Note about "Bogon Network" blocking.

FJSchrankJr

Not sure about pfSense 2.0-RC1 but the the bogon network blocking rule for pfSense 1.2.3-RELEASE should be updated (IPv4). We just had a India based ISP contact us because their new IP allocation of 1.22.0.0 was blocked automatically by this rule and their users could not access our network.

Those rules are in place to prevent unassigned/reserved networks from accessing you which is great but because of the IPv4 shortage more and more IPs from these bogon IP blocks are being assigned so it either needs to be updated or removed in certain cases like ours.

GruensFroeschli

It automatically updates once a month.

FJSchrankJr

@GruensFroeschli:

It automatically updates once a month.

In 2.0-RC1 or 1.2.3-RELEASE? or, both? Thank you.

GruensFroeschli

The same on 1.2.3 and 2.0

Go to YourPfSense/status.php and search for the <cron>tag.
You should see somewhere this:
        <minute>1</minute>
            <hour>3</hour>
            <mday>1</mday>
            <month></month>
            <wday></wday>
            <who>root</who>
            <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</cron>

FJSchrankJr

@GruensFroeschli:

The same on 1.2.3 and 2.0

Go to YourPfSense/status.php and search for the <cron>tag.
You should see somewhere this:
        <minute>1</minute>
           <hour>3</hour>
           <mday>1</mday>
           <month></month>
           <wday></wday>
           <who>root</who>
           <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</cron>

I had no idea there was a cron job for that. I will manually run that script and change the timing on the job, thanks.

btw: "No I will not fix your computer!", That drives me nuts people assume you will fix their computer because you are involved with I.T. stuff… The more you know, the more they ask. I am going to start telling people I work at Burger King.

AhnHEL

In the 2.0 Web GUI, you can go to Diagnostics/Tables and select Bogons from the Tables drop down menu.  Hit the download button to update manually without changing the Cron job.

FJSchrankJr

@onhel:

In the 2.0 Web GUI, you can go to Diagnostics/Tables and select Bogons from the Tables drop down menu.  Hit the download button to update manually without changing the Cron job.

Great – thank you for that. I have not played around too much with 2.0-RC1 other then some testing.

900mhzdude

sense we are on the Topic how do I get this option on my other 2 WAN's in pfsense 1.2.3?

I Can only get it on Primary WAN :(

cmb

@900mhzdude:

sense we are on the Topic how do I get this option on my other 2 WAN's in pfsense 1.2.3?

you can't, 2.0 only.