Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MaxMind DB URL Changing

    Scheduled Pinned Locked Moved Plus 24.03 Development Snapshots (Retired)
    12 Posts 6 Posters 3.3k Views 8 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DefenderLLCD Offline
      DefenderLLC @mcury
      last edited by DefenderLLC

      @mcury Thanks, I did not see that post; however, I do believe that that are several other pfSense packages that also use MaxMind such as ntopng.

      JeGrJ 1 Reply Last reply Reply Quote 0
      • bmeeksB Offline
        bmeeks
        last edited by

        The Suricata package was modified to take this change into account with the most recent update back in February.

        The Suricata package uses MaxMind's permalink URL internally for the download. There is a new field on the GLOBAL SETTINGS tab where you must enter your Account ID in addition to your License Key for authentication.

        1 Reply Last reply Reply Quote 5
        • JeGrJ Offline
          JeGr LAYER 8 Moderator @DefenderLLC
          last edited by

          @DefenderLLC said in MaxMind DB URL Changing:

          @mcury Thanks, I did not see that post; however, I do believe that that are several other pfSense packages that also use MaxMind such as ntopng.

          Antworten

          AFAIK no core package uses MaxMind, only additional packages bring it, so that should be addressed to the individual package maintainer/thread as it's probably not 24.03 (core) related?

          Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

          If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

          DefenderLLCD 1 Reply Last reply Reply Quote 0
          • DefenderLLCD Offline
            DefenderLLC @JeGr
            last edited by

            @JeGr said in MaxMind DB URL Changing:

            @DefenderLLC said in MaxMind DB URL Changing:

            @mcury Thanks, I did not see that post; however, I do believe that that are several other pfSense packages that also use MaxMind such as ntopng.

            Antworten

            AFAIK no core package uses MaxMind, only additional packages bring it, so that should be addressed to the individual package maintainer/thread as it's probably not 24.03 (core) related?

            My apologies. I just wanted to share the information because of the upcoming May 1st deadline for this change.

            1 Reply Last reply Reply Quote 0
            • Cool_CoronaC Offline
              Cool_Corona
              last edited by

              Is it a plan to update older versions of pfblocker and suricata to take this into account??

              Currently hating the thought of upgrading from a very stable 2.5.2 to any of the new releases since every test I have performed on the same hardware the new releases just dont have the performance as 2.5.2 does.

              So just wondering...

              bmeeksB JeGrJ 2 Replies Last reply Reply Quote 0
              • bmeeksB Offline
                bmeeks @Cool_Corona
                last edited by bmeeks

                @Cool_Corona said in MaxMind DB URL Changing:

                Is it a plan to update older versions of pfblocker and suricata to take this into account??

                Currently hating the thought of upgrading from a very stable 2.5.2 to any of the new releases since every test I have performed on the same hardware the new releases just dont have the performance as 2.5.2 does.

                So just wondering...

                No. As has been stated on the forum numerous times, packages are locked to a specific pfSense version due to kernel versioning issues. The package repo for a given pfSense version is compiled using the kernel components and libraries for that specific version. They will rarely work in a different pfSense version. Notice I said "rarely work" and not "never work" because there are a tiny handful of exceptions, but not many at all.

                So with the above out of the way, nobody wants to expend the effort required to go back and update old package code and recompile everything against an old pfSense kernel. This is especially true if there were known security issues with components of that old version. Also remember what the cost of pfSense CE is. It's $0.00 (also known as free). Developers are not interested in going back and working on old stuff for nothing ๐Ÿ™‚.

                The short answer is that if you want current package code and features and fixes, you MUST stay current with the most recent pfSense CE or pfSense Plus release.

                If you want to stay on 2.5.2 for some reason, and you are worried about package updates for Suricata and pfBlockerNG, then you need to stand up your own FreeBSD-ports tree package builder server and maintain/update those packages yourself. You can easily copy/clone the PHP source code and any required binary code patches from the pfSense FreeBSD-ports repo here: https://github.com/pfsense/FreeBSD-ports.

                1 Reply Last reply Reply Quote 4
                • JeGrJ Offline
                  JeGr LAYER 8 Moderator @Cool_Corona
                  last edited by JeGr

                  @Cool_Corona said in MaxMind DB URL Changing:

                  Currently hating the thought of upgrading from a very stable 2.5.2 to any of the new releases since every test I have performed on the same hardware the new releases just dont have the performance as 2.5.2 does.

                  With 2.5.x being not one but already 4 releases behind and running EOL FBSD-12, you'll be on a sinking ship soon. What performance is THAT abysmal that one would forcefully strangle yourself to such an old release?

                  Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                  If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                  Cool_CoronaC 1 Reply Last reply Reply Quote 0
                  • Cool_CoronaC Offline
                    Cool_Corona @JeGr
                    last edited by

                    @JeGr Throughput and stable VLAN's....

                    ahking19A 1 Reply Last reply Reply Quote 0
                    • ahking19A Offline
                      ahking19 @Cool_Corona
                      last edited by

                      @Cool_Corona I think @JeGr was trying to ask for a quantifiiable number on "abysmal" throughput performance loss. Is that 40%, 30%, 25%...?

                      Cool_CoronaC 1 Reply Last reply Reply Quote 0
                      • Cool_CoronaC Offline
                        Cool_Corona @ahking19
                        last edited by

                        @ahking19 Seeing average of 15-18% on busy uplinks.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.