Remove pfblocker settings without package installed?

Klaus2314

Hi there,

the update to 24.11 seems to have inrtoduced a ton more strain onto my little SG1100 so when I re-install pfb to 24.11 it makes the whole machine slow down to a crawl and GUI becomes EXTREMELY unresponsive. (same setup ran totally fine under 24.3)
So I installed a new boot environmen with no pfb which runs fine but now I want to setup pfb from scratch with less feeds but as soon as I install the package it finds the old settings and runs those feeds so I end up with the same situation. So here's the question: how can I remove/delete the old pfb settings without having pfb installed and before running it?
Thanks!

Klaus2314

@Klaus2314 Maybe I should rephrase the question:

How can I prevent pfblocker loading an old setup that's on the pfsense install when I install the pfb package?
Can I delete the old setup via the shell before doing a clean install and start fresh?

Thanks!

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

How can I prevent pfblocker loading an old setup that's on the pfsense install when I install the pfb package?

Hi,

before uninstalling pfBlockerNG make shure the "Keep Settings" is deactivated. The when you uninstall pfBlockerNG all your settings wil be removed from the config.xml and when you reinstall it will be "virgin"

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

So here's the question: how can I remove/delete the old pfb settings without having pfb installed and before running it?

Only by manual editing the config.xml - but you have to know what you are doing, this is not trivial!

Regards,
fireodo

Klaus2314

@fireodo said in Remove pfblocker settings without package installed?:

@Klaus2314 said in Remove pfblocker settings without package installed?:

How can I prevent pfblocker loading an old setup that's on the pfsense install when I install the pfb package?

Hi,

before uninstalling pfBlockerNG make shure the "Keep Settings" is deactivated. The when you uninstall pfBlockerNG all your settings wil be removed from the config.xml and when you reinstall it will be "virgin"

Yeah, I'm aware. I wasn't anticipating the 24.11 update having this much of an impact and I didn't want to set everything up from scratch. Now I guess I have to...

Klaus2314

@fireodo said in Remove pfblocker settings without package installed?:

@Klaus2314 said in Remove pfblocker settings without package installed?:

So here's the question: how can I remove/delete the old pfb settings without having pfb installed and before running it?

Only by manual editing the config.xml - but you have to know what you are doing, this is not trivial!

Regards,
fireodo

OK, bummer. So I basically have to setup the entire firewall from scratch to avoid pfb from starting with the old settings... wow.

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

OK, bummer. So I basically have to setup the entire firewall from scratch to avoid pfb from starting with the old settings... wow.

Do you have console access when the box is unresponsive?
Make a backup of you config.xml. (preferably on a external medium)
Search in the config.xml for this:

<pfb_keep>on</pfb_keep>

change the "on" to "off"

then on the console:

pkg uninstall pfSense-pkg-pfBlockerNG-3.2.0_8 

(I assume you have version 3.2.0_8)

Do it at your own risk - much safe is, even if the GUI is slow, to try do it via the GUI ...

Klaus2314

@fireodo Ok thank you! I tried to roll back to 24.3 but the package manager only offers the most recent version after the roll back wich does not seem to run on 24.3.
So again a one way road there.
I'll try what you suggested.

Klaus2314

@Klaus2314 This is the 24.11 by the way with NO blocker installed and just the most basic setup. Pretty crazy. It hovrs between 99% and 100% at all times. 24.3 was at around 50% WITH the blocker running!!

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

This is the 24.11 by the way with NO blocker installed and just the most basic setup.

Take a look with top - maybe you can identify wich process is eating CPU ...

Klaus2314

@fireodo

fireodo

@Klaus2314

Hmmm ... I cannot see something very unusual ...

Have you installed all system patches (if any)?

Klaus2314

@fireodo 24.11 has no patches yes

Klaus2314

@Klaus2314

fireodo

@Klaus2314

OK. Maybe we should ask @stephenw10 to jump in because he knows the 24.11 better than I do ... this seams to be something else than pfBlockerNG trouble ...

Klaus2314

@fireodo Yeah, the forum seems to be full of posts about excessive CPU usage with 24.11. At the moment 24.11 doesn't seem to be able to run pfblocker on an SG1100. I'll try and roll back to 24.3 somehow and re-install the pfb version that worked with it last.
Thanks for chiming in and happy holidays!

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

Thanks for chiming in and happy holidays!

Thank you - for you too!
Sorry I could not help more :-(

Klaus2314

@fireodo No worries. It seems to be the widgets. Got CPU down to 30% by removing all widgets from the dashboard and just adding back system info.

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

Got CPU down to 30% by removing all widgets from the dashboard and just adding back system info.

Yeah, I remember to have read something related to widgets and high CPU load in 24.11 ...

SteveITS

@Klaus2314 Remove the section(s) for pfB from your config file and restore.

If you install packages ensure you have the correct update branch selected. Installing a package for a later version can break things.

The posts I’ve seen about high CPU usage are re: dashboard widget updating. Quick workaround is not to view the dashboard. There is also a patch to revert the changes there.