How to stop maxmind spam to pfsense alert?

MakOwner

Is the answer to uninstall and point to a piehole?
Ii don't mind being reminded but this is just ... and will someday cover up a serious alert I'm sure ...

code_text

pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 10:15:29
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 11:15:32
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 12:15:26
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 13:15:21
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 14:15:27
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 15:15:44
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 16:15:35
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 17:15:42
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 18:15:42
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 19:15:34
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 20:15:29
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 21:15:33
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 22:15:35
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-08 23:15:40
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-09 00:15:42
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-09 01:15:36
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-09 02:15:40
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-09 03:15:30
pfBlockerNG MaxMind - MaxMind now requires a License Key! Review the IP tab: MaxMind settings for more information. @ 2024-02-09 04:15:38

SteveITS

@MakOwner You can change your update interval. AFAIK they only update the feed monthly anyway. And it won’t work without a license…and maybe https://forum.netgate.com/topic/186065/heads-up-new-suricata-7-0-3-package-is-coming-soon if I’m reading that correctly.

Bob.Dig

Looks like we need another update for pfBlockerNG!

NogBadTheBad

You could just sign up for a free license.

Screenshot 2024-02-13 at 19.30.50.png

Bob.Dig

@NogBadTheBad said in How to stop maxmind spam to pfsense alert?:

You could just sign up for a free license.

Na, take a look at what @SteveITS has "linked".

NogBadTheBad

@Bob-Dig The link doesn't work.

I'm running both and get no issues.

Screenshot 2024-02-13 at 19.59.04.png

Oh see what you mean now:-

https://redmine.pfsense.org/issues/15240

pfBlocker will just need to incorporate sending the accountID.

SteveITS

Sorry, Bill deleted the topic in favor of the release notes:
https://forum.netgate.com/topic/186071/suricata-package-v7-0-3-available-here-are-the-release-notes

"Special Notice: MaxMind recently changed their API for authentication when downloading updates for the GeoIP2 database. If you use the GeoIP2 option in Suricata, then you must execute a few specific actions to restore the GeoIP2 database download and update process.
...
Enter your MaxMind Account ID in the new field provided above the previous License Key field."

I had tried a pfB update after I read that, and didn't have an issue though, so I was a bit confused...

MakOwner

@SteveITS

I'm not using the IP related stuff, even tried hunting down as many settings as I could to disable updates but it just keeps spamming alerts. :/

Bob.Dig

@MakOwner From what log-file is this exactly? I can't see it (for now).

johnpoz

When was this supposed to have changed... Looks like pfblocker updated just fine for me on the 6th of feb

And per maxmind I at least auth with the key on the 9th of feb..

SteveITS

@johnpoz I believe the original (Suricata warning) post said January but wasn’t specific.