Country Block
-
I seem to be having an email problem. The following settings:
SMTP Auth: No
SMTP Security: None
Host: isp smtp address
Port: 25
U: <blank>P: <blank>Use HTML formatting: Yes
From email address: isp email address
To email address: personal email address
Subject: Check CountryblockClick Save: Couldn't write values to file!
Click Test: 404 on packages/countryblock/email_send.php
I've uninstalled the package, rebooted pfsense, re-installed package, reconfigured, attempted email and still the same error code.</blank></blank>
-
Thank you for all the time and hard work that you have put into created this great package Tommyboy.
When i have the Block outbound? check I see a lot source inbound activity being block from the outside in system log, but if i uncheck the Block outbound their is no more activity in the system logs, all interface check, Enable Logging check, Current Status = Running, You are blocking 108212 Networks. its running but was wondering if its blocking inbound connections
ToxIcon,
you still are blocking. To test you can use a proxy or use your work network.
As each attempt comes in or out you will see it in the log if you have it checked. If you don't see anything in the logs then the sites that you are blocking are not trying to send traffic your way.I seem to be having an email problem. The following settings:
SMTP Auth: No
SMTP Security: None
Host: isp smtp address
Port: 25
U: <blank>P: <blank>Use HTML formatting: Yes
From email address: isp email address
To email address: personal email address
Subject: Check CountryblockClick Save: Couldn't write values to file!
Click Test: 404 on packages/countryblock/email_send.php
I've uninstalled the package, rebooted pfsense, re-installed package, reconfigured, attempted email and still the same error code.</blank></blank>
Username is blank. This is causing the error. Right now password is allowed blank. You can edit the page and copy the syntax I have on password to username as well.
I will allow blank usernames on my next update. -
A weird error seems to have cropped up in my CB installation:
Here, I've chosen only the Top Spammers:
"Check the country that you would like to block completely. Currently 10 of 246 selected."And, just above the Save/Update button:
"Current Status = Running
/tmp/rules.debug:378: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory
You are blocking 0 Networks"I've re-installed, as well as uninstall/re-install - same error. The error is not there if no countries are selected.
Thanks for any input
-
When I got this error, I had to uninstall it, then reboot, then reinstall it.
Are you on a beta build? Most of my issues like this was due to a beta update that corrupted items. Once I installed most recent beta cleanly and redid CB all my issues like this went away.
-
I have gotten this error as well, I went to IP Blocklist (which I have installed as well) and enabled/updated it then went back to CB and tried again and it updated without errors.
-
I have gotten this error as well, I went to IP Blocklist (which I have installed as well) and enabled/updated it then went back to CB and tried again and it updated without errors.
Thanks XIII, that did the trick
-
Your welcome. CB and IP Blocklist were designed to work together.
From what I have noticed, the error does not happen that often. I have only seen it twice in the several months that I have had both. -
I sure appreciate BOTH packages :)
-
This is odd but I thought I'd at least ask in case I forgot something. I just switched bsd boxes as I needed more pci slots and everything has been set up running smooth now for a few weeks. It appears that I'm getting more foreign spam than I did before. Coincidentally, I used to receive maybe 3 a week and their IPs would be here in the US anyway. Now, it seems I get about 10/day from IPs listed under different countries.
My question is, does Country Block also block spam from different countries that happen to come from relays outside the US, if selected? Maybe just a weird coincidence but I gave CB all the credit!
The difference is that the old bsd box had 1.7 and this one is the latest 1.9 version. I also have outbound blocked now (not before) on all NICs (WAN, server, backup server, son's) except the one for my personal lan as not to interfere with my browsing. Whitelist is still empty. Email settings are also added now but every time I test I get a Warning fsockopen() error. Thoughts?
