Country Block

ghm

@tommyboy180:

That's strange. I added embedded support in version 1.5 a long time ago. What package version do you have?

0.2.0 - I attach a list of my installed packages below. CB is my newest.

dlawley

@dlawley:

Something must have been hanging around.  Had to remove, then reinstall.  Now have CIDR folder and have networks blocked.

Thanks for the help, its better help than we get around here for paid support…

Sorry sorry for the misunderstanding…. I meant paid support here at our shop  ::)

mst

I am sorry for confusion …..

recently had this:

Current Status = Restarting
no IP address found for __csrf_magic
You are blocking 0 Networks

Pfsence 2.0 Beta 5 ......

ghm

@ghm:

@tommyboy180:

That's strange. I added embedded support in version 1.5 a long time ago. What package version do you have?

0.2.0 - I attach a list of my installed packages below. CB is my newest.

OK - and I can reproduce the following: My system gets a new dynamic WAN-IP every 12hrs (ISP requires that). That change renders CountyBlock not enabled and I have to re-enable manually.

Supermule

You can add a cron job…..

I cant remember which file to add to the job, but Tom knows.....:)

mst

I have the same problem even after setting up the cron. Have to manually enable it and then it works. 2.0 beta 5 …...

I have fallowed this thread with cron guidance but it looks like it does not work .....

Please advice

JackANSI

When you check "Enable Logging?" in the settings page, where is it being logged to?

tommyboy180

@JackANSI:

When you check "Enable Logging?" in the settings page, where is it being logged to?

The firewall tab under system logs.

XIII

@tommyboy180:

Thank you. I appreciate the kind words. I'm sure many other package managers are just the same.

I am only referring to my personal experience in contacting you. I know most if not all are very excellent.

For the cron job the command is : /usr/local/etc/rc.d/countryblock.sh

ghm

@XIII:

For the cron job the command is : /usr/local/etc/rc.d/countryblock.sh

I have now installed the Cron package as well, reinstalled Country Block and added the above command (every */5 minutes). It does not restart Country Block properly.  I do see the following in Syslog every 5 minutes:

root: Countryblock was found not running

Is there a restart option that I need to add or is 5min to long - or else?

Thanks!

Supermule

Is it possible to build a cron job as a part of CB?? So it does this automatically??

Supermule

My cronjob is not working either…...it starts the package every minute.

Not running is the current status and the Cron doesnt start it.

mst

After I go into the topic more deeply, I have found that Country Block is running. Problem was with crone ( */5 ) => (0) fixed the problem.

Also:


Supermule

But then it runs all the time….

Not optimal...

@mst:

After I go into the topic more deeply, I have found that Country Block is running. Problem was with crone ( */5 ) => (0) fixed the problem.

Also:

tommyboy180

@Supermule:

But then it runs all the time….

Not optimal...

@mst:

After I go into the topic more deeply, I have found that Country Block is running. Problem was with crone ( */5 ) => (0) fixed the problem.

Also:

The cron script checks to see if countryblock is running. If it is then it will exit and if countryblock is not running then it will attempt to start the package. It's fine.

ghm

@tommyboy180:

The cron script checks to see if countryblock is running. If it is then it will exit and if countryblock is not running then it will attempt to start the package. It's fine.

…still only get```
root: Countryblock was found not running

mst

sorry false alarm….. I was too happy ....

after almost one day of working get this again:

Current Status = NOT running
no IP address found for __csrf_magic

I used firefox ....

ghm

@tommyboy180:

The cron script checks to see if countryblock is running. If it is then it will exit and if countryblock is not running then it will attempt to start the package. It's fine.

I've now executed the command manually - and the status page now shows:```
Current Status = NOT running
/tmp/rules.debug:79: cannot load "/usr/local/www/packages/countryblock/lists/countries.txt": No such file or directory
You are blocking 0 Networks

Again, if I start CountryBlock manually via the WebIF its runs until the next PPPOE restart.
But the command /usr/local/etc/rc.d/countryblock.sh does not restart it.
In fact I get this if I execute it manually (yes, it echoes "not running" and then the contents is printed,,,):

$ /usr/local/etc/rc.d/countryblock.sh
not running
Content-type: text/html

#version 2.0
#check if countryblock running
export resultr=pfctl -s rules | grep -c countryblock
#echo $resultr
if [ "$resultr" -gt "0" ]; then
echo running
exit 1
else
echo not running
/usr/bin/logger -s "Countryblock was found not running"
echo "Countryblock not running" | /usr/local/bin/php /usr/local/www/packages/countryblock/email_send.php
fi

pfctl -t countryblock -T kill
sed -i -e '/countryblock/d' /tmp/rules.debug

#Now edit /tmp/rules.debug

#find my line for table
export i=grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'
export t=grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'

i=$(($i+'1'))
t=$(($t+'1'))
#i = line where <snort2c>is
#t is where 'User Aliases' is
echo $i
echo $t

