IP-Blocklist

killervette

I did the above and still no go

php: : The command '/usr/local/pkg/pf/IP-Blocklist.sh start' returned exit code '2', the output was 'not running root: IP-Blocklist was found not running 0 table deleted. 0 table deleted. rm: /tmp/rules.debug.tmp: No such file or directory /usr/local/pkg/pf/IP-Blocklist.sh: cannot create /usr/local/www/packages/ipblocklist/errorOUT.txt: No such file or directory rm: /tmp/rules.debug.tmp: No such file or directory 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 cat: /usr/local/www/packages/ipblocklist/interfaces.txt: No such file or directory 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 rm: /u

pkg_info is as follows:

GeoIP-1.4.8_1 Find the country that any IP address or hostname originates
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
expat-2.0.1_1 XML 1.0 parser written in C
font-util-1.2.0 Create an index of X font files in a directory
fontconfig-2.8.0,1 An XML-based font configuration API for X Windows
fontconfig-2.8.0_1,1 An XML-based font configuration API for X Windows
freetype2-2.4.3 A free and portable TrueType font rendering engine
freetype2-2.4.4 A free and portable TrueType font rendering engine
gd-2.0.35_7,1 A graphics library for fast creation of images
gdbm-1.8.3_3 The GNU database manager
gettext-0.18.1.1 GNU gettext package
graphviz-2.28.0 Graph Visualization Software from AT&T and Bell Labs
grub-0.97_4 GRand Unified Bootloader
jpeg-8_3 IJG's jpeg compression utilities
libart_lgpl-2.3.21,1 Library for high-performance 2D graphics
libevent-1.4.14b_2 Provides an API to execute callback functions on certain ev
libiconv-1.13.1_1 A character set conversion library
libltdl-2.4 System independent dlopen wrapper
libpcap-1.1.1_1 Ubiquitous network traffic capture library
libxml2-2.7.8_1 XML parser library for GNOME
ntop-4.0.1_1 Network monitoring tool with command line and web interface
perl-5.12.3 Practical Extraction and Report Language
pkg-config-0.25_1 A utility to retrieve information about installed libraries
png-1.4.4 Library for manipulating PNG images
png-1.4.5_1 Library for manipulating PNG images
python27-2.7.2_1 An interpreted object-oriented programming language
rrdtool-1.2.26_1 Round Robin Database Tools
urwfonts-1.0_3 Another font package for X
webfonts-0.30_6 TrueType core fonts for the Web

killervette

update…i added two different lists. I think the second one worked. The first one showed no networks blocked. When I added the second one it shows 34xx networks blocked. Is it something to do with the way iblocklist fowards to a different URL???

http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz
http://iblocklist.dbnservers.net/files/wujnnzxrgppvpdujdetm/bt_ads.gz

tommyboy180

I don't see p5-net-cidr in your lists of packages. That package is required by ipblocklist.

killervette

@tommyboy180:

I don't see p5-net-cidr in your lists of packages. That package is required by ipblocklist.

It's there now. All seems to be working now. Thanks alot

RonpfS

Update on my setup


$ setenv PACKAGESITE "ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/"

$ pkg_add -r p5-Net-CIDR
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/p5-Net-CIDR.tbz... Done.
pkg_add: warning: package 'p5-Net-CIDR-0.14' requires 'perl-5.12.4_2', but 'perl-5.12.3' is installed

$ pkg_add -r perl
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/perl.tbz... Done.
pkg_add: package 'perl-5.12.4_2' or its older version already installed

$ pkg_info
GeoIP-1.4.8_1       Find the country that any IP address or hostname originates
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
expat-2.0.1_1       XML 1.0 parser written in C
font-util-1.2.0     Create an index of X font files in a directory
fontconfig-2.8.0,1  An XML-based font configuration API for X Windows
fontconfig-2.8.0_1,1 An XML-based font configuration API for X Windows
freetype2-2.4.3     A free and portable TrueType font rendering engine
freetype2-2.4.4     A free and portable TrueType font rendering engine
gd-2.0.35_7,1       A graphics library for fast creation of images
gdbm-1.8.3_3        The GNU database manager
gettext-0.18.1.1    GNU gettext package
graphviz-2.28.0     Graph Visualization Software from AT&T and Bell Labs
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libart_lgpl-2.3.21,1 Library for high-performance 2D graphics
libevent-1.4.14b_2  Provides an API to execute callback functions on certain ev
libiconv-1.13.1_1   A character set conversion library
libltdl-2.4         System independent dlopen wrapper
libpcap-1.1.1_1     Ubiquitous network traffic capture library
libxml2-2.7.8_1     XML parser library for GNOME
ntop-4.0.1_1        Network monitoring tool with command line and web interface
p5-Net-CIDR-0.14    Perl module to manipulate IPv4/IPv6 netblocks in CIDR notat
perl-5.12.3         Practical Extraction and Report Language
pkg-config-0.25_1   A utility to retrieve information about installed libraries
png-1.4.4           Library for manipulating PNG images
png-1.4.5_1         Library for manipulating PNG images
python27-2.7.2_1    An interpreted object-oriented programming language
rrdtool-1.2.26_1    Round Robin Database Tools
urwfonts-1.0_3      Another font package for X
webfonts-0.30_6     TrueType core fonts for the Web

