No firewall rules have been created
-
I am new to pfSense and pfBlockerNG, so sorry if this is a silly question!
I am not seeing anything in the firewall rules related to pfBlockerNG in my firewall rules. Should I see firewall rules get created for the pfBlockerNG settings or are they hidden rules?
-
What have you configured for IP settings in the package?
The general tab needs to be configured.. Ie: Interfaces selection etc
Then if you used GeoIP/IPv4/IPv6, you need to configure the Action setting configure the type of rules…After the settings are saved, goto the Update tab, and run Force Update.
Click on the Blue Infoblock icons on the pages for further help information.
-
What have you configured for IP settings in the package?
The general tab needs to be configured.. Ie: Interfaces selection etc
Then if you used GeoIP/IPv4/IPv6, you need to configure the Action setting configure the type of rules…After the settings are saved, goto the Update tab, and run Force Update.
Click on the Blue Infoblock icons on the pages for further help information.
Interface/Rule configuration:
I don't have IPv4, IPv6, or GeoIP configured yet.
DNSBL is setup with a few feeds and EasyList.
DNSBL settings:
Did a force reload, and it looks like it thinks nothing needs to be changed:
UPDATE PROCESS START [ 04/10/17 09:19:05 ] ===[ DNSBL Process ]================================================ [ EL ] exists. [ Pihole ] exists. [ DNSBL_IP ] Updating aliastable... no changes. Total IP count = 33 ===[ Continent Process ]============================================ ===[ Aliastables / Rules ]========================================== No changes to Firewall rules, skipping Filter Reload No Changes to Aliases, Skipping pfctl Update UPDATE PROCESS ENDEDThe lists seem to be enabled, I just don't have any firewall rules. There is nothing in the firewall rules, but I do see them on the Dashboard:
-
Hmmm ok… I think you may have found a bug :)
Typically most users have IP and DNSBL enabled, but I haven't tested this with no other IP4/6/GeoIP rules enabled.... Will look at that...
You can add a new IPv4 Alias with ET Block, ET Comp, and the Spamhaus drop/edrop, and that will signal the rule generation functions...
But keep in mind that DNSBL uses the DNS resolver and it doesn't create any firewall rules... The "DNSBL IP" is an IP alias that is a list of all IPs that are listed in the DNSBL feeds that can't be used in the Resolver. So that is the only part of DNSBL that needs a Firewall rule.
Also with a multi-lan segmented network, you can also add a Permit rule to allow the subnets to access the DNSBL VIP address... So that is the only other firewall rule created by DNSBL...
Thanks!
-
Thanks for finding this. This bug was also preventing any settings being applied for my OpenVPN interface. After adding one IPV4 list it now adds the appropriate firewall settings. The OpenVPN interface setting still does not show up in the interfaces under the general tab so I have to use the workaround though. Any idea why it wouldn't be there?
-
Hmmm ok… I think you may have found a bug :)
Its always the new users finding random bugs. Glad I could help out! I'll play around with the IP block lists too. I literally just got into pfSense, so I am trying to ease my way in without breaking anything.
-
So maybe I can confirm this behavior, thought it was my own stupidy. ???
pfadmin
-
I have the same problem.
No Firewall Rules shown until I create an IPv4 Alias. -
Guys i know this topic is old but, i have the exactly same problem
did you have a solution for this problem ?
-
Guys I resolved this problem uninstalled the pfBlockerNG 2.1.2_3 , after that i installed the version pfBlockerNG-devel net 2.2.1 it worked for me
