PfBlocker
- 
 Hi there.. good day.. I am new to this pfBlocker, how to apply the pfBlocker rules to grouped interface, such as if i have grouped multiple WAN interface on pfSense setting.. thank you very much… 
- 
 how to apply the pfBlocker rules to grouped interface Change list action to alias only and create rules the way you want. 
- 
 pfblocker began to fill my logs with "php: : There were error(s) loading the rules: /tmp/rules.debug:17: cannot define table pfBlockerNorthAmerica: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [17]: table <pfblockernorthamerica>persist file "/var/db/aliastables/pfBlockerNorthAmerica.txt". Seemed to work stable till today. The only thing i did was entering an own blocklist and put USA to my list. Disabling the North America rules resolved the filling of systemlog, but the blocking remains down. :( At the dashboard the widget shows all blockings as "down", say a red arrow. New errors came up too: 
 php: : The command '/usr/bin/grep -v '^#' '/var/db/aliastables/pfBlockerTopSpammers.txt.tmp' > '/var/db/aliastables/pfBlockerTopSpammers.txt'' returned exit code '1', the output was ''
 Jul 18 19:27:32 php: : The command '/usr/bin/grep -v '^#' '/var/db/aliastables/pfBlockerNorthAmerica.txt.tmp' > '/var/db/aliastables/pfBlockerNorthAmerica.txt'' returned exit code '1', the output was ''</pfblockernorthamerica>
- 
 Did you increased max_table_entries on system -> advanced? you may need to disable lists before increase max_table value. 
- 
 yes. I increased the max tables before. I had pfblocker disabled before i increased the max tables. 
- 
 try to increase to a higher value. 
- 
 increased to 400000, but still all Blockings down. :( 
- 
 increased to 400000, but still all Blockings down. :( I had to set mine to 999999999 before it all acted nice. Havent noticed any other issues with the increase.:-) 
- 
 Increased size to 999999999, but its still not working, say the status is still down. Reinstall didnt help too. :( 
- 
 Increased size to 999999999, but its still not working, say the status is still down. Reinstall didnt help too. :( Did you disabled the server before increasing the value? You need a config apply without errors before trying a new value or a new list. Also, check custom lists if any and diagnostic tables menu. att, 
 Marcello Coutinho
- 
 i did the following: deinstalled pfblocker, adjusted table size, installed pfblocker, started: php: /pkg_edit.php: [pfblocker] pfblocker_xmlrpc_sync.php is starting. Jul 19 17:27:00 check_reload_status: Reloading filter Jul 19 17:27:00 check_reload_status: Syncing firewall Jul 19 17:27:00 php: /pkg_edit.php: Starting pfBlocker sync process. Jul 19 17:27:00 check_reload_status: Syncing firewall snip php: /pkg_edit.php: [pfblocker] pfblocker_xmlrpc_sync.php is starting. Jul 19 14:03:42 check_reload_status: Reloading filter Jul 19 14:03:42 php: /pkg_edit.php: Starting pfBlocker sync process. Jul 19 14:03:38 php: /pkg_edit.php: [pfblocker] pfblocker_xmlrpc_sync.php is starting. Jul 19 14:03:38 check_reload_status: Reloading filter Jul 19 14:03:38 check_reload_status: Syncing firewall Jul 19 14:03:38 php: /pkg_edit.php: Starting pfBlocker sync process. Jul 19 14:03:38 check_reload_status: Syncing firewall Jul 19 14:03:13 check_reload_status: Syncing firewall Jul 19 14:03:12 check_reload_status: Reloading filter Jul 19 14:03:12 check_reload_status: Syncing firewall Jul 19 14:03:12 php: /pkg_mgr_install.php: No pfBlocker action during boot process. Jul 19 14:03:12 php: /pkg_mgr_install.php: No pfBlocker action during boot process. Jul 19 14:03:00 check_reload_status: Syncing firewall Jul 19 14:02:58 php: /pkg_mgr_install.php: Beginning package installation for pfBlocker. Jul 19 14:02:58 check_reload_status: Syncing firewall Jul 19 14:02:44 check_reload_status: Reloading filter Jul 19 14:02:43 php: /pkg_mgr_install.php: No pfBlocker action during boot process.No errors, but Status is down. It shows cdir-entries, but no packets. 
- 
 No errors, but Status is down. It shows cdir-entries, but no packets. What action did you selected on pfblocker list? Did you enabled the service after installing? 
- 
 top spammers selected, activated. 
- 
 Do you know about android ads on free apps? it's really annoying! If your phone is rooted you can d/l AdFree from the Google store. 
 https://play.google.com/store/apps/details?id=com.bigtincan.android.adfree&hl=enMy Android is WiFi-only so I can Alias-block the below servers that AdFree was missing. 65.52.2.0/24 69.89.31.0/24 96.44.173.0/24 50.16.243.250/32If you want; I can dig out the host file AdFree creates in my phone, but you may need to be rooted to use it. and I updated my Skype ad-block list. 
 http://dl.dropbox.com/u/71477228/blacklistedads.txtI removed 2 IPs that were hampering OfficeHelp from loading properly. 
 I also added a bunch of ranges that my scripts collected since last post.
 The new IPs came from resolving ads2.msads.net (against 6 DNS servers every 6 min for 3 weeks).Edit: Looks like MS added a bunch of new ad servers today. 
 questionmarket / adsafeprotected-admob-doubleclick / choices.truste.comList is updated. 
- 
 Thanks Linuxtracker, the adfree worked very nice. :) 
- 
 I guys, I have been very happy with the pfBlocker until I had to restore my firewall config. (failed CF due to bandwidthd). When I brought up the firewall after "restoring" the configuration xml file, I got errors like this: There were error(s) loading the rules: /tmp/rules.debug:163: macro 'pfBlockerTopSpammers' not defined /tmp/rules.debug:163: syntax error /tmp/rules.debug:164: macro 'pfBlockerDSHIELD' not defined /tmp/rules.debug:193: macro 'pfBlockerTopSpammers' not defined /tmp/rules.debug:193: syntax error /tmp/rules.debug:194: macro 'pfBlockerDSHIELD' not defined /tmp/rules.debug:202: macro 'pfBlockerTopSpammers' not defined /tmp/rules.debug:202: syntax error /tmp/rules.debug:203: macro 'pfBlockerDSHIELD' not defined pfctl: Syntax error in config file: pf rules not loaded The line in question reads [163]: block in quick on $WAN from $pfBlockerTopSpammers to any label "USER_RULE: pfBlockerTopSpammers auto rule"I assume that something is not getting backed up/restored properly. I had to disable pfBlocker and reload the firewall to get it to pass packets. Any ideas? NOTE that I also have an HA pair (CARP/XMLRPC), but this appears to have its own XMLRPC settings. ~tommy 
- 
 Tommy, If you were using alias only action on your lists, pfblocker install/uninstall process will not remove your custom rules. 
 Second point is that pfblocker is disabled by default after install, you need to access it's gui and enable it.att, Marcello Coutinho 
- 
 I'm also having the same issue(s) as igor. I have max table entries set to 999999999. Reinstalled package 2 times. Restored configuration as well. I just installed pfSense itself maybe a day ago (new build). I'm using the Primary Threats blocklist from i-blocklist. I have also tried selecting country blocks. All show red arrow pointing down. :( 
- 
 mbp, check pfblocker wiki at doc.pfsense.org/index.php/Pfblocker att, 
 Marcello Coutinho
- 
 
