Debug IP Blocklist to work w/ 2.0 Beta
-
Bounty is rendered unnecessary. Thanks again, to Tommyboy180.
~~The offer is for an IBM Thinkpad T23. This is an older notebook computer.
It's a grade 'B' machine w/ nothing missing.It has a PIII 1.13GHz processor, 512MB Ram, 20GB HDD, DVD player, Power Supply.
It will come w/ a PCMCIA 10/100 NIC, for the 2nd network connection.The Battery doesn't hold a charge, but I may include one that does. It would be older and not guaranteed.
I may be able to include a docking station with it. The ds would add 1 NIC and 2 more PCMCIA slots.I pay shipping.
I know the notebook isn't worth Big$$$.
I'm guessing this won't take a lot of time, and thereby my offer might be a reasonable one.******~~
What I'm looking for is someone who could debug Tommyboy180's IP BlockList package;
to run -reasonably reliably- on a particular pfSense 2.0 Beta installation.
Tommyboy180 can't dedicate time - right now - to debug porting it over from 1.2 to 2.0.
It seems to run fine on 2.0, more often than not.I'm competent, but my BSD skill-set isn't that developed, yet.
I have IP Blocklist working on a different Beta 2.I've wiped, reloaded, tried dozens of builds - often w/ no other packages installed.
I've switched hardware (from this Thinkpad to my current Dell).
My trials are detailed here-> http://forum.pfsense.org/index.php/topic,24769.msg154680.html#msg154680I understand pfSense 2.0 is BETA. I know the code is continually changing. I don't expect miracles or indentured servitude.
I have one machine in particular I'd like IP Blocklist to behave on. I'd be really happy if that could happen.It'd be double-extra groovy if you'd try to restore IP Blocklist; if some new pfSense 2.0 feature comes along and renders it inoperable:
(Like CSFR seems to have done)->http://forum.pfsense.org/index.php/topic,29987.0/topicseen.htmlAgain: I'm only looking for a reasonable effort. We're both taking a small risk and I don't have unrealistic expectations.
If you think you could stick with me, through an additional bug or two;
then the docking station and better battery will arrive in the initial shipment.
There are a couple of caveats.
-
This can't become Tommyboy180's project. He's done a lot for the pfSense community and needs a life.
-
You can't overwrite his original code in the pfSense depository. He doesn't have a local copy right now.
Full Notebook Disclosure/Details.
I -dependably- ran pfSense 2 Beta on this notebook; from this past spring till last week.
I firewalled a small company w/ it and avg uptime was 30-60 days (when I'd restart it for an update).
I took it offline to substitute a P4 Dell.I wouldn't run Squid+SquidGuard+Shallalist+massive custom ACL's on it.
I did that on it's twin and it bogged down as it didn't have enough RAM.The only problem I ever had w/ it is an occasional bogus FAN error.
The error occurred 4x over 8 months and only on boot. The fan itself, is fine.
This is a known issue w/ this gen Thinkpad, I never had the time to debug it.
It might be related to the docking station, as it only ever happened when docked.End Disclosure
I'm moving home+office this month, so may be back here often, or not so often.
Thanks.
Noah Vail -
-
The problem is you have not specified was wrong or i missed it!
We all are busy and have life but still do pfSense :)
-
@ermal:
The problem is you have not specified was wrong or i missed it!
Well, I linked to what was wrong.
http://forum.pfsense.org/index.php/topic,24769.msg154680.html#msg154680
But I wasn't very clear what was in the link.Anyhoo, the problem goes like this.
1. Paste my list link into the form and press '+'.
( ex: http://iblocklist.charlieprice.org/files/bt_spyware.gz - I've tried several good .gz links.)
2. Check 'Enable IP-Blocklist.
3. Click Save/Update.Then the 'Current List' disappears entirely.
(I can bring it back by pressing '+', but that doesn't effect anything.)My Status is always….
Current Status = Running
You are blocking 0 IPs
I have tried every possible combination of buttons; Save, Save/Update, etc.
I have uninstalled Country Block (the only other package) and tried IPBlocklist by itself.
I have tried rebooting between installs and configs.
I have tried a number of different versions of pfSense 2.0-BETA.My results have been 100% consistent. Status Running - Blocking 0 IPs.
@ermal:
We all are busy and have life but still do pfSense :)
You have a life? How cool is that! What's it like? Can I have one too?
NV
-
Okay! After a long night I think you will be happy.
I found the reason why the package doesn't play nice in 2.0 and I will be pushing an update very soon. I think I will update the package to the quality that countryblock is.Long story short FreeBSD 8 kicked a bunch of legacy packages to the curb. IP-Blocklist relies on a Perl module to convert IP ranges to CIDR using libcrypt.so.4 which is not found in BETA2.0.
For now I tell BETA2.0 to install the legacy port until I can find a replacement Perl script. I'm not sure how this will affect BETA2.0 x64 so if someone can test I would be very happy.
I know my involvement comes as a surprise to NoahVail but after seeing that you posted the bounty made me think that I could spare a night to help out a friend. Just don't tell my wife I turned her PC into a pfsense box. Hopefully I will have it back to normal before she wakes up. :)
-
You could just install it in a virtual machine for testing…
By the way, in 2.0 there is a PHP function in /etc/inc/util.inc for converting an IP range to a series of IP/CIDR subnets.
-
@Efonne:
You could just install it in a virtual machine for testing…
By the way, in 2.0 there is a PHP function in /etc/inc/util.inc for converting an IP range to a series of IP/CIDR subnets.
Excellent. I will look at the function. I won't be able to completely switch over the the function however since I need to support 1.2.3. Is there an easy way to determine if the pfsense install is FreeBSD 8 or 7 in the package install scripts?
-
I'm not really sure. However, if you just want to know if a function exists there is the function_exists call. For example:
if (function_exists("my_function")) my_function() -
Done! Version 3.0 is out.
DEVs, do me a favor and don't look at the RCS server! I had a bad morning :)