PfBlockerNG
-
Is there anyway to EXclude an ip from the pfblocker? I have a PS4 and when I have the top 20 countries selected it affects game play online and when i disable it doesn't block some of the ads. So is there anyway to exclude an IP address?
There is a post about this five posts before this one! And also in several places in this thread… Either Suppress the IP (/32 or /24 Ranges only) or Create a Permit Outbound Alias with the IP listed in the Custom Input Entry. Ensure the Permit Rule is before the Block/Reject Rules.
Woah… sorry to push a button there. I actually tried setting it up with the permit rules before the block/reject but then it wouldnt block anything. Just thought there might be an easier solution.... Ill try the suppressing... thanks!
-
If it's a Top20 Block, then you have to use the "Permit Outbound" method, as suppression will only work on /32 or /24 ranges. In the alias enter just the IP range required and set it to "permit outbound". It shouldn't interfere with other block/reject rules.
-
Hello BBcan177,
If pfblockerng integrate with mailreport in the future? For example, I add "botnet" alias and set action to deny outbound. When infiltrated computers traffic is outbound, and send mail trigger by mailreport(Report Logs).
But I can only use firewall log (raw) filter in report Logs,so i can't filter by botnet alias
Or I can use other methods?
Thanks!
-
Does pfBlockerNG support 2.1.5? or should i just stick to pfBlocker?
Thanks
-
It does not unless you use an unofficiel package repository :)
-
NEVERMIND: I was able to get this resolved from help on IRC. It looks like, despite running the php cleanup script, I had some original pfBlocker aliases still around. Deleting them fixed the problem.
I'm a bit new to pfsense and not a network guy. I implemented PFBlockerNG and, overall it seems to be working well. The problem is that I am getting the errors shown in the attachment. I used the php script earlier to set the lists up. Not sure how to resolve these. Any suggestions would be appreciated.
-
It does not unless you use an unofficiel package repository :)
Hi,
can you please give us more details how to install PFBlockerNG in 2.1.5
thank you
-
Well, you don't. Simple.
-
Update to 2.2+ and it will work fine. If you haven't you need to. Keeping your software up to date is part of security. Skip 5 or 6 versions and the updates become more difficult.
-
pfBlockerNG had support for 2.1.x. but the current version only supports 2.2 and above. Sorry about that.
-
Hello BBcan177,
If pfblockerng integrate with mailreport in the future? For example, I add "botnet" alias and set action to deny outbound. When infiltrated computers traffic is outbound, and send mail trigger by mailreport(Report Logs).
But I can only use firewall log (raw) filter in report Logs,so i can't filter by botnet alias
Or I can use other methods?
Thanks!
Hi ntct,
You can try the following :
View the Firewall or pfBNG Alerts log and find the Rule Number associated with the Alias. If you don't see the rule number in the Firewall logs, you can edit the log settings to display the Rule column.
In mail reports, when you select "Filter Logs (Raw), enter the "filter" as - Example rule number 90 :
90,
This will search the log for those characters. Please note that any Firewall rule changes can alter the Rule Number.
Hope this helps.
-
Hello
Issue
Fatal error: Call to undefined function subnetv6_expand() in /etc/inc/util.inc on line 714Fix in this thread works
-
Hi stanthewizard,
Are you using the latest version of pfBNG? If not, please upgrade as that issue has been fixed.
-
This is the latest updated this morning
-
Do you have any Virtual IPs? And are you using IPv6?
Could you post a screenshot of the VIP addresses and masks?
-
192.168.0.1/24 (vhid 1) LAN carp LANVirIPv4
192.168.1.200/24 (vhid 2) WAN carp WANVirIPv4
fd28:8ccb:1874:a09e::1/64 (vhid 3) LAN carp LANVirIPv6https://www.dropbox.com/s/pso662buzfjvfnw/carp%20ipv4.jpg?dl=0
https://www.dropbox.com/s/xqxk04u5133w0jo/carp%20ipv6.jpg?dl=0
::)
-
Hi stanthewizard,
I took a look at the code for the Alerts tab in Github and it does not contain my patch for this issue… I must have not added those changes to the previous Pull Request. I will get that fixed in the next PR.
You mentioned that you did a work around? If its still not working for you, let me know and I will get you a patch for it. (send me a PM if you can't wait for the next version) :)
-
I can wait no issue
I'm using the workaround you gave me :P
PS: still the footer is out of line
-
In response to a pm I received about:
@azurata:I was waiting the pfBlockerNG new version to do adblock using the unbound, but until it's released I add a VIRTUAL IP to the Lan interface, made a script to convert http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext to unbound advanced rules to redirect to the VIRTUAL IP and setup a nginx to listen to both 80 and 443 on the VIRTUAL IP and respond to all with "204 No Content". For my surprise is working better that I was expecting.
made a tutorial, Simple adblock using unbound and nginx
-
Just did the update to 1.08 and got
[ There were error(s) loading the rules: /tmp/rules.debug:23: cannot load /var/db/aliastables/pfB_Africa_v4.txt: No such file or directory - The line in question reads [23]: table persist file /var/db/aliastables/pfB_Africa_v4.txt]
