Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG blocks my entire network

    Scheduled Pinned Locked Moved pfBlockerNG
    19 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JHODZ @JHODZ
      last edited by

      @JHODZ I also checked from my logs and got this error
      [1708589241] unbound[97875:0] error: bind: address already in use
      [1708589241] unbound[97875:0] fatal error: could not open ports

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @JHODZ
        last edited by

        @JHODZ said in pfBlockerNG blocks my entire network:

        [1708589241] unbound[97875:0] error: bind: address already in use
        [1708589241] unbound[97875:0] fatal error: could not open ports

        That means that unbound was told to stop, but didn't (in time). then it get restarted, but it can't, as the previous instance is still shutting down, or even dead.
        Solution : console or SSH, option 8, and :

        ps ax | grep 'unbound'

        and kill all the lines like these :

        17516  -  Ss     16:07.53 /usr/local/sbin/unbound -c /var/unbound/unbound.conf

        so

        kill 17516

        and when done, start unbound in GUI.

        @JHODZ said in pfBlockerNG blocks my entire network:

        ask I changed my web interface port

        Like :

        48e10614-8735-4e42-9640-6bad7c384c39-image.png

        why not.
        ( as long as it isn't used by another process ^^ )

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        J 1 Reply Last reply Reply Quote 1
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @JHODZ
          last edited by

          @JHODZ said in pfBlockerNG blocks my entire network:

          No Please. I have even changed it

          You didn't change it, but it lists 12.10.100.1 as its vip? That sure looks like it was changed to me.. Where it would it come up with such an address?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • J
            JHODZ @Gertjan
            last edited by

            @Gertjan yes i dd changed it

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @JHODZ
              last edited by

              @JHODZ yeah my bad, couldn't read this morning I guess.. but 12.something would be a really bad choice.. And points out it should be rfc1918..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • J
                JHODZ
                last edited by

                Hi all, I got it to work by changing some of the ports, but I can't run DNSBL in python mode allthough unbound mode works fine. Please is there anything else am missing.

                johnpozJ GertjanG 2 Replies Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator @JHODZ
                  last edited by

                  @JHODZ said in pfBlockerNG blocks my entire network:

                  Please is there anything else am missing.

                  Missing what - you have given no info on how your setup..

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • GertjanG
                    Gertjan @JHODZ
                    last edited by Gertjan

                    @JHODZ said in pfBlockerNG blocks my entire network:

                    but I can't run DNSBL in python mode

                    Because ?
                    You don't want to ?
                    Some other reason ?

                    edit :
                    "Python mode" is what the unbound authors advice to use when you want, for example, add dnsbkl type files. This 'mode' speeds up drastically the start and restart of unbound.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    J 1 Reply Last reply Reply Quote 0
                    • J
                      JHODZ @Gertjan
                      last edited by

                      @Gertjan I meant I am unable to run dnsbl in Python mode. Webpages takes long time to load

                      GertjanG 1 Reply Last reply Reply Quote 0
                      • GertjanG
                        Gertjan @JHODZ
                        last edited by

                        @JHODZ

                        How much DNSBL feeds do you have :

                        820408bc-f8f1-4dc7-9aa2-1d50b23a47f3-image.png

                        c306e0a5-a521-40a4-9a23-c8464307fefa-image.png

                        What does this log show you when you reload pfBlockerng like this :

                        dee28981-7849-47e1-926e-58f7d2187797-image.png

                        Do the test both in unbound and Python mode.

                        No "help me" PM's please. Use the forum, the community will thank you.
                        Edit : and where are the logs ??

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.