PfBlockerNG
-
If you use the ZFS file system (If you do a full reload) It will work just fine. If you just upgrade or re-install with the UFS file system, then pfBlockerNG will lock up the system with a 502 bad gateway error.
https://forum.pfsense.org/index.php?topic=137103.0
In that thread there is a current work around, but like BBcan stated, if you do the work around your widget will not update properly.
BreeOge
-
I wanted to chime in here as I just updated from a month old RC to 2.4.0-RELEASE last night and ran into this problem today.
I haven't read through all of the many pages of the many threads that seem related to this issue (show how popular pfBNG is!), so maybe this has already been covered.
But I've seen several people state that this doesn't happen on ZFS - I have a raidz2 ZFS install, and this happened to me, just throwing that out there.
-
I wanted to chime in here as I just updated from a month old RC to 2.4.0-RELEASE last night and ran into this problem today.
I haven't read through all of the many pages of the many threads that seem related to this issue (show how popular pfBNG is!), so maybe this has already been covered.
But I've seen several people state that this doesn't happen on ZFS - I have a raidz2 ZFS install, and this happened to me, just throwing that out there.
That is good to know. Thank you for the report. BBcan177 is currently updating it to use SQLlite and this should fix any issues in the future. In the other thread there is a temp fix posted..
https://forum.pfsense.org/index.php?topic=137103.75
Thank you
BreeOge -
Looks like there is an update available in the package manager. Where can one find release notes for the new version? I'm wondering if this has the fix in it.
-
Looks like there is an update available in the package manager. Where can one find release notes for the new version? I'm wondering if this has the fix in it.
https://github.com/pfsense/FreeBSD-ports/commit/fe101279ac400e2794fa27780f020c0bbe1c8caa
https://github.com/pfsense/FreeBSD-ports/pull/424 -
Looks like there is an update available in the package manager. Where can one find release notes for the new version? I'm wondering if this has the fix in it.
https://github.com/pfsense/FreeBSD-ports/commit/fe101279ac400e2794fa27780f020c0bbe1c8caa
https://github.com/pfsense/FreeBSD-ports/pull/424Has it fix the issue??
-
Looks like there is an update available in the package manager. Where can one find release notes for the new version? I'm wondering if this has the fix in it.
https://github.com/pfsense/FreeBSD-ports/commit/fe101279ac400e2794fa27780f020c0bbe1c8caa
https://github.com/pfsense/FreeBSD-ports/pull/424Has it fix the issue??
No. That update was initiated 18 days ago and is unrelated to the current issue.
-
We are currently testing a fix, if all goes well you should see an update soon.
-
I am going to make a PR shortly to hopefully fix this issue….
You could download these two files from my Github gist to get the updated code:
fetch -o /usr/local/www/pfblockerng/www/index.php "https://gist.githubusercontent.com/BBcan177/9f9c8e62b166cee07ad16cd4ff59103c/raw" fetch -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7ff15715be0f02afdbe0a00c676aedce/raw"You will need to restart the DNSBL Service for this to take effect.
A reboot is not required, but would be recommended.
-
We are currently testing a fix, if all goes well you should see an update soon.
https://forum.pfsense.org/index.php?topic=137103.msg756625#msg756625
-
I have get 502 Bad Gateway and use pfsense 2.4.0 pfblockerng 2.1.2
How to fix it? -
Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands?
root 81266 0.0 0.0 13084 2780 - D 19:50 0:00.00 sh -c /usr/bin/grep -l ' "dmd\\.metaservices\\.microsoft\\.com 60 IN A' /var/db/pfblockerng/dnsblalias/* root 81779 0.0 0.0 13084 2780 - D 19:51 0:00.00 sh -c /usr/bin/grep -l ' "rules\\.quantcount\\.com 60 IN A' /var/db/pfblockerng/dnsblalias/* root 82010 0.0 0.0 13084 2780 - D 19:51 0:00.00 sh -c /usr/bin/grep -l ' "rules\\.quantcount\\.com 60 IN A' /var/db/pfblockerng/dnsblalias/*pfSense GUI was also seized up once more.
pkill, killall, and other assorted commands all fail to kill the commands running above.
Shell is accessible (otherwise, how would i be able to post the above code block!) :D
Additional running services are also inaccessible; ntopng, OpenVPN. Fairly certain the box has all the latest packages/updates installed.
-
@BrettC:
Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands?
No the quote is used in the grep command to find an exact match starting with the first quotation mark in the line… The 502 error is being worked on... The upcoming release doesn't seem to be affected by this and will hopefully be released shortly... Stay tuned!
-
Ok, thank you so much
-
Good afternoon friends this message arrives all the time,
and when I restart pfsense the internet does not work I need to disable pfblocker save, then the internet works again, activate pfblocker again. every time I restart pfsense and need to do this.
Any solution ? -
Another thing I am not using DNSBL.
-
@EdIlS0N-LiMa
Did you run a Force Update All, increase?@BBcan177 said in pfBlockerNG errors when GoeIP enabled:
In pfSense > System > Advanced > Firewall & NAT > "Firewall Maximum Table Entries"
The package should default that to "2000000" entries.
Follow that with a Filter Reload
-
@RonpfS Thank you friend it worked.
-
This post is deleted! -
@breeoge said in PfBlockerNG:
I wanted to chime in here as I just updated from a month old RC to 2.4.0-RELEASE last night and ran into this problem today.
I haven't read through all of the many pages of the many threads that seem related to this issue (show how popular pfBNG is!), so maybe this has already been covered.
But I've seen several people state that this doesn't happen on ZFS - I have a raidz2 ZFS install, and this happened to me, just throwing that out there.
That is good to know. Thank you for the report. BBcan177 is currently updating it to use SQLlite and this should fix any issues in the future. In the other thread there is a temp fix posted..
https://create.vista.com/colors/palettes/
Thank you
BreeOgeHello my friend. Many thanks to Bbcan177 for keeping the report up to date. as a result of this, in principle, the given problems are corrected.
