PfBlockerNG
-
Yes, I've got it all worked out now very good work sir on this package.
As far as the AdBlock on iblock, you are right it isn't the greatest. I have a question since your doing most of the design it seems, when 2.0 expected for one and two are the list going to be limited to only IP lists or could we say use the AdBlock plus list aka easylist?
Yes I am the Developer of the package .. I haven't put much development into it for the past couple weeks, since v1.0 was released.. Maybe another month or so… I want to make sure that its stable and all the tires kicked every which way by the beta testers that helped me with v1.0 :)
You can see some more Features in this link:
https://forum.pfsense.org/index.php?topic=78356.msg477682#msg477682I have all of the features in the link working and will be working on Easylist next...
-
Yes, I've got it all worked out now very good work sir on this package.
As far as the AdBlock on iblock, you are right it isn't the greatest. I have a question since your doing most of the design it seems, when 2.0 expected for one and two are the list going to be limited to only IP lists or could we say use the AdBlock plus list aka easylist?
Yes I am the Developer of the package .. I haven't put much development into it for the past couple weeks, since v1.0 was released.. Maybe another month or so… I want to make sure that its stable and all the tires kicked every which way by the beta testers that helped me with v1.0 :)
You can see some more Features in this link:
https://forum.pfsense.org/index.php?topic=78356.msg477682#msg477682I have all of the features in the link working and will be working on Easylist next...
Very nice, keep up the good work! Thanks for everything!
-
Has anyone had any impact on the network speed especially internet activity since enabling this? I disabled logging in hopes of speeding things up, could this be slowing things down?
-
I could nog fully install this: hangs at converting…
-
Be gentle, this is my first post here. :)
When I go to the Alerts tab in pfBlockerNG, it shows the same set of Alerts, all dated Jan 28th. There are a total of 59 alerts. I installed pfBlockerNG in early February. The pfBlockerNG Dashboard Widget does seem to be accurate, with constantly changing counts under the Packets heading, which reset to zero when I update the rules. In other words, it seems to be working as it should, but the Alerts tab seems to be stuck on the initial set of 59 entries, all dated Jan 28th (not sure why Jan 28th when I installed the package in Feb?). I've updated pfBlockerNG a couple of times since my initial install, but the same Alerts continue to show.
I did have the original pfBlocker app installed back on the 2.1.5 release, and did not remove it prior to upgrading to 2.2. At some point after upgrading to 2.2, I uninstalled pfBlocker, then installed pfBlockerNG. I noticed immediately after installing NG those Alerts dated Jan 28th, which I thought was weird considering that date was many days old. But I've patiently waited a couple of updates to see if it would resolve itself. Since it hasn't yet, I'm posting here.
Any ideas?
Thanks!
-
I can't imagine a scenario where this package would slow down your network. Did you make any other changes the day you installed pfBkockerNG?
Has anyone had any impact on the network speed especially internet activity since enabling this? I disabled logging in hopes of speeding things up, could this be slowing things down?
-
I can't imagine a scenario where this package would slow down your network. Did you make any other changes the day you installed pfBkockerNG?
Has anyone had any impact on the network speed especially internet activity since enabling this? I disabled logging in hopes of speeding things up, could this be slowing things down?
No other than adding other ip list but none of them are seeing the hits like the top 20 countries list. I deselected all the top 20 countries and everything is running much smoother now. I was seeing a lot of packet hits on the ipv4 side. Im thinking mayb this had something to do with it.
-
How long did your wait? What did the logs say? Look at the geoip.log, did it finish downloading?
I could nog fully install this: hangs at converting…
-
Just out of curiosity, go to <status><system logs=""><firewall logs="">then go to the bottom of the list and click <clear>. Might fix the problem.
Be gentle, this is my first post here. :)
When I go to the Alerts tab in pfBlockerNG, it shows the same set of Alerts, all dated Jan 28th. There are a total of 59 alerts. I installed pfBlockerNG in early February. The pfBlockerNG Dashboard Widget does seem to be accurate, with constantly changing counts under the Packets heading, which reset to zero when I update the rules. In other words, it seems to be working as it should, but the Alerts tab seems to be stuck on the initial set of 59 entries, all dated Jan 28th (not sure why Jan 28th when I installed the package in Feb?). I've updated pfBlockerNG a couple of times since my initial install, but the same Alerts continue to show.
