PfBlockerNG v2 on an Alix

hda · Dec 3, 2015, 7:52 PM

My experience sofar 2.01 is not suitable for an Alix. Memory 256MB is too small to survive a few running days. Even with un-checking DNSBL. The pfSense system will run out of /var in RAM due to files like the pfBNG top-1m.csv or pfBNG RAM memory leak or lack of clear-up unused. Then the Alix-pfSense will lock-up and become inaccesible on GUI & serial console…

I want to revert to 1.10. Where to get and how to install pfBNG 1.10 package on 2.2.5 ?

doktornotor · Dec 3, 2015, 2:11 PM

Nowhere. Simply disable the DNSBL.

hda · Dec 3, 2015, 7:54 PM

@doktornotor:

… disable the DNSBL.

Will do, one must delete and reinstall and then not use DNSBL. Just unchecking DNSBL in an used install will not clear-out /var.

hda · Dec 4, 2015, 10:59 AM

Fresh install pfBNG 2.01 , not useing DNSBL.

What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?

How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

For now I deleted the /var/db/pfblockerng/top-1m.csv. Disk usage /var(in RAM) cleared. Likely no Memory clear-out (expect 54 to 37%).

doktornotor · Dec 4, 2015, 11:20 AM

@hda:

Fresh install pfBNG 2.01 , not useing DNSBL.
What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?
How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

https://github.com/pfsense/pfsense-packages/pull/1206

hda · Dec 4, 2015, 12:02 PM

@doktornotor:

https://github.com/pfsense/pfsense-packages/pull/1206

Thanks, "A je to!"

doktornotor · Dec 5, 2015, 2:18 AM

2.0.2 merged, should be fixed.

hda · Dec 6, 2015, 10:21 AM

Have a look-see. Cold boot, fresh install pfBNG, no-DNSBL. Good sofar.

BBcan177 · Dec 6, 2015, 7:17 PM

Thanks Dok…

The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs), so that is why you saw it download after the re-install of the pkg. The fix that Dok submitted, was that one of the variables wasn't defined in a global array and would download regardless.

Otherwise, I would really suggest moving to a device with some more space :) Glad that its working for you now...

hda · Dec 6, 2015, 7:59 PM

@BBcan177:

The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs)…

OK that explains the lock-out from pfSense. Memory overload. Why download big files at almost the same time ? Separate them a day or so ? Just know that clean-up of stale/used Memory takes a time like 2 to 24 hrs. Maybe I can use DNSBL again later in 2.03. Thanks.

No wont't upgrade until need to go beyond fiber 20/20 Mbps, and, K.I.S.S., I believe in compact code and observeable CPU & memory behaviour. Those with octacoreand32GB see notin… ;)

hda · Dec 15, 2015, 5:35 PM

2.2.5 & 2.03 plus DNSBL again after 24hrs looking good; 59%Memory 57%/var. Thanks :)

hda · Dec 19, 2015, 8:11 PM

A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

BBcan177 · Dec 19, 2015, 8:20 PM

@hda:

A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

Do you have R/W enabled by default?

hda · Dec 19, 2015, 8:29 PM

@BBcan177:

Do you have R/W enabled by default?

Yep.

hda · Jan 3, 2016, 8:39 PM

pfBNG 2.0.4 on 2.2.6. See extra.log

Hmmm, when on .ro. (read-only) access to the filesystem seems a failure and when on .rw. it looks OK, but then dnsbl.log is reporting writing problems ? Besides in both cases I see double entries about download reports.

So what is in general the supposed state (ro or rw) for using pfBNG ?

extras.txt