DefenderLLC
                                        last edited by

                                        @cloudified said in 3.1.0_6 UPDATE:

                                        @turker are you getting any table memory errors? That might indicate that you need to increase your Firewall Maximum Table Entries in the System / Advanced / Firewall & NAT section. I had to increase mine from 400,000 to 1,000,000 to account for all of the pfBlocker lists I have configured.

                                        One other comment, there has been a lot of discussion in numerous posts on this forum as to what value, Firewall Maximum Table Entries should be. They are several cases where folks have used anywhere from 400,000 to 10,000,000. I think most consider 2,000,000 to be a good number to use but it seems to vary depending on each users system, memory and which/how many lists folks choose to use. I just checked my system and I have 4,000,000, why, I don't know, it works so I don't plan to change it.

                                        As far as the default value, that bug/error has been around since day one with this package, even before BBcan177, took over as the maintainer, if remember correctly. I think the pfSense/Netgate/maintainer GODS think it is a low priority fix and have ignored it all these years.

                                        DefenderLLCD 1 Reply Last reply Reply Quote 0
                                        • T
                                          turker @DefenderLLC
                                          last edited by

                                          @cloudified said in 3.1.0_6 UPDATE:

                                          @turker are you getting any table memory errors?
                                          No.

                                          1 Reply Last reply Reply Quote 0
                                          • T
                                            turker
                                            last edited by

                                            The problem may be caused by me.
                                            Rule 5 seems to be assigned to the interface but i have 4 interfaces. I deleted one.
                                            Looks like it was assigned to the deleted interface.
                                            3.1.png
                                            3.2.png

                                            1 Reply Last reply Reply Quote 1
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.