pfBlockerNG 3.2.0_4 ?

pfsjap

@gertjan Thank you for the pkg_check, works great.

I'd like to ask about updates, which are part of the of the base system:

Some packages are part of the base system and will not show up in Package Manager. If any such updates are listed below, run `pkg upgrade` from the shell to install them:

igmpproxy: 0.3,1 -> 0.3_1,1 [pfSense]
pfSense-upgrade: 1.0_53 -> 1.0_58 [pfSense]

Is it recommended (and safe) practice to update those also?

Gertjan

@pfsjap

Yes,

pkg upgrade

will do the job.

MarinSNB

@gertjan How do I add this script? Do I do it using the Filer package? Would appreciate a snapshot of your configuration. I have already added the needs Cron job for it as you indicated.

Thanks much!

michmoor

@gertjan Would you happen to know what the pfsense-upgrade package is?
I get this message even after i performed my firmware upgrade on the 6100.

Installed packages to be UPGRADED:
        igmpproxy: 0.3,1 -> 0.3_1,1 [pfSense]
        pfSense-upgrade: 1.0_53 -> 1.0_58 [pfSense]

Number of packages to be upgraded: 2

46 KiB to be downloaded.

Proceed with this action? [y/N]:

rcoleman-netgate

@michmoor said in pfBlockerNG 3.2.0_4 ?:

Would you happen to know what the pfsense-upgrade package is?

It is the package that handles all pfSense updates and upgrades.

michmoor

@rcoleman-netgate gotcha. Does it need an upgrade anyway? During the normal package upgrade process via the GUI, I don’t see this option.

rcoleman-netgate

@michmoor it includes references needed to provide future updates and upgrades, so yes, it should always be upgraded when it prompts for a change.

michmoor

@rcoleman-netgate is there a way to make that visible via the GUI? Maybe it is but I missed it?
For my normal workflow I don’t go into the shell unless I absolutely need to.
pkg upgrade isn’t something i have normally done when managing any pfsense but I will add it now.

rcoleman-netgate

@michmoor I believe it is part of the regular update checker but I am not an expert, or even an intermediate on this item. @stephenw10 might have your answer.

Gertjan

@marinsnb said in pfBlockerNG 3.2.0_4 ?:

How do I add this script?

Copy paste in a text editor !

There is a build in text editor in pfSense, I forgot it's name.
There is 'vi' of course, but I'm not going to advise you use that one ;)

edit : found it : is ee, so

ee /root/pkg_check.php

.....

pkg install nano

All you need to do now is : how to save a file with nano.
(searching etc is for later)

When nano is installed :

nano /root/pkg_check.php

and paste (ctrl-V or if you use Putty : right mous click) into the editor.

Ctrl-w to write the file.
Ctrl-x to exit the editor.

sgw

Still no "Packets" in the widget:

But I see packets blocked in the Logs of pfblockerNG.

Gertjan

@michmoor said in pfBlockerNG 3.2.0_4 ?:

Installed packages to be UPGRADED:
igmpproxy: 0.3,1 -> 0.3_1,1 [pfSense]
pfSense-upgrade: 1.0_53 -> 1.0_58 [pfSense]

These are 'real' FreeBSD packages that make part of what pfSense is.
True, you won't see them in the classic GUI installed packages list.

and yes, normally, no body will actually 'see' when they are available.
What I do know is that they, eventually, get installed.
When ? Probably when you visit System > Update > Update Settings and/or System > Update > System Update

As soon as I had the possibility to see this list of non-GUI packages, I never had the patience to 'wait and see' if and when they get installed, I just install them from the command line :

pkg upgrade

MarinSNB

@gertjan thanks!

manilx

@gertjan Hi. Installed the script on my 8200. Tried and worked.
I'm not using email for notifications but pushover.
How do I modify the script to use pushover for it's notification:

notify_via_smtp($msg);

notify_via_pushover($msg); ????

Thx!

Gertjan

@manilx said in pfBlockerNG 3.2.0_4 ?:

notify_via_smtp($msg);

That's me, scripting the selfish way : I only use smtp, so I called that function directly.

@manilx said in pfBlockerNG 3.2.0_4 ?:

notify_via_pushover($msg); ????

looks fine to me.
Look at the last 6 or 8 lines from /etc/inc/notices.inc - you'll get the picture.

notify_all_remote($msg);

would be best, as it tries everything (that is configured).

manilx

@gertjan said in pfBlockerNG 3.2.0_4 ?:

notify_all_remote($msg);

Got it. Thx!

MarinSNB

@manilx I left mine the same as well (smtp) because I use Gmail too.

SwissSteph

@gertjan

Thanks for sharing! :-)

I installed the script as indicated (thanks for the very clear tutorial). But I'm not sure if it works on version 23.01.

Because it seems that the message sending function only works in "root". My English was not very good, I'm not sure if it concerns this script too, but in any case I haven't received any message yet that there was a new version of something.

I had my UPS not sending me any message and I stumbled on this topic https://forum.netgate.com/topic/174526/nut-upssched/13?_=1682405924756 and I wonder if there would be the same problems because "not root",

Has anyone tested this script successfully on a 23.01 version? or or should we add the "RUN_AS_USER root" function somewhere?

Thanks for your advice.

SwissSteph

EDIT : Now it works, I received an email this morning and an update was seen. Thanks again for this script ;-)

SwissSteph

On my new pfsense (on a Netgate 8200) in 23.05, I get these messages when I run :

sudo php -q /root/pkg_check.php

[23.05-RELEASE][xxxxxxx@pfSense.xxxxxxx.com]/home/xxxxxxx: sudo php -q /root/pkg_check.php
pfSense version 23.05 (installed) is current
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-core/meta.txz: Bad Request
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-core/packagesite.pkg: Bad Request
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-core/packagesite.txz: Bad Request
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-pfSense_plus_v23_05/meta.txz: Bad Request
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-pfSense_plus_v23_05/packagesite.pkg: Bad Request
pkg: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_amd64-pfSense_plus_v23_05/packagesite.txz: Bad Request
[23.05-RELEASE][xxxxxxx@pfSense.xxxxxxx.com]/home/xxxxxxx:

Any idea what the problem is and how to fix it?

Thanks for your advice