PfBlockerNG 2.1.1_5 and issue with url/alias
-
Hi,
I took most of the list from this post https://forum.pfsense.org/index.php?topic=64674.0. I have check the logs but no major errors, only some error related to the download of some urls but that's all. Note that, all was working fine with 2.1.1_4
Thanks -
Well most of the iblocklist are stale and are know to cause trouble.
Look into the pfBlockerNG thread to find better list https://forum.pfsense.org/index.php?topic=86212.msg486648#msg486648 -
Nope.. Still have the same issue:
- Try to reinstall the package
- Try to remove the ipv4 defined list and create a brand new one with the items listed in yhe link you gave me (thanks!).
Still have the same issue.
I tried to go on command line and check what is the content (if exists) of the link and got:
[2.3.2-RELEASE][admin@fw.domain.lan]/root: curl -k https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip curl: No match.
So it seems that the pfblock list is not available in the link. But I can't really find a reason… I will try to dig deeper.
Thanks!
Romain -
Hi,
Here are the logs found in the master system logs:Dec 23 10:35:59 php-fpm 16274 /firewall_aliases_edit.php: Download file failed with status code 0\. URL: https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip Dec 23 10:35:40 php-fpm 53132 /rc.update_urltables: : pfB_badip does not need updating. Dec 23 10:35:40 php-fpm 53132 /rc.update_urltables: : Starting URL table alias updates Dec 23 10:35:16 check_reload_status Syncing firewall Dec 23 10:35:13 php-fpm 62663 /rc.update_urltables: : ERROR: could not update pfB_badip content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip Dec 23 10:35:13 php-fpm 62663 /rc.update_urltables: Download file failed with status code 0\. URL: https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip Dec 23 10:35:12 php-fpm 62663 /rc.update_urltables: : Starting URL table alias updates Dec 23 10:35:01 php-fpm 92631 /rc.filter_configure_sync: Message sent to romain.pelissier@gmail.com OK Dec 23 10:35:00 php-fpm 62663 /rc.update_urltables: : Sleeping for 12 seconds. Dec 23 10:35:00 php-fpm 62663 /rc.update_urltables: : Starting up. Dec 23 10:35:00 php-fpm 62663 /rc.update_urltables: : ERROR: could not update pfB_badip content from https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip Dec 23 10:35:00 php-fpm 62663 /rc.update_urltables: Download file failed with status code 0\. URL: https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip Dec 23 10:35:00 php-fpm 92631 /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:194: macro 'pfB_badip' not defined - The line in question reads [194]: block in log quick on $WAN reply-to ( pppoe0 10.11.18.161 ) inet from $pfB_badip to any tracker 1770009136 label "USER_RULE: pfB_badip auto rule" Dec 23 10:35:00 php-fpm 62663 /rc.update_urltables: : Starting URL table alias updates Dec 23 10:35:00 xinetd 33335 Reconfigured: new=0 old=1 dropped=0 (services) Dec 23 10:35:00 xinetd 33335 readjusting service 6969-udp Dec 23 10:35:00 xinetd 33335 Swapping defaults Dec 23 10:35:00 xinetd 33335 Starting reconfiguration Dec 23 10:34:59 check_reload_status Synching URL alias pfB_badip Dec 23 10:34:58 check_reload_status Reloading filter Dec 23 10:34:58 php /usr/local/www/pfblockerng/pfblockerng.php: The command '/sbin/ifconfig 'em1_vlan100' delete '10.10.10.1'' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address' Dec 23 10:34:58 php [pfBlockerNG] Starting cron process. Dec 23 10:34:58 check_reload_status Syncing firewall Dec 23 10:34:50 php-fpm 34331 /rc.filter_configure_sync: Message sent to romain.pelissier@gmail.com OK Dec 23 10:34:49 php-fpm 62663 /rc.update_urltables: : Sleeping for 11 seconds. Dec 23 10:34:49 php-fpm 62663 /rc.update_urltables: : Starting up. Dec 23 10:34:49 php-fpm 34331 /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:194: macro 'pfB_badip' not defined - The line in question reads [194]: block in log quick on $WAN reply-to ( pppoe0 10.11.18.161 ) inet from $pfB_badip to any tracker 1770009136 label "USER_RULE: pfB_badip auto rule" Dec 23 10:34:48 xinetd 33335 Reconfigured: new=0 old=1 dropped=0 (services) Dec 23 10:34:48 xinetd 33335 readjusting service 6969-udp Dec 23 10:34:48 xinetd 33335 Swapping defaults Dec 23 10:34:48 xinetd 33335 Starting reconfiguration Dec 23 10:34:48 check_reload_status Synching URL alias pfB_badip Dec 23 10:34:48 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable destination alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:48 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable