pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!

havastamas · Jan 2, 2020, 6:12 PM

@NogBadTheBad im using pfBlockerNG-devel 2.2.5_27 version, but i cant see the update in the package manager.

NogBadTheBad · Jan 2, 2020, 6:19 PM

@havastamas

login-to-view

Maybe wait a short while.

mcury · Jan 2, 2020, 6:20 PM

I just updated, already put my license key and it's working.

havastamas · Jan 2, 2020, 6:31 PM

@NogBadTheBad Maybe because im using 2.4.x development version? (2.4.5?)

dragoangel · Jan 2, 2020, 8:18 PM

Their cloudflare antiddos such pain. Doesn't know why but it has half hour to register. Auch

NogBadTheBad · Jan 2, 2020, 9:01 PM

@havastamas

Maybe.

SteveITS · Jan 2, 2020, 11:19 PM

They mention "up to 25 keys"...do you happen to know if we need a separate key for each router, if we have more than one?

dragoangel · Jan 2, 2020, 11:25 PM

@teamits it's more about control over your account API usage. So it up to you to decide how much control you need. 1 key per software or 1 key per hardware instance or one key for all. If you directly know where you use it fine. When time is come to rotate the keys you want not to miss where you was used them :)

dougs · Jan 3, 2020, 12:07 AM

So I went ahead and installed pfBlockerNG 2.1.4_19 on my pfsense 2.4.4-RELEASE-p3 machine and signed up for an account with MaxMind and obtained a license key. I started downloading from MaxMind and am running into an issue with extracting data from the tarred database.

 UPDATE PROCESS START [ 01/02/20 15:29:54 ]

===[  DNSBL Process  ]================================================

  DNSBL: Flush DNSBL_IP
Clearing all DNSBL Feeds...  completed
Validating database... completed
Reloading Unbound.... completed
DNSBL update [ 0 | PASSED  ]... completed [ 01/02/20 15:29:55 ]
------------------------------------------

===[  Continent Process  ]============================================

MaxMind Database downloading and processing ( approx 4MB ) ... Please wait ...

Download Process Starting [ 01/02/20 15:29:55 ]
 /usr/local/share/GeoIP/GeoLite2-Country.tar.gz		200 OK
. /usr/local/share/GeoIP/GeoLite2-Country-CSV.zip		200 OK
.tar: Failed to set default locale
tar: Failed to set default locale

Download Process Ended [ 01/02/20 15:29:56 ]

Country code update Start
 [ MAXMIND UPDATE FAIL, Language File Missing, using previous Country code database ]
 Creating pfBlockerNG Continent XML files
 IPv4 Africa			
grep: /usr/local/share/GeoIP/cc/Africa_v4.txt: No such file or directory
 IPv6 Africa			
grep: /usr/local/share/GeoIP/cc/Africa_v6.txt: No such file or directory
 IPv4 Antarctica		
grep: /usr/local/share/GeoIP/cc/Antarctica_v4.txt: No such file or directory
 IPv6 Antarctica		
grep: /usr/local/share/GeoIP/cc/Antarctica_v6.txt: No such file or directory
 IPv4 Asia			
grep: /usr/local/share/GeoIP/cc/Asia_v4.txt: No such file or directory
 IPv6 Asia			
grep: /usr/local/share/GeoIP/cc/Asia_v6.txt: No such file or directory
 IPv4 Europe			
grep: /usr/local/share/GeoIP/cc/Europe_v4.txt: No such file or directory
 IPv6 Europe			
grep: /usr/local/share/GeoIP/cc/Europe_v6.txt: No such file or directory
 IPv4 North America		
grep: /usr/local/share/GeoIP/cc/North_America_v4.txt: No such file or directory
 IPv6 North America		
grep: /usr/local/share/GeoIP/cc/North_America_v6.txt: No such file or directory
 IPv4 Oceania			
grep: /usr/local/share/GeoIP/cc/Oceania_v4.txt: No such file or directory
 IPv6 Oceania			
grep: /usr/local/share/GeoIP/cc/Oceania_v6.txt: No such file or directory
 IPv4 South America		
grep: /usr/local/share/GeoIP/cc/South_America_v4.txt: No such file or directory
 IPv6 South America		
grep: /usr/local/share/GeoIP/cc/South_America_v6.txt: No such file or directory
 IPv4 Proxy and Satellite	
grep: /usr/local/share/GeoIP/cc/Proxy_and_Satellite_v4.txt: No such file or directory
 IPv6 Proxy and Satellite	
grep: /usr/local/share/GeoIP/cc/Proxy_and_Satellite_v6.txt: No such file or directory
 IPv4 TOP 20			
grep: /usr/local/share/GeoIP/cc/Top_20_v4.info: No such file or directory
 IPv6 TOP 20			
grep: /usr/local/share/GeoIP/cc/Top_20_v6.info: No such file or directory
 pfBlockerNG Reputation Tab
Country Code Update Ended