UPDATE 1:
Just a quick thought - I used to have IP Blocklist on the old box with a few .gz installed…but I eventually had it disabled as it was blocking a lot of stuff and then CB came out. It just seems that if I checked a certain country under CB then I wouldn't see anymore email from that country...UPDATE 2:
Well I installed IP-Blocklist and it didn't block the spam but it did a few other sites which I'll need to clean up. Weird. Why would I be getting spam in from countries that are blocked? Well I went ahead and uninstalled the package, rebooted pfsense, reinstalled Country Block, and just re-configured it. The only difference I have on this box vs. the old one is that (besides not being version 1.7) I have block outbound checked and I only have the first option under "Interfaces" unchecked which is LAN.UPDATE 3:
Well I just checked Country Block…damn more foreign spam. This time I'm going to unblock outgoing, select all my interfaces, and then reboot. That's it, everything is as it was on the old box outside of this being a newer version. I'm stumped if this doesn't work.UPDATE 4:
Well I'm confused now…I'm still receiving spam from all sorts of countries. Any ideas as to what I could be doing wrong? -
This is odd but I thought I'd at least ask in case I forgot something. I just switched bsd boxes as I needed more pci slots and everything has been set up running smooth now for a few weeks. It appears that I'm getting more foreign spam than I did before. Coincidentally, I used to receive maybe 3 a week and their IPs would be here in the US anyway. Now, it seems I get about 10/day from IPs listed under different countries.
My question is, does Country Block also block spam from different countries that happen to come from relays outside the US, if selected? Maybe just a weird coincidence but I gave CB all the credit!
The difference is that the old bsd box had 1.7 and this one is the latest 1.9 version. I also have outbound blocked now (not before) on all NICs (WAN, server, backup server, son's) except the one for my personal lan as not to interfere with my browsing. Whitelist is still empty. Email settings are also added now but every time I test I get a Warning fsockopen() error. Thoughts?
UPDATE 1:
Just a quick thought - I used to have IP Blocklist on the old box with a few .gz installed…but I eventually had it disabled as it was blocking a lot of stuff and then CB came out. It just seems that if I checked a certain country under CB then I wouldn't see anymore email from that country...UPDATE 2:
Well I installed IP-Blocklist and it didn't block the spam but it did a few other sites which I'll need to clean up. Weird. Why would I be getting spam in from countries that are blocked? Well I went ahead and uninstalled the package, rebooted pfsense, reinstalled Country Block, and just re-configured it. The only difference I have on this box vs. the old one is that (besides not being version 1.7) I have block outbound checked and I only have the first option under "Interfaces" unchecked which is LAN.UPDATE 3:
Well I just checked Country Block…damn more foreign spam. This time I'm going to unblock outgoing, select all my interfaces, and then reboot. That's it, everything is as it was on the old box outside of this being a newer version. I'm stumped if this doesn't work.UPDATE 4:
Well I'm confused now…I'm still receiving spam from all sorts of countries. Any ideas as to what I could be doing wrong?I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
-
I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
All interfaces have been checked since "update 4" and I'm going to re-check block outbound. I now got 245/246 countries (not US) selected and it says I am blocking 70330 Networks. I have no whitelist and no email is configured. I just removed the cron command and rebooted just in case. I'm at a loss - the only difference I have now is simply the version was 1.7 and now is 1.9. Anyone else experiencing anything with version 1.9? Is there a temporary rollback for testing?
-
I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
All interfaces have been checked since "update 4" and I'm going to re-check block outbound. I now got 245/246 countries (not US) selected and it says I am blocking 70330 Networks. I have no whitelist and no email is configured. I just removed the cron command and rebooted just in case. I'm at a loss - the only difference I have now is simply the version was 1.7 and now is 1.9. Anyone else experiencing anything with version 1.9? Is there a temporary rollback for testing?
I could look and see if I have a backup of the old version but it would be moot. The underlying way that 1.9 and any other version including 1.0 works is by editing the pf firewall. 1.9 just has some nice bells and whistles but it's not to different the my first version.
Can you locate the IPs or even a single IP that continues to SPAM you? We can find out exactly what is going on if you can give me some IPs.
-
Are you hosting your own mailserver?
It doesnt work if your uplink mailexchanger is not in a blacklistet country or have CB installed. Therefore the FW is not blocking the mails….
Very simple.
-
I could look and see if I have a backup of the old version but it would be moot. The underlying way that 1.9 and any other version including 1.0 works is by editing the pf firewall. 1.9 just has some nice bells and whistles but it's not to different the my first version.