destination alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:48 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable destination alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:48 php-fpm 60522 /rc.filter_configure_sync: Message sent to romain.pelissier@gmail.com OK Dec 23 10:34:47 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable destination alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:47 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable source alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:47 php-fpm 60522 /rc.filter_configure_sync: Message sent to romain.pelissier@gmail.com OK Dec 23 10:34:46 check_reload_status Reloading filter Dec 23 10:34:46 php-fpm 53132 /rc.update_urltables: : Sleeping for 54 seconds. Dec 23 10:34:46 php-fpm 53132 /rc.update_urltables: : Starting up. Dec 23 10:34:46 check_reload_status Syncing firewall Dec 23 10:34:45 php-fpm 60522 /rc.filter_configure_sync: New alert found: Unresolvable source alias 'pfB_badiplist' for rule 'pfB_badiplist auto rule' Dec 23 10:34:45 xinetd 33335 Reconfigured: new=0 old=1 dropped=0 (services) Dec 23 10:34:45 xinetd 33335 readjusting service 6969-udp Dec 23 10:34:45 xinetd 33335 Swapping defaults Dec 23 10:34:45 xinetd 33335 Starting reconfiguration Dec 23 10:34:45 check_reload_status Synching URL alias pfB_badip Dec 23 10:34:45 check_reload_status Syncing firewall Dec 23 10:34:44 check_reload_status Reloading filter Dec 23 10:34:44 php-fpm 34331 /pkg_edit.php: The command '/sbin/ifconfig 'em1_vlan100' delete '10.10.10.1'' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address'
They did not provide much more information. The only other strange thing is:
/pkg_edit.php: The command '/sbin/ifconfig 'em1_vlan100' delete '10.10.10.1'' returned exit code '1'
That's strange because this ip is supposed to be the one used by DNSBL which is not activated on my system…
-
Did you run a Force Update or a Force Reload when you modify the IP Feed?
Go to Firewall / pfBlockerNG / Log Browser and have a look at pfblockerng.log, error.log etc.
Look at the original IP files, Alias files etc to see if something breaks. -
Not sure why your linking to "https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_badip"???
-
This is what I have in the firewall alias definition! I have not do anything manually, this entry has been created by the package when I have created my ipv4 block list.
-
When you add a List/Feed to the IPv4 tab, you can add a URL, or a path to a file in the pfSense Box.
The link you are posting is an old remnant of the original pfBlocker package, and that link is not accessible…
So I am not certain what you are trying to accomplish?
What Lists make up your alias "badip"?
Click on the blue "i" infoblock icons for further details...
-
Hi,
I don't want to to accomplish nothing in fact, just make it works without any issues :)
Ok, let's start over the story:
there was an update to the package several week ago. I did the update. Then some warning appears in the alert notification section of pfsense. I check the warning telling me that there something wrong with my badip alias. I checked the alias definition and see that when I do an edit of the url alias there was an error.
I have tried to reinstall the package, same thing. I have then post on the forum for some help :)
-
Maybe the List description "https://forum…" breaks things , try something like plain Text :D
-
Hi,
I don't want to to accomplish nothing in fact, just make it works without any issues :)
Ok, let's start over the story:
there was an update to the package several week ago. I did the update. Then some warning appears in the alert notification section of pfsense. I check the warning telling me that there something wrong with my badip alias. I checked the alias definition and see that when I do an edit of the url alias there was an error.
I have tried to reinstall the package, same thing. I have then post on the forum for some help :)The package uses the pfSense "URLTables" functionality but doesn't require the backend pfSense code to keep these aliases updated… So that URL that you see in the Firewall Alias page, is not really needed... I will address this in the next release...
If you had an error message (Apart from trying to download that URL), post that error, and we can address that...
-
Excellent!!! Thank you so much. It 's because i didn't known if it was a normal behaviour or not :)
Thanks! I will keep an eye to see if everything seems to be fine with the update and the catch of any ip listed in the list.