Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG logs

    pfBlockerNG
    4
    6
    3.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gotanbl
      last edited by

      Hello,
      I need format of pfBlockerNG-devel logs from folder /var/log/pfblockerng (dnsbl.log, ip_block.log,..).
      Does anybody know where is possible to find? I searched the web and didn't find them.
      Logs is almost fairly clear but I want to clarify!
      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • GrimsonG
        Grimson Banned
        last edited by

        Those are normal text files, just take a look at their contents.

        1 Reply Last reply Reply Quote 0
        • BBcan177B
          BBcan177 Moderator
          last edited by

          IP Log format:

          Date Timestamp,Tracker ID,Interface,Interface Name,Action,IP Version,Protocol ID,Protocol,SRC IP,DST IP,SRC Port,DST Port Direction,GeoIP,Aliasname,IP evaluated,Feed Name,Resolved Hostname,Client Hostname,ASN,Duplicate event (+/-) status

          DNSBL Log format:

          DNSBL type,Date Timestamp,Blocked domain,SRC IP,URL/Referer/URI/Agent String,DNSBL Block type,DNSBL Groupname,Evaluated Domain/TLD,Feedname,Duplicate event (+/-) status

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          S 1 Reply Last reply Reply Quote 1
          • G
            gotanbl
            last edited by

            Thanks BBcan177!

            1 Reply Last reply Reply Quote 0
            • S
              siam @BBcan177
              last edited by

              @BBcan177 Does the "+" mean it is a new event and "-" means it is a duplicate event? I'm assuming that is the case based on my log file but wanted to confirm.

              BBcan177B 1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator @siam
                last edited by

                @siam yes

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • X xantonin referenced this topic on
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.