===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

 UPDATE PROCESS ENDED [ 01/02/20 15:29:56 ]

[2.4.4-RELEASE][admin@host.example.org]/usr/local/share/GeoIP: ls -la
total 24332
drwxr-xr-x   3 root  wheel       512 Jan  2 14:49 .
drwxr-xr-x  44 root  wheel      1024 Jan  2 14:42 ..
-rw-r--r--   1 root  wheel  16645188 Dec 31 08:32 GeoLite2-Country-CSV.zip.orig
-rw-r--r--   1 root  wheel   1981295 Jan  2 15:29 GeoLite2-Country-CSV.zip.raw
-rw-r--r--   1 root  wheel   4034560 Dec 31 08:32 GeoLite2-Country.tar.gz.orig
-rw-r--r--   1 root  wheel   2044326 Jan  2 15:29 GeoLite2-Country.tar.gz.raw
drwxr-xr-x   2 root  wheel       512 Jan  2 14:42 cc
[2.4.4-RELEASE][admin@host.example.org]/usr/local/share/GeoIP: cd cc
[2.4.4-RELEASE][admin@host.example.org]/usr/local/share/GeoIP/cc: ls -la
total 8
drwxr-xr-x  2 root  wheel  512 Jan  2 14:42 .
drwxr-xr-x  3 root  wheel  512 Jan  2 14:49 ..
[2.4.4-RELEASE][admin@host.example.org]/usr/local/share/GeoIP/cc:

It appears the files have been downloaded but not untarred. The error appears to have to do with setting up the default locale for the tar command. The language on pfsense is set to English and so is MaxMind localization language. What do I need to do to fix this?

~Doug

BBcan177 · Jan 3, 2020, 12:30 AM

@dougs
Can you try uninstalling pfBlockerNG and trying pfBlockerNG-devel?

dougs · Jan 3, 2020, 12:40 AM

@BBcan177
Uninstalled pfBlockerNG and installed pfBlockerNG-devel 2.2.5_28. Ran update as follows:

 UPDATE PROCESS START [ 01/02/20 16:36:16 ]

===[  DNSBL Process  ]================================================

Saving DNSBL database... completed

Clearing all DNSBL Feeds completed
Reloading Unbound Resolver..... completed
DNSBL update [ 0 | PASSED  ]... completed
------------------------------------------------------------------------

===[  GeoIP Process  ]============================================

MaxMind Database downloading and processing ( approx 4MB ) ... Please wait ...

