Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Did pfBlocker break my config.xml?

    Scheduled Pinned Locked Moved pfBlockerNG
    7 Posts 3 Posters 781 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Stewart
      last edited by

      I have a firewall that died on me today. I was able to log in via SSH and found that the config file was badly damaged. The good config file is 248K with 3227 lines of text. The bad config is 8.5K in size and is only 217 lines of text. The solution was to revert to the previous good config file. While choosing the backup to restore it shows that pfBlocker was the one making the changes. Did pfBlocker destroy the xml? How can I tell what happened?

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        What version of pfSense and pfBlockerNG?
        Were there any errors in the pfSense system.log at that timestamp?

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • S
          Stewart
          last edited by

          Sorry for the delay in replying. I'm not sure the version of pfBlockerNG but pfSense was 2.4.4-p1. It would have been whatever version was installed at the same time as we upgrade everything at the same time. There were no errors in the system log around that time.

          1 Reply Last reply Reply Quote 0
          • R
            remlei
            last edited by

            if you have IPv4/IPv6/DNBL list that downloads off the server without timestamps, every time that cron executes and checks for updates on this list and detects one of the url without timestamps, pfblocker just downloads it and treats it as a new updated list. thus it performs its usual task and update all things that include the firewall rules too, hence the config.xml changes.

            disabling the cron or just prolonging the update frequency may fix this frequent config.xml changes or just remove that list without timetamp on your pfblocker configuration.

            S 1 Reply Last reply Reply Quote 1
            • S
              Stewart @remlei
              last edited by

              @remlei

              I just had another unit have the same issue but it wasn't during a pfBlocker update. It was a "Intermediate config write during package install for Cron." At 7:36 in the morning the firewall apparently began updating something and the config file went from 222k to 8k in size. Maybe it isn't pfBlocker after all. Not sure at this point but it's getting worrisome.

              1 Reply Last reply Reply Quote 0
              • BBcan177B
                BBcan177 Moderator
                last edited by

                Do you use the pfSense ACB service?

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                S 1 Reply Last reply Reply Quote 0
                • S
                  Stewart @BBcan177
                  last edited by

                  @BBcan177 said in Did pfBlocker break my config.xml?:

                  pfSense ACB

                  As I get them upgraded to 2.4.4_3, yes. But these are not. This unit is at 2.3.4-p1. I'm hoping to have all the units upgraded by the end of the year and have ACB configured on them.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.