Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Removing pfblocker

    Scheduled Pinned Locked Moved pfBlockerNG
    31 Posts 15 Posters 17.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vronp
      last edited by

      Hi,

      I ran this check and the following remains:

      <tab><text>General</text>
                              <url>/pkg_edit.php?xml=pfblocker.xml&id=0</url>
                              <active></active></tab>

      @BBcan177:

      Thanks lt1360hp,

      I made a fix to remove those xml tags also.

      If anyone else runs the script, they can run the following command after running the removal script to ensure it removed all the the old reminents of the previous version of pfblocker.

      grep "pfblocker" /conf/config.xml | grep -v "pfblockerng" 
      
      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Hi vronp,

        That's fine. That is just telling you that the last active menu tab was pfBlocker.  If you click another menu item in pfSense and re-run the grep command it should clear that.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • S
          Seb
          last edited by

          I tried running the script below on a server running 2.2.2 (without the pfBlocker package as it is not available for 2.2.x) where the config had been restored from a server with 2.1.5 and the pfBlocker package on and it didn't work: the config still had the pfBlocker config in…  Output at the bottom of this post:

          @BBcan177:

          Here is a script to remove the previous pfBlocker package from the pfSense config.xml

          So please make a full backup before proceeding. Please post back if you were successful in removing the old remnants of this package…

          Save this script to  /usr/local/www/removepfb.php

          then from your pfSense GUI

          https://x.x.x.x:yyy/removepfb.php

          (Change x.x.x.x to your pfsense box IP  and yyy to the port setting used.)

          It will report to the screen with its activity.

          
          # Script to Remove pfBlocker from Config.xml
          #
          # by BBCan177@gmail.com
          # Copyright (c) 2015
          
          require_once("pfsense-utils.inc");
          require_once("config.inc");
          require_once("services.inc");
          global $config;
          print "```
          ";
          
          print "Removing pfBlocker from the pfSense Configuration file\n\n";
          $removal = array("pfblocker", "pfblockerlists", "pfblockerafrica", "pfblockerantartica", "pfblockerasia", "pfblockereurope", "pfblockernorthamerica", "pfblockeroceania", "pfblockersouthamerica", "pfblockertopspammers");
          foreach ($removal as $remove){
                  if (is_array($config['installedpackages'][$remove])){
                          unset ($config['installedpackages'][$remove]);
                          print "Removed {$remove}\n";
                  }
          }
          
          # Remove pfBlocker Menu Entry
          $pfb_menus = &$config['installedpackages']['menu'];
          if (!empty($pfb_menus)) {
                  $key = 0;
                  foreach ($pfb_menus as $menu) {
                          if ($menu['name'] == "pfBlocker") {
                                  unset ($pfb_menus[$key]);
                                  print "Removed pfBlocker Menu Entry\n";
                          }
                          $key++;
                  }
          }
          
          # Remove pfBlocker Package Entry
          $pfb_pkg = &$config['installedpackages']['package'];
          if (!empty($pfb_pkg)) {
                  $key = 0;
                  foreach ($pfb_pkg as $pkg) {
                          if ($pkg['name'] == "pfBlocker") {
                                  unset ($pfb_pkg[$key]);
                                  print "Removed pfBlocker Pkg Entry\n";
                          }
                          $key++;
                 }
          }
          
          # Remove Widget
          $pfb_widgets = $config['widgets']['sequence'];
          if (!empty($pfb_widgets)) {
                  $widgetlist = explode(",", $pfb_widgets);
                  foreach ($widgetlist as $key => $widget) {
                          if (strstr($widget, "pfBlocker-container")) {
                                  unset($widgetlist[$key]);
                                  break;
                          }
                  }
                  $config['widgets']['sequence'] = implode(",", $widgetlist);
          }
          
          #Remove any pfBlocker alias tables
          if (is_array($config['aliases']['alias'])){
                  foreach($config['aliases']['alias'] as $alias){
                          if (!preg_match("/^pfBlocker/", $alias['name'])) {
                                  $new_aliases[]= $alias;
                          }
                  }
                  $config['aliases']['alias'] = $new_aliases;
          }
          
          # Remove pfBlocker Files/Folders
          unlink_if_exists ("/usr/local/pkg/pfblocker.inc");
          unlink_if_exists ("/usr/local/pkg/pfblocker.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_Africa.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_Asia.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_Europe.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_NorthAmerica.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_Oceania.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_SouthAmerica.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_lists.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_sync.xml");
          unlink_if_exists ("/usr/local/pkg/pfblocker_topspammers.xml");
          
          unlink_if_exists ("/usr/local/www/pfblocker.php");
          unlink_if_exists ("/usr/local/www/widgets/widgets/pfBlocker.widget.php");
          
          unlink_if_exists ("/usr/local/pkg/Africa_cidr.txt");
          unlink_if_exists ("/usr/local/pkg/Asia_cidr.txt");
          unlink_if_exists ("/usr/local/pkg/Europe_cidr.txt");
          unlink_if_exists ("/usr/local/pkg/Oceania_cidr.txt");
          unlink_if_exists ("/usr/local/pkg/South_America_cidr.txt");
          
          rmdir_recursive ("/usr/local/pkg/pfblocker");
          rmdir_recursive ("/usr/local/pkg/pfblocker_aliases");
          
          exec ("/bin/rm /var/db/aliastables/pfBlocker*.*");
          
