IP-Blocklist
-
This is awesome. Thanks so much! The new whitelist is great - it's exactly what I was hoping for.
One thing, though: outbound blocks aren't logging. Should they? The setting is set to log.Glad you like it. Outbound doesn't log. I just never got to it. You can modify the script to log outbound on your own if you want. Just edit the script in /usr/local/www/packages/ipblocklist/ and /usr/local/etc/rc.d/ to include logging.
Perhaps I will add it soon as a minor update.
-
This is awesome. Thanks so much! The new whitelist is great - it's exactly what I was hoping for.
One thing, though: outbound blocks aren't logging. Should they? The setting is set to log.Glad you like it. Outbound doesn't log. I just never got to it. You can modify the script to log outbound on your own if you want. Just edit the script in /usr/local/www/packages/ipblocklist/ and /usr/local/etc/rc.d/ to include logging.
Perhaps I will add it soon as a minor update.
I would love to, but I wasn't able to make any sense of these. I don't know what makes the packet filter log drop rules.
-
This is awesome. Thanks so much! The new whitelist is great - it's exactly what I was hoping for.
One thing, though: outbound blocks aren't logging. Should they? The setting is set to log.Glad you like it. Outbound doesn't log. I just never got to it. You can modify the script to log outbound on your own if you want. Just edit the script in /usr/local/www/packages/ipblocklist/ and /usr/local/etc/rc.d/ to include logging.
Perhaps I will add it soon as a minor update.
I would love to, but I wasn't able to make any sense of these. I don't know what makes the packet filter log drop rules.
This is only a temporary fix until I update the package:
Sorry about that, I was on my way out the door when I replied. The two files you need to modify are /usr/local/www/packages/ipblocklist/convert-execute.sh and /usr/local/etc/rc.d/IP-Blocklist.shStarting at line 112 look for the line "if [ -f /usr/local/www/packages/ipblocklist/OUTBOUND ]; then"
The next line should have something like "echo "block quick from $i to <ipblocklist>label 'IP-Blocklist'" >> /tmp/rules.debug.tmp"Replace "echo "block quick from $i to <ipblocklist>label 'IP-Blocklist'" >> /tmp/rules.debug.tmp"
with "echo "block log quick from $i to <ipblocklist>label 'IP-Blocklist'" >> /tmp/rules.debug.tmp"So basically replace "block quick from" with "block log quick from"
Keep in mind that this forces logging on your outbound. Sometime in the near future I will push a minor update that will allow logging on IN and OUT traffic depending on your settings.
Note: for convert-execute.sh it's line 113 and for IP-Blocklist.sh it's line 118</ipblocklist></ipblocklist></ipblocklist>
-
Thank you so much, TommyBoy! I needed this to find what was being blocked and preventing me from playing modern warfare 2. =)
[EDIT]
Here is my whitelist to allow Ps3 online play. These were blocked by bt_level1.gz.
store.playstation.com:199.108.4.76-199.108.4.76
ena.net.playstation.net:198.107.158.197-198.107.158.198
ena.net.playstation.net:198.107.158.166-198.107.158.166
xmb.dl.playstation.net:208.111.185.235-208.111.185.235
xmb.dl.playstation.net:208.111.185.249-208.111.185.249 -
Can't uninstall ipblocklist…
I didn't find Countryblock right away, so installed ipblocklist instead...
After that, I found countryblock - and this was what I needed...ipblocklist is uninstalled, but still accessible from within the gui... can I remove it somehow ?
forgot to mention : i'm running it on the 1.2.3 platform, on a dual xeon server.
-
Can't uninstall ipblocklist…
I didn't find Countryblock right away, so installed ipblocklist instead...
After that, I found countryblock - and this was what I needed...ipblocklist is uninstalled, but still accessible from within the gui... can I remove it somehow ?
I think I know the problem. It's due to me changing the naming convention for 1.2.3 so I could push a differnt IP-Blocklist for BETA2.0.
You can edit your config.xml file and edit our the IP-Blocklist portion. Try re-installing and uninstalling if you're uncomfortable with editing your config. -
Don't mind fiddling within CONFIG.XML… I'll try this...
Uninstalling, re-installing and uninstalling didn't help yesterday... so i'll dig into the config.xml - thanks.I'll have to look into CountryBlock too- but I'll post the why's and how's in the other thread later on ;)
thank you for your reply.
-
Beginner problems here.
Usage
Add direct link to list and press (Example: Level1, Level2, Level3)
Compressed lists should have .gz extention and follows PeerBlock syntaxWarning! - Apply after firewall change or state reset. Use at your own risk.