rm /tmp/rules.debug.tmp

#Insert table-entry limit
sed -i -e '/900000/d' /tmp/rules.debug
while read line
do a=$(($a+1));
#echo $a;
if [ "$a" = "$t" ]; then
echo "" >> /tmp/rules.debug.tmp
echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp
fi
echo $line >> /tmp/rules.debug.tmp
done < "/tmp/rules.debug"

mv /tmp/rules.debug /tmp/rules.debug.old
mv /tmp/rules.debug.tmp /tmp/rules.debug

pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1

rm /tmp/rules.debug.tmp

#Insert countryblock rules
a="0"
echo $a
while read line
do a=$(($a+1));
echo $a;
if [ "$a" = "$i" ]; then
echo "" >> /tmp/rules.debug.tmp
echo "#countryblock" >> /tmp/rules.debug.tmp
echo "table <countryblock>persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp
echo "table <countryblockw>persist file '/usr/local/www/packages/countryblock/countries-white.txt'" >> /tmp/rules.debug.tmp

	for i in $(cat /usr/local/www/packages/countryblock/interfaces.txt); do
		echo "pass quick from <countryblockw>to $i label 'countryblock'" >> /tmp/rules.debug.tmp
		echo "pass quick from $i to <countryblockw>label 'countryblock'" >> /tmp/rules.debug.tmp
		if [ -f logging ]; then
			echo "block log quick from <countryblock>to $i label 'countryblock'" >> /tmp/rules.debug.tmp
		else
			echo "block quick from <countryblock>to $i label 'countryblock'" >> /tmp/rules.debug.tmp
		fi
		if [ -f OUTBOUND ]; then
			echo "block quick from $i to <countryblock>label 'countryblock'" >> /tmp/rules.debug.tmp
		fi
	done
fi
echo $line >> /tmp/rules.debug.tmp

done < "/tmp/rules.debug"

mv /tmp/rules.debug /tmp/rules.debug.old
mv /tmp/rules.debug.tmp /tmp/rules.debug

rm errorOUT.txt
pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/countryblock/errorOUT.txt 2>&179
10
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209</countryblock></countryblock></countryblock></countryblockw></countryblockw></countryblockw></countryblock></snort2c></snort2c>

I've left the empty lines in.

If I start Country Block via ticking the box on the WebIF and then run the script, it correctly returns```
$ /usr/local/etc/rc.d/countryblock.sh
running

This is all happening on 1.2.3 nanobsd using firefox.

mst

looks like I have the same problem as rajkedda had:

[2.0-BETA5][root@pfsense.home]/usr/local/etc/rc.d(4): ./countryblock.sh
not running
root: Countryblock was found not running
pfctl: Table does not exist.
Content-type: text/html

Message sent! - Go Back0 table deleted.
94
19
rm: /tmp/rules.debug.tmp: No such file or directory
rm: /tmp/rules.debug.tmp: No such file or directory
0
1
2
3

JackANSI

@tommyboy180:

@JackANSI:

When you check "Enable Logging?" in the settings page, where is it being logged to?

The firewall tab under system logs.

Thought so.  Then:
A. I'm getting no traffic at all from any of the top spammers,
B. Country Block isn't running even though it says "Running…. Blocking 11110 Networks",
C. Logging isn't working right for me somehow, or
D. The only traffic I have heading my way is being handled by the 28 rules I have on my TWAN interface already.

Are the country block rules before or after any rules we already have under the regular firewall rules?  Because a few of the ranges I excluded manually a long time ago show entries in the firewall log every 5-10 minutes.

Might this be related to my config and country block isn't compatible with it?  I'm running 1.2.3,  I have 2 WANs, one T1 and one cable modem.  The T1 is where I want country block (and it is selected alone under "interfaces") as it is where the servers reside.  The T1 also has 5 IP addresses assigned statically.  The cable modem handles all the client/user traffic and is the 'real' WAN port.  There are also 6 other interfaces on this machine.

In my config file I have the following being applied to that interface (the only way I could get this interface working right):

<shellcmd>/sbin/ifconfig fxp2 #.#.#.203 netmask 255.255.255.255 alias</shellcmd>
<shellcmd>/sbin/ifconfig fxp2 #.#.#.204 netmask 255.255.255.255 alias</shellcmd>
<shellcmd>/sbin/ifconfig fxp2 #.#.#.205 netmask 255.255.255.255 alias</shellcmd>
<shellcmd>/sbin/ifconfig fxp2 #.#.#.206 netmask 255.255.255.255 alias</shellcmd>
.....
<opt2><if>fxp2</if>
<descr>TWAN</descr>
<bridge><ipaddr>#.#.#.202</ipaddr>
<subnet>29</subnet>
<gateway>#.#.#.201</gateway>
<spoofmac><mtu><enable></enable></mtu></spoofmac></bridge></opt2>

I'm working on a little script that will just take the content of the files from countryipblocks.net and just creates something I can paste directly into the config.xml so I can be sure what I want blocked is blocked anyway.  But I'm willing to keep trying on CB until it works.