PfBlockerNG

BBcan177 · Jan 31, 2015, 5:26 AM

For those of you that followed the bypass to install the Package, please follow these suggestions:

Enable "Keep Settings" in the pfBlockerNG General Tab. On a Re-install, the first step is a De-Install of the package. So without enabling this setting, you will lose all configured settings on a "Re-Install".

So please ensure that this is "Checked". You will need to hit "Save" to have it apply!!

There is a v1.0 of pfBlockerNG Posted with a minor revision for an IBlock issue. I believe you will need to ensure that the bypass method used on the first Install, is activated before proceeding with the Update or the Re-Install will FAIL.

Please ensure you Backup as always before proceeding with any Updates.

samham · Jan 31, 2015, 5:30 AM

I don't see the package listed yet!!!

BBcan177 · Jan 31, 2015, 5:32 AM

@samham:

I don't see the package listed yet!!!

Its not Official Yet.. I was referring to those Users who followed the Bypass methods in this thread to get it Installed.

samham · Jan 31, 2015, 5:34 AM

marcelloc sent a pull request, I'm assuming it should be official shortly

Topper727 · Jan 31, 2015, 9:14 AM

I seen it in packages today. Got the update from it.

digdug3 · Jan 31, 2015, 10:30 AM

@BBCan:

Thanks for mailing me I was (almost) missing all the fun ;)
The package really needs to be released officially!

Great marcelloc pointed out the old pfblocker is now obsolete and should be replaced with pfBlockerNG.

JasonJoel · Jan 31, 2015, 1:17 PM

Not in my package list yet (just the old blocker package). Looking forward to it though!!

@Topper727:

I seen it in packages today. Got the update from it.

wcrowder · Jan 31, 2015, 3:54 PM

See:
https://forum.pfsense.org/index.php?topic=86212.msg481358#msg481358

Make sure you read this entire thread.

@JasonJoel:

Not in my package list yet (just the old blocker package). Looking forward to it though!!

@Topper727:

I seen it in packages today. Got the update from it.

reggie14 · Jan 31, 2015, 6:07 PM

@wcrowder:

See:
https://forum.pfsense.org/index.php?topic=86212.msg481358#msg481358

Make sure you read this entire thread.

I'm confused. Doesn't this post indicate that the package is being officially released now, and that we won't have to do anything special to download it?

marcelloc · Jan 31, 2015, 6:10 PM

The pull request needs to be merged by pfsense team before you can use it without any hacks.

Bummer · Jan 31, 2015, 6:11 PM

Ha, ha, ha… I was wondering the same thing too!

bfeitell · Jan 31, 2015, 8:29 PM

I used the patch method to install pfBlockerNG, and it was working well on two machines until a reboot. After a reboot the country block lists in /var/db/aliastables/ are all empty but for a single entry of 1.1.1.1.

Forcing an update does not fetch the correct files, and no blocking is taking place.

BBcan177 · Jan 31, 2015, 8:41 PM

@bfeitell:

I used the patch method to install pfBlockerNG, and it was working well on two machines until a reboot.

Is this a Nano install where the /var folder is getting deleted on reboot?

This is a question I have asked the Devs to find a solution for… As these files should be stored in the /var folder. The previous pfBlocker package used to store the files in the /usr/local folder. This issue is only limited to Nano and Ramdisk type installs.

Run the following shell command to Re-Download the Maxmind Database, and restore the Country code files in the /var folder.

php /usr/local/www/pfblockerng/pfblockerng.php dc

Following that, execute a "Force Update"

marcelloc · Jan 31, 2015, 8:41 PM

@BBcan177:

Is this a Nano install where the /var folder is getting deleted on reboot?

I guess so.

You may need a conf mount rw to backup data on package save.

I found a long time ago a guide to run nanobsd on virtual machine. This way will be easier to debug cf installs.

BBcan177 · Jan 31, 2015, 9:05 PM

@marcelloc:

You may need a conf mount rw to backup data on package save.

I found a long time ago a guide to run nanobsd on virtual machine. This way will be easier to debug cf installs.

Yes, I have a similar doc on that running a Nano in a VM. In this instance, there is nothing to debug.. The /var/db folder which contains the Maxmind Country files get wiped on reboot. I can make a hack way around it in the code which probably is not the best.

This is a question I have posed to the Devs, but I am waiting on feedback for the best approach. I do not want to save these files to the /usr/local folder.

Maybe could put it in the PBI Share Folder?

bfeitell · Jan 31, 2015, 8:51 PM

Yes indeed, it is a nano install. Thank you for the fix!

doktornotor · Jan 31, 2015, 9:40 PM

@BBcan177:

The /var/db folder which contains the Maxmind Country files get wiped on reboot. I can make a hack way around it in the code which probably is not the best.
This is a question I have posed to the Devs, but I am waiting on feedback for the best approach. I do not want to save these files to the /usr/local folder.
Maybe could put it in the PBI Share Folder?

The /var/db thing is rather unfortunate, not just b/c it's volatile but also since the directory is pretty huge. Takes over 1/3 of the default /var ramdisk.

digdug3 · Feb 1, 2015, 8:39 AM

pfBlockerNG needs the Maxmind database country codes otherwise most of the functions will not work.

doktornotor · Feb 1, 2015, 8:41 AM

@digdug3:

pfBlockerNG needs the Maxmind database country codes otherwise most of the functions will not work.

Hmmm, yeah… and the point being? It's already there.

digdug3 · Feb 1, 2015, 9:16 AM

The point being if we added a "disable country codes" mode then you would free up the memory.
This can be a solution for low-memory devices, but then you would miss out all the benefits like reputation, country blocking etc.