• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PfBlockerNG v2 on an Alix

Scheduled Pinned Locked Moved pfBlockerNG
15 Posts 3 Posters 4.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    hda
    last edited by Dec 3, 2015, 7:52 PM Dec 3, 2015, 1:46 PM

    My experience sofar 2.01 is not suitable for an Alix. Memory 256MB is too small to survive a few running days. Even with un-checking DNSBL. The pfSense system will run out of /var in RAM due to files like the pfBNG top-1m.csv or pfBNG RAM memory leak or lack of clear-up unused. Then the Alix-pfSense will lock-up and become inaccesible on GUI & serial console…

    I want to revert to 1.10. Where to get and how to install pfBNG 1.10 package on 2.2.5 ?

    1 Reply Last reply Reply Quote 0
    • D
      doktornotor Banned
      last edited by Dec 3, 2015, 2:11 PM

      Nowhere. Simply disable the DNSBL.

      1 Reply Last reply Reply Quote 0
      • H
        hda
        last edited by Dec 3, 2015, 7:54 PM

        @doktornotor:

        … disable the DNSBL.

        Will do, one must delete and reinstall and then not use DNSBL. Just unchecking DNSBL in an used install will not clear-out /var.

        1 Reply Last reply Reply Quote 0
        • H
          hda
          last edited by Dec 4, 2015, 10:59 AM

          Fresh install pfBNG 2.01 , not useing DNSBL.

          What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?

          How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

          For now I deleted the /var/db/pfblockerng/top-1m.csv. Disk usage /var(in RAM) cleared. Likely no Memory clear-out (expect 54 to 37%).

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by Dec 4, 2015, 11:20 AM

            @hda:

            Fresh install pfBNG 2.01 , not useing DNSBL.
            What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?
            How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

            https://github.com/pfsense/pfsense-packages/pull/1206

            1 Reply Last reply Reply Quote 0
            • H
              hda
              last edited by Dec 4, 2015, 12:02 PM

              @doktornotor:

              https://github.com/pfsense/pfsense-packages/pull/1206

              Thanks, "A je to!"

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by Dec 5, 2015, 2:18 AM

                2.0.2 merged, should be fixed.

                1 Reply Last reply Reply Quote 0
                • H
                  hda
                  last edited by Dec 16, 2015, 12:47 PM Dec 6, 2015, 10:21 AM

                  Have a look-see. Cold boot, fresh install pfBNG, no-DNSBL. Good sofar.

                  1 Reply Last reply Reply Quote 0
                  • B
                    BBcan177 Moderator
                    last edited by Dec 6, 2015, 7:17 PM

                    Thanks Dok…

                    The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs), so that is why you saw it download after the re-install of the pkg. The fix that Dok submitted, was that one of the variables wasn't defined in a global array and would download regardless.

                    Otherwise, I would really suggest moving to a device with some more space :) Glad that its working for you now...

                    "Experience is something you don't get until just after you need it."

                    Website: http://pfBlockerNG.com
                    Twitter: @BBcan177  #pfBlockerNG
                    Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                    1 Reply Last reply Reply Quote 0
                    • H
                      hda
                      last edited by Dec 6, 2015, 7:59 PM Dec 6, 2015, 7:36 PM

                      @BBcan177:

                      The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs)…

                      OK that explains the lock-out from pfSense. Memory overload. Why download big files at almost the same time ? Separate them a day or so ? Just know that clean-up of stale/used Memory takes a time like 2 to 24 hrs. Maybe I can use DNSBL again later in 2.03. Thanks.

                      No wont't upgrade until need to go beyond fiber 20/20 Mbps, and, K.I.S.S., I believe in compact code and observeable CPU & memory behaviour. Those with octacoreand32GB see notin… ;)

                      1 Reply Last reply Reply Quote 0
                      • H
                        hda
                        last edited by Dec 15, 2015, 5:35 PM

                        2.2.5 & 2.03 plus DNSBL again after 24hrs looking good; 59%Memory 57%/var. Thanks :)

                        1 Reply Last reply Reply Quote 0
                        • H
                          hda
                          last edited by Dec 19, 2015, 8:11 PM Dec 19, 2015, 6:17 PM

                          A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

                          dnsblerror.PNG
                          dnsblerror.PNG_thumb
                          dnsblerrtype.PNG
                          dnsblerrtype.PNG_thumb

                          1 Reply Last reply Reply Quote 0
                          • B
                            BBcan177 Moderator
                            last edited by Dec 19, 2015, 8:20 PM

                            @hda:

                            A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

                            Do you have R/W enabled by default?

                            "Experience is something you don't get until just after you need it."

                            Website: http://pfBlockerNG.com
                            Twitter: @BBcan177  #pfBlockerNG
                            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                            1 Reply Last reply Reply Quote 0
                            • H
                              hda
                              last edited by Dec 19, 2015, 8:29 PM

                              @BBcan177:

                              Do you have R/W enabled by default?

                              Yep.

                              1 Reply Last reply Reply Quote 0
                              • H
                                hda
                                last edited by Jan 3, 2016, 8:39 PM

                                pfBNG 2.0.4 on 2.2.6. See extra.log

                                Hmmm, when on .ro. (read-only) access to the filesystem seems a failure and when on .rw. it looks OK, but then dnsbl.log is reporting writing problems ? Besides in both cases I see double entries about download reports.

                                So what is in general the supposed state (ro or rw) for using pfBNG ?

                                extras.txt

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                  This community forum collects and processes your personal information.
                                  consent.not_received