So I reverted back again
removed p5-Net-CIDR-0.14, IP-blocklist, ntop

installed perl, p5-Net-CIDR


$ pkg_info
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
gettext-0.18.1.1    GNU gettext package
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libiconv-1.13.1_1   A character set conversion library

$ pkg_add -r perl
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/perl.tbz... Done.
Removing stale symlinks from /usr/bin...
    Skipping /usr/bin/perl
    Skipping /usr/bin/perl5
Done.
Creating various symlinks in /usr/bin...
    Symlinking /usr/local/bin/perl5.12.4 to /usr/bin/perl
    Symlinking /usr/local/bin/perl5.12.4 to /usr/bin/perl5
Done.
cd: can't cd to /usr/include
Cleaning up /etc/make.conf... Done.
Spamming /etc/make.conf... Done.

$ pkg_info
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
gettext-0.18.1.1    GNU gettext package
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libiconv-1.13.1_1   A character set conversion library
perl-5.12.4_2       Practical Extraction and Report Language

$ pkg_add -r p5-Net-CIDR
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/p5-Net-CIDR.tbz... Done.

$ pkg_info
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
gettext-0.18.1.1    GNU gettext package
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libiconv-1.13.1_1   A character set conversion library
p5-Net-CIDR-0.14    Perl module to manipulate IPv4/IPv6 netblocks in CIDR notat
perl-5.12.4_2       Practical Extraction and Report Language

install ntop than IP-Blocklist

everything works fine now


$ pkg_info                             
GeoIP-1.4.8_1       Find the country that any IP address or hostname originates
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
expat-2.0.1_1       XML 1.0 parser written in C
font-util-1.2.0     Create an index of X font files in a directory
fontconfig-2.8.0,1  An XML-based font configuration API for X Windows
fontconfig-2.8.0_1,1 An XML-based font configuration API for X Windows
freetype2-2.4.3     A free and portable TrueType font rendering engine
freetype2-2.4.4     A free and portable TrueType font rendering engine
gd-2.0.35_7,1       A graphics library for fast creation of images
gdbm-1.8.3_3        The GNU database manager
gettext-0.18.1.1    GNU gettext package
graphviz-2.28.0     Graph Visualization Software from AT&T and Bell Labs
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libart_lgpl-2.3.21,1 Library for high-performance 2D graphics
libevent-1.4.14b_2  Provides an API to execute callback functions on certain ev
libiconv-1.13.1_1   A character set conversion library
libltdl-2.4         System independent dlopen wrapper
libpcap-1.1.1_1     Ubiquitous network traffic capture library
libxml2-2.7.8_1     XML parser library for GNOME
ntop-4.0.1_1        Network monitoring tool with command line and web interface
p5-Net-CIDR-0.14    Perl module to manipulate IPv4/IPv6 netblocks in CIDR notat
perl-5.12.3         Practical Extraction and Report Language
perl-5.12.4_2       Practical Extraction and Report Language
pkg-config-0.25_1   A utility to retrieve information about installed libraries
png-1.4.4           Library for manipulating PNG images
png-1.4.5_1         Library for manipulating PNG images
python27-2.7.2_1    An interpreted object-oriented programming language
rrdtool-1.2.26_1    Round Robin Database Tools
urwfonts-1.0_3      Another font package for X
webfonts-0.30_6     TrueType core fonts for the Web

tommyboy180

Ntop and IPblocklist have a package conflict. Package users beware.