Can you locate the IPs or even a single IP that continues to SPAM you? We can find out exactly what is going on if you can give me some IPs.
Well going back probably isn't the problem as no one else is mentioning anything. It has to be something on my box here.
For some IPs:
187.0.71.242 - Brazil
84.55.115.109 - Sweden
95.153.123.72 - Moldova, Republic of
122.178.183.132 - India
110.136.188.169 - Indonesia
110.138.16.91 - Indonesia
41.182.128.63 - Namibia
95.132.175.117 - Ukraine
178.94.120.115 - (emailed twice, ?)
89.254.241.130 - Russian Federation
89.231.54.200 - Poland
110.136.251.98 - IndonesiaThese are just from spam I received last night… I go to here for IP lookup.
Are you hosting your own mailserver?
It doesnt work if your uplink mailexchanger is not in a blacklistet country or have CB installed. Therefore the FW is not blocking the mails….
Very simple.
Well I am piggy backing off my ISPs relay server settings but yes I have my own email residing on my own server/domain. Nothing overly fancy but an educational project all together. I got every country except the US selected and I seemed to be able to successfully block all spam on the old bsd box where if I unblocked a country then the next day I may have a few from that country. What is simple to you is still quite a challenge for me…thank you though for your patience.
-
Did you change mailserver software when changing bsd box?
-
Did you change mailserver software when changing bsd box?
Mailserver software…I didn't change anything on my server except the static IP so that it would reflect the new network. My server resides on Opt2. Was there a switch somewhere in the bsd box that I may have quite possibly overlooked? I did compare the two before switching them out however with all the details and human error it is quite possible.
-
Did you change mailserver software when changing bsd box?
Mailserver software…I didn't change anything on my server except the static IP so that it would reflect the new network. My server resides on Opt2. Was there a switch somewhere in the bsd box that I may have quite possibly overlooked? I did compare the two before switching them out however with all the details and human error it is quite possible.
Can you PM me the contents of /tmp/rules.debug Make sure countryblock is running before sending me the contents.
You can also email to me if you like. -
Well I plugged in the old bsd box and walla…not a piece of spam except three marked from the US. So I looked over everything and the only change I could see was the MAC address of the WAN which gave me a different IP so I cloned it to keep the old IP address and then I put the Server on LAN. We'll see what happens next.
UPDATE:
Well I got a ton of spam again. There must be some hidden change between the two as one blocks and the other doesn't. The CB, LAN, NAT, and Rules settings are all the same. -
Well I plugged in the old bsd box and walla…not a piece of spam except three marked from the US. So I looked over everything and the only change I could see was the MAC address of the WAN which gave me a different IP so I cloned it to keep the old IP address and then I put the Server on LAN. We'll see what happens next.
UPDATE:
Well I got a ton of spam again. There must be some hidden change between the two as one blocks and the other doesn't. The CB, LAN, NAT, and Rules settings are all the same.Can you zip the contents of /usr/local/www/packages/countryblock and email it to me. I will compare line by line and see what could have changed for you. Also email me your xml config. I want to replicate your issues in a virtual network over here. Your problem really intrigues me since I have no clue what the problem may be.
-
Hi everybody
First of all a great thank to Countryblock developers !
I have not understood what the email tab is used to ?
Therefore I have configured it.
SMTP auth no (All hosts on the lan can access the Postfix server)
SMTP security none
Host my_mail_server
Port 25
Username leave_blank
Password leave_blank
From email address my_own_address
To email address admin_address
Subject TestWhen I click "Save" I have a blank screen and my configuration is not saved when I come back to the email tab.
When I fill in username, password after saving I click "Test" and I get the following error message :
Warning: fsockopen(): php_network_getaddresses: getaddrinfo failed: hostname nor servname provided, or not known in /usr/local/www/packages/countryblock/class.smtp.php on line 122 Warning: fsockopen(): unable to connect to none://zimbra:25 in /usr/local/www/packages/countryblock/class.smtp.php on line 122 Mailer Error: SMTP Error: Could not connect to SMTP host.
I have the same error when I replace the name of my mail server with its IP address.
Any ideas ?
Anticipated thanks.
Best regards.
Bernard