Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlockerNG v2 on an Alix

    Scheduled Pinned Locked Moved pfBlockerNG
    15 Posts 3 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hda
      last edited by

      Fresh install pfBNG 2.01 , not useing DNSBL.

      What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?

      How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

      For now I deleted the /var/db/pfblockerng/top-1m.csv. Disk usage /var(in RAM) cleared. Likely no Memory clear-out (expect 54 to 37%).

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        @hda:

        Fresh install pfBNG 2.01 , not useing DNSBL.
        What happens…, if I do not use DNSBL, then why does file "top-1m.csv" gets imported after/every a day (file at 0:00 GMT) ?
        How to prevent this 22MB sheetload in /var (inc 30 to 70%) and living in RAM and then with an entry there (inc from 37 to 54%) ? What is retrieving & loading this top-1m.csv, not on install but, later within 24hrs ?

        https://github.com/pfsense/pfsense-packages/pull/1206

        1 Reply Last reply Reply Quote 0
        • H
          hda
          last edited by

          @doktornotor:

          https://github.com/pfsense/pfsense-packages/pull/1206

          Thanks, "A je to!"

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            2.0.2 merged, should be fixed.

            1 Reply Last reply Reply Quote 0
            • H
              hda
              last edited by

              Have a look-see. Cold boot, fresh install pfBNG, no-DNSBL. Good sofar.

              1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator
                last edited by

                Thanks Dok…

                The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs), so that is why you saw it download after the re-install of the pkg. The fix that Dok submitted, was that one of the variables wasn't defined in a global array and would download regardless.

                Otherwise, I would really suggest moving to a device with some more space :) Glad that its working for you now...

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • H
                  hda
                  last edited by

                  @BBcan177:

                  The Alexa download occurs the first Tuesday of each month (along with the MaxMind dbs)…

                  OK that explains the lock-out from pfSense. Memory overload. Why download big files at almost the same time ? Separate them a day or so ? Just know that clean-up of stale/used Memory takes a time like 2 to 24 hrs. Maybe I can use DNSBL again later in 2.03. Thanks.

                  No wont't upgrade until need to go beyond fiber 20/20 Mbps, and, K.I.S.S., I believe in compact code and observeable CPU & memory behaviour. Those with octacoreand32GB see notin… ;)

                  1 Reply Last reply Reply Quote 0
                  • H
                    hda
                    last edited by

                    2.2.5 & 2.03 plus DNSBL again after 24hrs looking good; 59%Memory 57%/var. Thanks :)

                    1 Reply Last reply Reply Quote 0
                    • H
                      hda
                      last edited by

                      A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

                      dnsblerror.PNG
                      dnsblerror.PNG_thumb
                      dnsblerrtype.PNG
                      dnsblerrtype.PNG_thumb

                      1 Reply Last reply Reply Quote 0
                      • BBcan177B
                        BBcan177 Moderator
                        last edited by

                        @hda:

                        A blow-out from DNSBL to error.log. /var up sudden to 76%. See for typical errors in file and more than (config) 20000 lines… I don't like that at all.

                        Do you have R/W enabled by default?

                        "Experience is something you don't get until just after you need it."

                        Website: http://pfBlockerNG.com
                        Twitter: @BBcan177  #pfBlockerNG
                        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                        1 Reply Last reply Reply Quote 0
                        • H
                          hda
                          last edited by

                          @BBcan177:

                          Do you have R/W enabled by default?

                          Yep.

                          1 Reply Last reply Reply Quote 0
                          • H
                            hda
                            last edited by

                            pfBNG 2.0.4 on 2.2.6. See extra.log

                            Hmmm, when on .ro. (read-only) access to the filesystem seems a failure and when on .rw. it looks OK, but then dnsbl.log is reporting writing problems ? Besides in both cases I see double entries about download reports.

                            So what is in general the supposed state (ro or rw) for using pfBNG ?

                            extras.txt

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.