RonpfS

I updated from 0.3.3 to 0.3.4

$ pkg_info
GeoIP-1.4.8_1       Find the country that any IP address or hostname originates
bsdinstaller-2.0.2011.0913 BSD Installer mega-package
expat-2.0.1_1       XML 1.0 parser written in C
font-util-1.2.0     Create an index of X font files in a directory
fontconfig-2.8.0,1  An XML-based font configuration API for X Windows
fontconfig-2.8.0_1,1 An XML-based font configuration API for X Windows
freetype2-2.4.3     A free and portable TrueType font rendering engine
freetype2-2.4.4     A free and portable TrueType font rendering engine
gd-2.0.35_7,1       A graphics library for fast creation of images
gdbm-1.8.3_3        The GNU database manager
gettext-0.18.1.1    GNU gettext package
graphviz-2.28.0     Graph Visualization Software from AT&T and Bell Labs
grub-0.97_4         GRand Unified Bootloader
jpeg-8_3            IJG's jpeg compression utilities
libart_lgpl-2.3.21,1 Library for high-performance 2D graphics
libevent-1.4.14b_2  Provides an API to execute callback functions on certain ev
libiconv-1.13.1_1   A character set conversion library
libltdl-2.4         System independent dlopen wrapper
libpcap-1.1.1_1     Ubiquitous network traffic capture library
libxml2-2.7.8_1     XML parser library for GNOME
ntop-4.0.1_1        Network monitoring tool with command line and web interface
p5-Net-CIDR-0.14    Perl module to manipulate IPv4/IPv6 netblocks in CIDR notat
perl-5.12.3         Practical Extraction and Report Language
perl-5.12.4_2       Practical Extraction and Report Language
pkg-config-0.25_1   A utility to retrieve information about installed libraries
png-1.4.4           Library for manipulating PNG images
png-1.4.5_1         Library for manipulating PNG images
python27-2.7.2_1    An interpreted object-oriented programming language
rrdtool-1.2.26_1    Round Robin Database Tools
urwfonts-1.0_3      Another font package for X
webfonts-0.30_6     TrueType core fonts for the Web

I get the following on save, but it is working

Oct 2 20:16:24 	check_reload_status: Syncing firewall
Oct 2 20:16:24 	php: /packages/ipblocklist/ipblocklist.php: The command 'cp /usr/local/www/packages/ipblocklist/lists.txt /usr/local/www/packages/ipblocklist_bkup/lists.txt' returned exit code '1', the output was 'cp: /usr/local/www/packages/ipblocklist_bkup/lists.txt: No such file or directory'

the ipblocklist_bkup directory is not present

once created the is no error on save IP-Blocklist
and it is still Blocking IP

tommyboy180

IP-Blocklist Version 3.5 released!

blocklists are saved on system to ease updates
Corrected issues with uninstall
Widget is now available for pfsense 2.0

RonpfS

Updated to 3.5
On the Webgui IP-Blocklist

You are blocking 0 Networks/IPs

I had to save to see

You are blocking 3615 Networks/IPs

Block list are restored after reinstall ::)

Saved setting / Enable logging are not restored .

serialdie

@tommyboy180:

IP-Blocklist Version 3.5 released!

blocklists are saved on system to ease updates

Corrected issues with uninstall

Widget is now available for pfsense 2.0

Thank You for the update! :)
Any chance the widget would be available soon?

Thanks! :)

tommyboy180

@serialdie:

Any chance the widget would be available soon?

???
The widget is included in the newest version.

RonpfS

The widget is not available in Dashboard. ???

tommyboy180

When in doubt uninstall and re-install.

RonpfS

I uninstalled and re-installed 3.5

now I see the CountryBlock IPBlocklist widget ::)

serialdie

Thanks tommyboy180!

firbc

Hi,

is there any why to allow connection to blocked IP's on port 80? And if there is any way to manualy add my own IP's to whitelist? Let says that I like to unlock only one specific IP which is in blocklist.

tommyboy180

That will be in a future release.

firbc

Hi again,

Will it be possible to enable blocking only for some IP's on local network? Let say that you want to allow or denied different blocklists for different IP's on network. So one IP on local network can access everything and another would be blocked according to blocklist.

tommyboy180

@firbc:

Hi again,

Will it be possible to enable blocking only for some IP's on local network? Let say that you want to allow or denied different blocklists for different IP's on network. So one IP on local network can access everything and another would be blocked according to blocklist.

It's possible now. Take a loot at the interface options. If you create another network then you can allow/deny lists to a specific network.

firbc

So if I understand you correctly, blocklists will work for specific computer on local network?

example: