Remove pfblocker settings without package installed?

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

So here's the question: how can I remove/delete the old pfb settings without having pfb installed and before running it?

Only by manual editing the config.xml - but you have to know what you are doing, this is not trivial!

Regards,
fireodo

Klaus2314

@fireodo said in Remove pfblocker settings without package installed?:

@Klaus2314 said in Remove pfblocker settings without package installed?:

How can I prevent pfblocker loading an old setup that's on the pfsense install when I install the pfb package?

Hi,

before uninstalling pfBlockerNG make shure the "Keep Settings" is deactivated. The when you uninstall pfBlockerNG all your settings wil be removed from the config.xml and when you reinstall it will be "virgin"

Yeah, I'm aware. I wasn't anticipating the 24.11 update having this much of an impact and I didn't want to set everything up from scratch. Now I guess I have to...

Klaus2314

@fireodo said in Remove pfblocker settings without package installed?:

@Klaus2314 said in Remove pfblocker settings without package installed?:

So here's the question: how can I remove/delete the old pfb settings without having pfb installed and before running it?

Only by manual editing the config.xml - but you have to know what you are doing, this is not trivial!

Regards,
fireodo

OK, bummer. So I basically have to setup the entire firewall from scratch to avoid pfb from starting with the old settings... wow.

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

OK, bummer. So I basically have to setup the entire firewall from scratch to avoid pfb from starting with the old settings... wow.

Do you have console access when the box is unresponsive?
Make a backup of you config.xml. (preferably on a external medium)
Search in the config.xml for this:

<pfb_keep>on</pfb_keep>

change the "on" to "off"

then on the console:

pkg uninstall pfSense-pkg-pfBlockerNG-3.2.0_8 

(I assume you have version 3.2.0_8)

Do it at your own risk - much safe is, even if the GUI is slow, to try do it via the GUI ...

Klaus2314

@fireodo Ok thank you! I tried to roll back to 24.3 but the package manager only offers the most recent version after the roll back wich does not seem to run on 24.3.
So again a one way road there.
I'll try what you suggested.

Klaus2314

@Klaus2314 This is the 24.11 by the way with NO blocker installed and just the most basic setup. Pretty crazy. It hovrs between 99% and 100% at all times. 24.3 was at around 50% WITH the blocker running!!

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

This is the 24.11 by the way with NO blocker installed and just the most basic setup.

Take a look with top - maybe you can identify wich process is eating CPU ...

Klaus2314

@fireodo

fireodo

@Klaus2314

Hmmm ... I cannot see something very unusual ...

Have you installed all system patches (if any)?

Klaus2314

@fireodo 24.11 has no patches yes

Klaus2314

@Klaus2314

fireodo

@Klaus2314

OK. Maybe we should ask @stephenw10 to jump in because he knows the 24.11 better than I do ... this seams to be something else than pfBlockerNG trouble ...

Klaus2314

@fireodo Yeah, the forum seems to be full of posts about excessive CPU usage with 24.11. At the moment 24.11 doesn't seem to be able to run pfblocker on an SG1100. I'll try and roll back to 24.3 somehow and re-install the pfb version that worked with it last.
Thanks for chiming in and happy holidays!

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

Thanks for chiming in and happy holidays!

Thank you - for you too!
Sorry I could not help more :-(

Klaus2314

@fireodo No worries. It seems to be the widgets. Got CPU down to 30% by removing all widgets from the dashboard and just adding back system info.

fireodo

@Klaus2314 said in Remove pfblocker settings without package installed?:

Got CPU down to 30% by removing all widgets from the dashboard and just adding back system info.

Yeah, I remember to have read something related to widgets and high CPU load in 24.11 ...

SteveITS

@Klaus2314 Remove the section(s) for pfB from your config file and restore.

If you install packages ensure you have the correct update branch selected. Installing a package for a later version can break things.

The posts I’ve seen about high CPU usage are re: dashboard widget updating. Quick workaround is not to view the dashboard. There is also a patch to revert the changes there.

Klaus2314

@SteveITS Your hint about the update path did the trick! I was able to roll back to 24.3 and install the pfb version that used to work. Now all is back to normal.
I guess 24.11 and pfb is currently not a good idea to run on an SG1100.

Thank you for helping!

Klaus2314

@Klaus2314 Sorry, spoke too early. 24.3 with the 24.3 update path shows the pfblocker version that only runs on 24.11. Any idea how to install 3.2.0_8 instead of the newer 3.2.0_10 which does not run?

SteveITS

@Klaus2314 Each update branch has "the current" (for that version) package. So there's not a way to get "some older version" that isn't in the online repos. It has only one place to look.

It sounds like you have ZFS on your 1100 so you can just revert to a previous boot environment...?

About the only ways pfBlocker can "not run" are needing more than the 1 GB RAM (i.e. big lists) on the 1100 or using CPU (often, processing/updating big lists) so I would try to figure out why you are seeing high usage, with the dashboard not visible. You could try to track down the changes between those two minor versions but I would not expect to see much significant.

https://github.com/pfsense/FreeBSD-ports/commits/devel/net/pfSense-pkg-pfBlockerNG
https://forum.netgate.com/topic/187767/pfblockerng-3-2-0_09-to-3-2-0_10
https://forum.netgate.com/topic/188162/pfblockerng-v3-2-0_10/6