pfBlockerNG-devel 2.2.5_17: IP Alerts list (Deny) not showing alerts
-
Hello; On pfBlockerNG-devel, version 2.2.5_17(and 2.2.5_17) never showed within IP Alerts (Deny) any IP List on a fresh install of pfSense 2.4.4-RELEASE (amd64) .
I did reboot the router; and did restart both :
pfb_dnsbl pfBlockerNG DNSBL service
pfb_filter pfBlockerNG firewall filter serviceI do not know if the IPs are blocked, or just the list not showing.
How to verify that IPs addresses are blocked, from the feeds; and how to have the list to show them?
Thanx
-
@aritus any errors in the pfblockerng.log? I assume that you enabled logging for these IP Aliases?
-
Hello BBcan177; nothing specific within pfblockerng.log as error; only about downloading a rule or so).
-
I did try to uninstall (for a re-install) pfBlockerNG-devel, version 2.2.5_17 ; and the dialogue shows :Please wait while the update system initializes"; No more lines were generated (Same with 2.2.5_16 did happen); yet the package looks like got uninstalled when I check Packages page.
-
Did reboot pfSense router; and re-install 2.2.5_17 package; no errors like 2.2.5_16 I saw before:
"PHP errors
PHP ERROR: Type: 1, File: /usr/local/pkg/pfblockerng/pfblockerng_install.inc, Line: 232, Message: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/pfblockerng/pfblockerng_install.inc:232 Stack trace: #0 /etc/inc/pkg-utils.inc(768) : eval()'d code(1): include_once() #1 /etc/inc/pkg-utils.inc(768): eval() #2 /etc/inc/pkg-utils.inc(854): eval_once('include_once('/...') #3 /etc/rc.packages(74): install_package_xml('pfBlockerNG-dev...') #4 {main} thrown @ 2018-09-30 22:46:16"-
Restarted both services:
pfb_dnsbl pfBlockerNG DNSBL service
pfb_filter pfBlockerNG firewall filter service -
No IP List shows up.
I am not very fluent with pfSense setup; I could have missed a setting; the more details you do give me on how to troubleshoot, the better it is. I don't mind neither sharing the logs (be detailed on obtaining them) since I might miss on what could be a clue.
Below, is an image of the IPv4 IP feeds I did add:
When you say 'I assume that you enabled logging for these IP Aliases?' is there a check mark I need to make sure it is ticked?
Thank you for your help, and the program : )
-
-
Here are the re-install logs:
"Loading package instructions...
Custom commands...
Executing custom_php_install_command()...
MaxMind GeoIP databases previously downloaded.
Adding pfBlockerNG Widget to the Dashboard... done.
Creating Firewall filter service... done.
Remove any existing and create links for Firewall filter executables... done.
Starting Firewall filter Service... done.
Creating DNSBL service... done.
Remove any existing and create link for DNSBL lighttpd executable... done.
Creating DNSBL web server config ... done.
Creating DNSBL Certificate... done.
Starting DNSBL Service... done.
Upgrading Adv. Inbound firewall rule settings ... no changes required ... done.
Upgrading OpenVPN/IPSec interface selections... no changes required ... done.
Upgrading EasyList/Easyprivacy category settings... no changes required ... done.
Upgrading Proofpoint/ET IQRisk settings... no changes required ... done.
Upgrading General Tab -> IP Tab settings... no changes required ... done.
Upgrading pfBlockerNGSuppress Alias -> IPv4 Suppression Customlist... no changes required ... done.
Custom commands completed ... done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.
Message from lua52-5.2.4:===> NOTICE:
The lua52 port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:https://bugs.freebsd.org/bugzilla
More information about port maintainership is available at:
https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port
Cleaning up cache... done.
Success" -
Take a look at pfblockerNG.log in Firewall / pfBlockerNG / Log Browser
Did you go to Firewall / pfBlockerNG / Update and did a Force Reload All ?
One thing that may fix some issues is to go to General, IP and DNSBL tab and click on Save settings. Then run a Force Reload All
-
IP Deny List is generating at this moment !
It could had been a setting I did miss on the IP Configuration page:
Firewall / npfBlockerNG / IPAt "IP Interface/Rules Configuration" browser I did highlight both (WAN & LAN) options (both since frankly I don't know which to choose) at:
- Inbound Firewall Rules
- Outbound Firewall Rules
Then I did follow your steps to "Force Reload"
I do apologize for error on my side, in setting up pfBlockerNG; I hope this will help someone else too.
Thank you BBcan177 & RonpfS for your help and time on this.
Thank you
-
@aritus On my box I have selected WAN for Inbound, and LAN for Outbound.