          # Remove Cron Task
          install_cron_job("pfblocker.php cron", false);
          
          # Save Configuration
          write_config("Removed pfBlocker");
          ?>
          
          

          The output for me was:

          Removing pfBlocker from the pfSense Configuration file
          
          Removed pfblocker
          Removed pfblockerlists
          Removed pfblockertopspammers
          Removed pfBlocker Menu Entry
          
          Fatal error: Call to undefined function getUserEntry() in /etc/inc/config.lib.inc on line 501
          
          

          Should I just remove the config manually using the nested grep example BBcan177 gave?

          grep "pfblocker" /conf/config.xml | grep -v "pfblockerng"
          
          1 Reply Last reply Reply Quote 0
          • S
            Seb
            last edited by

            P.S. The script removed nothing as far as I could tell: the pfBlocker rules were still present and the menu entry was still present.

            1 Reply Last reply Reply Quote 0
            • BBcan177B
              BBcan177 Moderator
              last edited by

              It won't remove the rules but it should remove the menu entry. Is this a full install version of pfSense. Might need to put the system into RW mode to save the changes if it's a nano/flash type version.

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • M
                mloiterman
                last edited by

                greping the config file still shows 'pfblockersync'.  Should that be there?

                1 Reply Last reply Reply Quote 0
                • BBcan177B
                  BBcan177 Moderator
                  last edited by

                  @mloiterman:

                  greping the config file still shows 'pfblockersync'.  Should that be there?

                  Thanks for pointing that out. I can't edit my original post, but please edit the script to include "pfblockersync" as follows:

                  Original

                  $removal = array("pfblocker", "pfblockerlists", "pfblockerafrica", "pfblockerantartica", "pfblockerasia", "pfblockereurope", "pfblockernorthamerica", "pfblockeroceania", "pfblockersouthamerica", "pfblockertopspammers");

                  New

                  $removal = array("pfblocker", "pfblockerlists", "pfblockerafrica", "pfblockerantartica", "pfblockerasia", "pfblockereurope", "pfblockernorthamerica", "pfblockeroceania", "pfblockersouthamerica", "pfblockertopspammers", "pfblockersync");

                  "Experience is something you don't get until just after you need it."

                  Website: http://pfBlockerNG.com
                  Twitter: @BBcan177  #pfBlockerNG
                  Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                  1 Reply Last reply Reply Quote 0
                  • G
                    glenewhittenberggmail.co
                    last edited by

                    script saved me. upgraded from 2.2.4 to 2.3.1 and pfblocker broke. Tried remove and reinstall no go. was able to get to router but not out to internet. ran script, rebooted, and all my problems are gone. Thanks!

                    1 Reply Last reply Reply Quote 0
                    • yuljkY
                      yuljk
                      last edited by

                      Just tried running this - after copying the script to my pfsense VM.

                      I ran the script from Chrome and it just outputs 'Removing pfBlocker from the pfSense Configuration file'

                      Where exactly am I executing the script from?

                      Thanks

                      1 Reply Last reply Reply Quote 0
                      • RonpfSR
                        RonpfS
                        last edited by

                        The script is outdated.

                        2.4.5-RELEASE-p1 (amd64)
                        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                        1 Reply Last reply Reply Quote 0
                        • RonpfSR
                          RonpfS
                          last edited by

                          To install or re-install pfBlockerNG 2.1.1_2
                          https://forum.pfsense.org/index.php?topic=102470.msg647719#msg647719

                          Then you can install or re-install the pfBlockerNG 2.1.1_2.
                          The install should update the MaxMind (this take 5+ minutes) and proceed to completion.

                          Then you can remove the package

                          2.4.5-RELEASE-p1 (amd64)
                          Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                          Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                          1 Reply Last reply Reply Quote 0
                          • yuljkY
                            yuljk
                            last edited by

                            Many thanks for the new fix.

                            I have attempted a new install after modifying config.inc.  However the pfBlockerng entry under my firewall menu is not visible.

