Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfblocker packets (hits) counter has gone up since 2.2 update (multiplier added)

    Scheduled Pinned Locked Moved pfSense Packages
    21 Posts 7 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM
      marcelloc
      last edited by

      I'll ping bbcan to see if I can help…

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Yes the merged copy that is in the pfSense repo uses the existing range to cidr function. But there have been some recent commits that seemed to have affected this function from converting some of the IBlock lists. There are days when some lists would crash PHP and some days where it wouldn't… So i suspect that when a certain range is converted that it will crash PHP...

        Stilez has a Pull Request for a new range to cidr function that also has IPv6 capability. I use this function to convert the Maxmind IPv6 Country Database into cidr format...

        https://github.com/pfsense/pfsense/pull/974

        So when this issue arose, i reference this new function instead. But this is only available in my private repo.

        To make use of this new function, i need to add:

        File: pfblockerng.inc

        require_once ("/usr/local/www/pfblockerng/pfblockerng.php");

        and modify these two lines to reference the new Stilez function which already exists in the pfblockerng.php file.

        1766:  $a_cidr = ip_range_to_subnet_array**_temp**($matches[1],$matches[2]);
            1984:  $a_cidr = ip_range_to_subnet_array**_temp**($matches[1],$matches[2]);

        or wait for the devs to fix the range to cidr function, or merge Stilez function.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • BBcan177B
          BBcan177 Moderator
          last edited by

          @marcelloc:

          As pfblockerng is away ahead,  I'll test it and probably remove pfblocker from 2.2 package list.

          The issue with the widget for the pfBlocker code in 2.2, is the pfctl Label format has an extra CSV column:

          This is the existing line ( works for 2.1.5 and below ) :

          if (preg_match("/USER_RULE: (\w+).*\s+\d+\s+(\d+)\s+\d+\s+\d+\s+\d+\s+\d+\s+\d+/",$line,$matches))
          

          For 2.2, it needs to use the following line:

          if (preg_match("/USER_RULE: (\w+).*\s+\d+\s+(\d+)\s+\d+\s+\d+\s+\d+\s+\d+\s+\d+\s+\d+/", $line, $matches)) 
          

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          • L
            LinuxTracker
            last edited by

            @BBcan177:

            For 2.2, it needs to use the following line:

            if (preg_match("/USER_RULE: (\w+).*\s+\d+\s+(\d+)\s+\d+\s+\d+\s+\d+\s+\d+\s+\d+\s+\d+/", $line, $matches)) 
            

            I edited /usr/local/www/widgets/widgets/pfBlocker.widget.php and replaced the code  with BBcan177s and my packet counts seem more reasonable.

            Thanks BB!

            1 Reply Last reply Reply Quote 0
            • BBcan177B
              BBcan177 Moderator
              last edited by

              @LinuxTracker:

              Is that last bracket supposed to be there? If so, where does it close?

              I modified my original post above. I have that in an if/else statement to use the correct line depending on 2.1.5 / 2.2 version of pfSense.

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • marcellocM
                marcelloc
                last edited by

                Merge to pfSense may take longer then package commit.

                Util it gets  merged, isn't better to send a fix to the package?

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • BBcan177B
                  BBcan177 Moderator
                  last edited by

                  Here is the Pull Request to provide a temporary fix for the IBlock Range to CIDR issue:

                  https://github.com/pfsense/pfsense-packages/pull/796

                  "Experience is something you don't get until just after you need it."

                  Website: http://pfBlockerNG.com
                  Twitter: @BBcan177  #pfBlockerNG
                  Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                  1 Reply Last reply Reply Quote 0
                  • marcellocM
                    marcelloc
                    last edited by

                    Great.  I'll send a pull request to get pfblocker working on 2.2 util ng is released.

                    Treinamentos de Elite: http://sys-squad.com

                    Help a community developer! ;D

                    1 Reply Last reply Reply Quote 0
                    • J
                      JohnPFsense
                      last edited by

                      BBcan177s solution works great.
                      Turns out editing the php file from pfsense was very easy.

                      I started my post as just an observation. Never expected a fix in less than 24 hrs. Amazing  8)

                      John

                      1 Reply Last reply Reply Quote 0
                      • marcellocM
                        marcelloc
                        last edited by

                        @JohnPFsense:

                        Never expected a fix in less than 24 hrs. Amazing  8)

                        Community helping community  :)

                        Treinamentos de Elite: http://sys-squad.com

                        Help a community developer! ;D

                        1 Reply Last reply Reply Quote 0
                        • BBcan177B
                          BBcan177 Moderator
                          last edited by

                          @marcelloc:

                          @JohnPFsense:

                          Never expected a fix in less than 24 hrs. Amazing  8)

                          Community helping community  :)

                          Actually less than 3 Hrs!  8)

                          "Experience is something you don't get until just after you need it."

                          Website: http://pfBlockerNG.com
                          Twitter: @BBcan177  #pfBlockerNG
                          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                          1 Reply Last reply Reply Quote 0
                          • G
                            garthk
                            last edited by

                            Any idea if/when the PFBlocker package will be available or should I switch to the new beta?

                            Thanx,
                            Garth

                            1 Reply Last reply Reply Quote 0
                            • C
                              Cino
                              last edited by

                              pfBlocker has been removed, and replaced by pfBlockerNG for 2.2. It's in the package system if you want to install it

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.