I did have the original pfBlocker app installed back on the 2.1.5 release, and did not remove it prior to upgrading to 2.2. At some point after upgrading to 2.2, I uninstalled pfBlocker, then installed pfBlockerNG. I noticed immediately after installing NG those Alerts dated Jan 28th, which I thought was weird considering that date was many days old. But I've patiently waited a couple of updates to see if it would resolve itself. Since it hasn't yet, I'm posting here.
Any ideas?
Thanks!</clear></firewall></system></status>
-
Add the countries back one at a time, maybe run MalwareBytes on your PC/PC's?
I can't imagine a scenario where this package would slow down your network. Did you make any other changes the day you installed pfBkockerNG?
Has anyone had any impact on the network speed especially internet activity since enabling this? I disabled logging in hopes of speeding things up, could this be slowing things down?
No other than adding other ip list but none of them are seeing the hits like the top 20 countries list. I deselected all the top 20 countries and everything is running much smoother now. I was seeing a lot of packet hits on the ipv4 side. Im thinking mayb this had something to do with it.
-
Just out of curiosity, go to <status><system logs=""><firewall logs="">then go to the bottom of the list and click <clear>. Might fix the problem.</clear></firewall></system></status>
That did it. Thank you!
-
With the new 1.04 and all my lists installed with de-duplication on I am getting good results
-
I could nog fully install this: hangs at converting…
Hi pfsense_fan009, I think that you need to add some more memory to your box to be able to use pfBlockerNG or any other package like Snort/Suricata.
-
Since i turned de-duplication on, i havent been seeing any hits and the internet traffic is running much smoother. Should i still being seeing some hits though?
EDIT
I changed the inbound and outbound interface to WAN and it seems to be working again.
-
I did wait for 20minutes:
Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes…
I'm running this on a alix 2d13 on 2.2 (I had pfBlocker installed before installing the pfblockerNG).
Suggestions ?How long did your wait? What did the logs say? Look at the geoip.log, did it finish downloading?
I could nog fully install this: hangs at converting…
-
Since i turned de-duplication on, i havent been seeing any hits and the internet traffic is running much smoother. Should i still being seeing some hits though?
EDIT
I changed the inbound and outbound interface to WAN and it seems to be working again.
You should set inbound to WAN and outbound to LAN.
On your ipv4 lists if you want to block in and out you set "Deny Both". In saying that you don't need to block incoming as it's blocked by default, unless you have multiple ports opened you don't need to blocking incoming unless you like seeing things being blocked.
I can't see how deduplication would make things faster other than removing duplicate IP addresses in multiple lists, then I can't see how it would be slow in the first place
-
Since i turned de-duplication on, i havent been seeing any hits and the internet traffic is running much smoother. Should i still being seeing some hits though?
EDIT
I changed the inbound and outbound interface to WAN and it seems to be working again.
You should set inbound to WAN and outbound to LAN.
On your ipv4 lists if you want to block in and out you set "Deny Both". In saying that you don't need to block incoming as it's blocked by default, unless you have multiple ports opened you don't need to blocking incoming unless you like seeing things being blocked.
I can't see how deduplication would make things faster other than removing duplicate IP addresses in multiple lists, then I can't see how it would be slow in the first place
So basically I need to be looking at it this way, im the firewall what ever traffic I receive from the internet/WAN is considered inbound and whatever I send out it going to my internal LAN? Correct?
-
Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes…
I'm running this on a alix 2d13 on 2.2 (I had pfBlocker installed before installing the pfblockerNG).
Suggestions ?Look at the system logs if you see any Killed entry there.
-
So basically I need to be looking at it this way, im the firewall what ever traffic I receive from the internet/WAN is considered inbound and whatever I send out it going to my internal LAN? Correct?
Yes! :) Wan = Inbound , Lan = Outbound
-
So basically I need to be looking at it this way, im the firewall what ever traffic I receive from the internet/WAN is considered inbound and whatever I send out it going to my internal LAN? Correct?
Yes! :) Wan = Inbound , Lan = Outbound
Thanks, this all is starting to fall into place now. Now that i have my inbound and outbound interfaces set correctly, the adblock lists aren't really as bad as i thought they were.