                            Installation log:-

                            Installing pfSense-pkg-pfBlockerNG…
                            Updating pfSense-core repository catalogue...
                            pfSense-core repository is up-to-date.
                            Updating pfSense repository catalogue...
                            pfSense repository is up-to-date.
                            All repositories are up-to-date.
                            Checking integrity... done (0 conflicting)
                            The following 6 package(s) will be affected (of 0 checked):

                            New packages to be INSTALLED:
                            pfSense-pkg-pfBlockerNG: 2.1.1_2 [pfSense]
                            whois: 5.1.5 [pfSense]
                            GeoIP: 1.6.9 [pfSense]
                            lighttpd: 1.4.39_1 [pfSense]
                            grepcidr: 2.0 [pfSense]
                            aggregate: 1.6_1 [pfSense]

                            Number of packages to be installed: 6

                            The process will require 2 MiB more space.
                            [1/6] Installing whois-5.1.5…
                            [1/6] Extracting whois-5.1.5: …....... done
                            [2/6] Installing GeoIP-1.6.9…
                            [2/6] Extracting GeoIP-1.6.9: …....... done
                            [3/6] Installing lighttpd-1.4.39_1…
                            [3/6] Extracting lighttpd-1.4.39_1: …....... done
                            [4/6] Installing grepcidr-2.0…
                            [4/6] Extracting grepcidr-2.0: ….. done
                            [5/6] Installing aggregate-1.6_1…
                            [5/6] Extracting aggregate-1.6_1: …. done
                            [6/6] Installing pfSense-pkg-pfBlockerNG-2.1.1_2…
                            [6/6] Extracting pfSense-pkg-pfBlockerNG-2.1.1_2: …....... done
                            Saving updated package information...
                            done.
                            Loading package configuration... done.
                            Configuring package components...
                            Loading package instructions...
                            Custom commands...
                            Executing custom_php_install_command()...
                            MaxMind GeoIP databases previously downloaded.
                            Adding pfBlockerNG Widget to the Dashboard... done.
                            Remove any existing and create link for DNSBL lighttpd executable... done.
                            Creating DNSBL web server start-up script... done.
                            Upgrading Adv. Inbound firewall rule settings ... no changes required ... done.
                            Custom commands completed ... done.
                            Executing custom_php_resync_config_command()...pkg: POST-INSTALL script failed
                            Message from GeoIP-1.6.9:
                            GeoIP does not ship with the actual data files. You must download
                            them yourself! Please run:

                            /usr/local/bin/geoipupdate.sh

                            Cleaning up cache... done.
                            Success

                            Immediately after install I get a crash report:-

                            Crash report begins.  Anonymous machine information:

                            amd64
                            10.3-RELEASE-p5
                            FreeBSD 10.3-RELEASE-p5 #0 7307492(RELENG_2_3_2): Tue Jul 19 13:29:35 CDT 2016    root@ce23-amd64-builder:/builder/pfsense-232/tmp/obj/builder/pfsense-232/tmp/FreeBSD-src/sys/pfSense

                            Crash report details:

                            PHP Errors:
                            [14-Aug-2016 14:42:20 Europe/London] PHP Fatal error:  Allowed memory size of 536870912 bytes exhausted (tried to allocate 72 bytes) in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3874
                            [14-Aug-2016 14:42:20 Europe/London] PHP Stack trace:
                            [14-Aug-2016 14:42:20 Europe/London] PHP  1. {main}() /etc/rc.start_packages:0
                            [14-Aug-2016 14:42:20 Europe/London] PHP  2. sync_package() /etc/rc.start_packages:90
                            [14-Aug-2016 14:42:20 Europe/London] PHP  3. eval() /etc/inc/pkg-utils.inc:631
                            [14-Aug-2016 14:42:20 Europe/London] PHP  4. sync_package_pfblockerng() /etc/inc/pkg-utils.inc(631) : eval()'d code:3
                            [14-Aug-2016 14:42:20 Europe/London] PHP  5. file() /usr/local/pkg/pfblockerng/pfblockerng.inc:3874

                            Pfsense 2.3.2 running on ESXi 6 VM with 2GB RAM and 4vCPUs

                            Many thanks

                            1 Reply Last reply Reply Quote 0
                            • D
                              digdug3
                              last edited by

                              
                              // Set memory limit to 512M on amd64.
                              if ($ARCH == "amd64") {
                              	ini_set("memory_limit", "512M");
                              } else {
                              	ini_set("memory_limit", "256M");
                              }
                              
                              

                              You are using the AMD64 version, try to increase to 768M:

                              
                              if ($ARCH == "amd64") {
                              	ini_set("memory_limit", "768M");
                              } else {
                              	ini_set("memory_limit", "256M");
                              }
                              
                              

                              Or wait until BBCan releases the fix

                              1 Reply Last reply Reply Quote 0
                              • RonpfSR
                                RonpfS
                                last edited by

                                To increase memory_limit over 512M you also need to fix /usr/local/etc/php.ini, /etc/rc.php_ini_setup

                                2.4.5-RELEASE-p1 (amd64)
                                Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                                Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.