Current Status = Running
You are blocking 0 Networks/IPs
Q: How do I know if the list got applied?
A: The package web interface will display the current status.
Links i've attempted to use
http://list11.iblocklist.com/files/bt_spyware.gz
http://iblocklist.whitacrecomputers.com/files/bt_level3.gz
and several other i've verified are in the correct format including small handmade lists hosted on the LANRunning Pfsense 1.2.3
Other packages installed: Dashboard
built on Sun Dec 6 23:21:36 EST 2009
FreeBSD 7.2-RELEASE-p5 i386Q: I have the "Enable" check box checked but I don't think its blocking any IPs
A: Any Errors will be at the bottom of the page when you press Save/Update
I get no error messages after Save/Update -
Same problem here on 1.2.3 Release
Doesn't block anything
Doesn't uninstall correctly, IP BlockList still available in menugot this in the log: Dec 5 14:05:45 root: IP-Blocklist was found not running
Usage Add direct link to list and press (Example: Level1, Level2, Level3) Compressed lists should have .gz extention and follows PeerBlock syntax Warning! - Apply after firewall change or state reset. Use at your own risk. Current Status = NOT running /tmp/rules.debug:87: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory You are blocking 0 Networks/IPsI uninstall, resintalled, uninstalled to no avail.
-
Same problem here on 1.2.3 Release
Doesn't block anything
Doesn't uninstall correctly, IP BlockList still available in menugot this in the log: Dec 5 14:05:45 root: IP-Blocklist was found not running
Usage Add direct link to list and press (Example: Level1, Level2, Level3) Compressed lists should have .gz extention and follows PeerBlock syntax Warning! - Apply after firewall change or state reset. Use at your own risk. Current Status = NOT running /tmp/rules.debug:87: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory You are blocking 0 Networks/IPsI uninstall, resintalled, uninstalled to no avail.
Yeah I just checked mine too. Uninstall does nothing
-
I will look into the uninstall problem tonight. As far as getting it running make sure your using direct links to lists. Try using one of the example lists.
-
I tried all three lists on the configuration page to no avail.
-
IP-Blocklist 3.0.1 released!
fixed uninstall problem.
updated perl to 5.12
updated netCIDR to 0.14pfsense 1.2.3 has been tested.
pfsense 2.0BETA not tested.
Completely uninstall IP-Blocklist. If you still have a link for IP-Blocklist then run "rm -R /usr/local/www/packages/ipblocklist" and "rm /usr/local/etc/rc.d/IP-Blocklist.sh" before re-installing 3.0.1
-
You are all kinds of awesome. Started working right away.
Thanks -
-
So I rm the package rm -R /usr/local/www/packages/ipblocklist" and "rm /usr/local/etc/rc.d/IP-Blocklist.sh"
I reinstalled, doesn't block any .gz listRemoved, uninstallation went fine, the menu are not present in Firewall menu :)
Install again, still You are blocking 0 Networks/IPs
I modified /etc/inc/config.inc from 128MB to 256M and /usr/local/lib/php.ini from 32M to 128M
no change (not sure if I have to reboot or not)Uninstall is my next move
-
So I rm the package rm -R /usr/local/www/packages/ipblocklist" and "rm /usr/local/etc/rc.d/IP-Blocklist.sh"
I reinstalled, doesn't block any .gz listRemoved, uninstallation went fine, the menu are not present in Firewall menu :)
Install again, still You are blocking 0 Networks/IPs
I modified /etc/inc/config.inc from 128MB to 256M and /usr/local/lib/php.ini from 32M to 128M
no change (not sure if I have to reboot or not)Uninstall is my next move
Uninstall the package from your package manager page and then re-install. That should do it. The rm -R command was only for those that still had a link after uninstalling and still had the package installed.
-
It seem to working perfectly, without any issues. However, how do I know it's actively blocking in real time, is there's a way to monitor this similar to logfile? I enabled Logging, and I don't see it under Status > System Logs
-
hm, I seem to be failing at everything, lol.
Uninstall IP-Blocklist OK, but link remains.
Executed the CL as suggested above to remove the link, and the link remains (when clicked, 404 - Not Found). Reboot / reinstall / uninstall in any/every order doesn't seem to help, IP-Blocklist 3.0 keeps installing (instead of 3.0.1), and Running, but Blocking = 0 Networks.
-
An old config is preventing you from getting the new version. I forget where the directory is but I think it somewhere near /usr/etc/pkgs or something like that. Just delete everything IP-Blocklist/ipblocklist.
I can't tell for sure since I'm away from home right now (working on my CCENT/CCNA). If you can't get it working let me know, I can probably get a VM of pfsense up if I need to.
