Country Block
-
I had the same error, and persistence paid off. I don't recall if it started working after a reboot, or 'Commit Countries" did it, but keep trying… Not very helpful, I know :( ...but in the end it's OK.
I clicked through the "whitelist" and was finally able to make it work.
:)
-
After I updated everything worked fine. I added some entries to the whitelist and then removed them latter. I could not get the package to start again after that. I removed the package numerous times and rebooted, and contuniued to get the same error as everyone is listing. I finally added those IP's back to the whitelist and I was able to get it to start up again.
I believe you can reproduce this issue by installing the package.
Adding some IP's to the white list.
Remove the IP's
Uninstall the package
Then reinstall it.
-
Darklogic82,
That helped me locate the issue.
I have found the fix for this. And will be updating the package here shortly. Thank you. -
;)
-
Update pushed.
Uninstall, and re-install please.
-
I all of a sudden keep getting the error:
/tmp/rules.debug:115: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory
Any ideas? This started, possibly coincidentally, after trying to enable both the country and the ip blocklists simultaneously.
EDIT: Well I kind of answered my own question. When I removed all the .gz links from within ip-blocklist then all of a sudden the country block loaded just fine. Is it possible to have both on at the same time, or for some reason not a good idea?
-
They are both designed to work together if both are installed. I run both packages without a problem.
I know the error you pasted. I have gotten that error many time myself. Disabling IP-blocklist and re-enabling it usually helps.
-
Done :) No errors!
-
So far seems to be working good. Also thanks for the whitelist feature. That really helps me a lot.
One other thing or request if you ever get free time to do so, I was wondering if you could make a log section that would either dump to the firewall log or maybe just within the package itself that would show the IP's that are being blocking by specificly the Country Block package?
Currently I don't believe the blocks show up in the firewall logs for either a block or whitelist pass.
Then down the road maybe the logging could generate reports on the CIDRS and pin-point a list of attacks and blocks from the countries and the IP's they belong to.
Thanks for all your hard work on this package. As far as running the IP-Block and Country Block together, all seems to work well.
Again Thanks,
Matt
-
That actually sounds like a good idea. I will start work immediately.
-
Excellent work Tom, this package is wonderfull, but sometimes when I've forbidden countries like Pakistan my access was stopped (I live in France), but it's not a problem at the moment.
The idea to see with the firewall log the country where is situated the IP is wonderfull and with this your package will be perfect :P
Thanks again Tom !
-
First off, thank you for creating this package. It is very helpful to me in dealing with the worst spam offenders.
That said, I have noticed a few typos in the country names, and a few missing countries (unless I have missed something myself). This list is probably not complete, but they are the most recent examples that come to mind for me.
Typos:
Burkia Faso –> Burkina Faso
Argentia --> ArgentinaMissing countries:
Montenegro
IndiaAgain, thank you for creating this!
-
HoTWiReZ
WOW and I mean 01010111 01001111 01010111
tommyboy180, you be the man…
-
Tommyboy, this is one of the most useful packages I have installed so far. You sir, have made my life worth living again. :)
Although, I really hate the idea that someday these type of blocks will become more common where we just get sick of countries who have such a high fraud profile that we simply block the entire country, I have to admit that since I never to ANY business with about 90% of them that I don't feel bad about personally blocking them. I can, however, imagine a world of elitists where we block internet traffic from the majority of the developing world due to endless waves of spam and sniffing.
I guess the burden of this future will be more in the hands of those who prosecute the developing world's abuses rather than those who defend their equipment against it.
-
Tommyboy, this is one of the most useful packages I have installed so far. You sir, have made my life worth living again. :)
Although, I really hate the idea that someday these type of blocks will become more common where we just get sick of countries who have such a high fraud profile that we simply block the entire country, I have to admit that since I never to ANY business with about 90% of them that I don't feel bad about personally blocking them. I can, however, imagine a world of elitists where we block internet traffic from the majority of the developing world due to endless waves of spam and sniffing.
I guess the burden of this future will be more in the hands of those who prosecute the developing world's abuses rather than those who defend their equipment against it.
Thank you.
You are right. Unfortunately, I don't feel bad. A country constantly scanning me or sending SPAM needs to be blocked on my network. I don't want them looking at my website, searching for vulnerabilities, or constantly trying to brute force my SSH server. I made it easy for me and those who get frustrated with trying to minimize the damage caused by these countries. Blocking the entire country could affect them, but I don't see how. If you did business with that country then you wouldn't block them but if you have no business then no harm done.
Maybe more tools like this will cause countries to enforce laws more in the future. Who knows… -
I run my own postfix mail server. Probably 80% of the spam comes from russia, china, korea or japan. I get no legitimate mail from anyone in those countries. So, I will be installing this ASAP :)
-
Thank you.
You are right. Unfortunately, I don't feel bad. A country constantly scanning me or sending SPAM needs to be blocked on my network. I don't want them looking at my website, searching for vulnerabilities, or constantly trying to brute force my SSH server. I made it easy for me and those who get frustrated with trying to minimize the damage caused by these countries. Blocking the entire country could affect them, but I don't see how. If you did business with that country then you wouldn't block them but if you have no business then no harm done.
Maybe more tools like this will cause countries to enforce laws more in the future. Who knows…Where feasible, it's sensible security policy regardless of where you are in the world - if you don't have to allow something, don't allow it. Many companies do no business outside of their own country or a select few countries, so why allow the entire Internet? As useful as it is for those in this thread, who look to be largely in the US, it's just as useful to those in countries some US companies may want to block. Abuse isn't limited to any particular country, it comes from all over. A Russian company that does no business in the US could drop off their spam and hack attempts considerably by blocking the US, where it's sensible for some US companies to do the opposite. The same way those of us in the US see all these attacks from Russia, China, India, Nigeria, and elsewhere, people in those countries see just as much abuse from hosts in the US and see it the same way in the same circumstances - unnecessary traffic that can be blocked entirely. This isn't limited to any country, and isn't that much about enforcing sensible policies on Internet users. That's largely done in the US, but a large portion of the spam and hack attempts we see come from the US.
Keep in mind this can help a lot, but if you're being specifically targeted, may not provide the level of assurance you think it does. Every country has plenty of compromised hosts, or hosts that can be compromised, to use to launch attacks. It's a good measure to drop off things you know have no place being on your network, but still leaves plenty of exposure.
-
to th enewbie guy, country block in the 1.23 packages not installed (if you're using 1.2.3 pfsense release).
-
I'm having trouble with this package. After I click save, it says "Current status = Running". But a few minutes later it will stop running. Any ideas on how to debug this?
FYI, I only have the "Top Spammers" checked.
-
I'm having trouble with this package. After I click save, it says "Current status = Running". But a few minutes later it will stop running. Any ideas on how to debug this?
FYI, I only have the "Top Spammers" checked.
Are you making changes to firewall settings? Please read the FAQ on the first post.
