disabling Suppression does not seem to work in 3.2.0_3
-
I rely upon custom alias lists that contain RFC1918 and other private IP addresses. To get PFBlockerNG to not strip these IPs out, I have to uncheck "Suppression" and set the action to "Alias Native" Even Though this box is unchecked in 3.2.0_3 PFBlockerNG seems to remove the private IPs from my Native Alias.
If i try and create a Native Alias using a file that only contains private IPs the logs say:
"No IPs found! Ensure only IP based Feeds are used!"Any advice on how to get this function back as soon as possible?
Thank you.
-
bump to the top. Does anyone know if this is being worked on? Or if it is reported correctly. I am willing to test any DEV release.
-
@superbree I don't see an entry in the list of open issues here
https://redmine.pfsense.org/issues?utf8=%E2%9C%93&set_filter=1&sort=id%3Adesc&f%5B%5D=status_id&op%5Bstatus_id%5D=o&f%5B%5D=subject&op%5Bsubject%5D=%7E&v%5Bsubject%5D%5B%5D=pfblocker&f%5B%5D=&c%5B%5D=project&c%5B%5D=tracker&c%5B%5D=category&c%5B%5D=status&c%5B%5D=priority&c%5B%5D=subject&c%5B%5D=assigned_to&c%5B%5D=updated_on&group_by=&t%5B%5D=
I'd suggest creating one if you can reproduce it.That setting says "Default enabled" but it's off on all ours. Looks on at a recent client install. I don't recall disabling it but I wonder if it was enabled at some point but is not actually enabled by default? Our client has tag
<suppression>on</suppression>in their config file but none of ours have that tag. -
@steveits I have verified in our config that suppression is disabled. in both the raw config file as well as through the GUI. Ihave tried many things to get it to honor that setting. PFBlockerNG 3.2.0_3 appears broken with respects to suppression. our company relies on custom private IP lists that have both private and public IP addresses.
I am willing to test anything. for additional information or to help the developers in anyway. We just need it to function again as designed so that we can move forward to the PFSense 23.01 release. Since PFSense 23.01 forces a PFBlockerNG upgrade we are stuck on our old setup and older version of PFSense.
-
@superbree Creating a redmine report is probably the best way. We can try bringing in @BBcan177 to this thread. And/or connect at https://www.patreon.com/pfBlockerNG or on Reddit.
If I check that box, the config diff shows:
- <suppression></suppression> + <suppression>on</suppression>If I uncheck it I get:
- <suppression>on</suppression> + <suppression></suppression>...but it is not actually there in the saved config file. Seems to me like it's off by default unless turned on (which might be the default on new installs?). Which isn't really related to your issue, but does seem like a bug.
-