Download Process Starting [ 01/02/20 16:36:16 ]
 /usr/local/share/GeoIP/GeoLite2-Country.tar.gz		200 OK
 /usr/local/share/GeoIP/GeoLite2-Country-CSV.zip		200 OK
Download Process Ended [ 01/02/20 16:36:17 ]

Country code update Start
 Processing ISO IPv4 Continent/Country Data
 Processing ISO IPv6 Continent/Country Data [ 01/02/20 16:36:23 ]
 Creating pfBlockerNG Continent PHP files
 IPv4 Africa			 [ 01/02/20 16:36:24 ]
 IPv6 Africa			 [ 01/02/20 16:36:25 ]
 IPv4 Antarctica		
 IPv6 Antarctica		
 IPv4 Asia			
 IPv6 Asia			
 IPv4 Europe			
 IPv6 Europe			 [ 01/02/20 16:36:27 ]
 IPv4 North America		
 IPv6 North America		 [ 01/02/20 16:36:28 ]
 IPv4 Oceania			
 IPv6 Oceania			 [ 01/02/20 16:36:29 ]
 IPv4 South America		
 IPv6 South America		
 IPv4 Proxy and Satellite	
 IPv6 Proxy and Satellite	
 IPv4 Top Spammers		
 IPv6 Top Spammers		
 pfBlockerNG Reputation Tab
Country Code Update Ended



===[  IPv4 Process  ]=================================================

[ DNSBLIP_v4 ]			 Downloading update [ 01/02/20 16:36:29 ] .
[ DNSBLIP_v4 ] file_get_contents(/var/db/pfblockerng/DNSBLIP_v4.txt): failed to open stream: No such file or directory


 [ pfB_DNSBLIP_v4 - DNSBLIP_v4 ] Download FAIL
   Local File Failure


The Following List has been REMOVED [ DNSBLIP_v4 ]


===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

 UPDATE PROCESS ENDED

Looks like an error with DNSBLIP?

~Doug

BBcan177 · Jan 3, 2020, 1:03 AM

OK I found the issue with pfBlockerNG and the "tar" error.

I posted a fix here (v. 2.1.4_20)
https://github.com/pfsense/FreeBSD-ports/pull/742/files

Would still recommend that everyone move to pfBlockerNG-devel. Will be ending pfBlockerNG version soon.

The DNSBL Error might be fixed with a "Force Reload - All"

Sergei_Shablovsky · Jan 4, 2020, 1:10 AM

Let's to note that another one great DB exist ip2location company.
Like in MaxMind for end user there are free DB to download.

Making_sense_of_pfSense · Jan 5, 2020, 10:03 PM

Thank you so much!

chudak · Jan 6, 2020, 5:01 PM

@mcury said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

I just updated, already put my license key and it's working.

How do you know it worked?

I am on pfBlockerNG-devel 2.2.5_28, added MaxMind License Key, ran update and reload, but when look at
ls -lah /usr/local/share/GeoIP/
my files dated Dec 3 2019

Did it work ?

provels · Jan 6, 2020, 5:08 PM

@chudak Probably "working" in that it no longer throws the error. MaxMind updates their data first Tuesday of every month, but pfBNG doesn't until the following Thursday in case there's a delay. Check again on the 9th. If I'm incorrect please let me know.

chudak · Jan 6, 2020, 5:07 PM

@provels
Will do, thx

jdeloach · Jan 6, 2020, 5:24 PM

@chudak said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

@mcury said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

I just updated, already put my license key and it's working.

How do you know it worked?

I am on pfBlockerNG-devel 2.2.5_28, added MaxMind License Key, ran update and reload, but when look at
ls -lah /usr/local/share/GeoIP/
my files dated Dec 3 2019

Did it work ?

You can run the following from the command prompt to see if it updates:
"php /usr/local/www/pfblockerng/pfblockerng.php dc", copy and paste without the quotes.

mcury · Jan 6, 2020, 5:25 PM

@chudak I'm using 2.4.4p3 with pfBlocker-NG-devel 2.2.5_28

Check if the files downloaded from maxmind are located at:

ls -lah /usr/local/share/GeoIP/

Check the logs during the maxmind download, as you can see, it downloaded a 4MB database file.

**Saving configuration [ 01/05/20 12:32:23 ]**

MaxMind Database downloading and processing ( approx 4MB ) ... Please wait ...

Download Process Starting [ 01/05/20 12:32:24 ]
 /usr/local/share/GeoIP/GeoLite2-Country.tar.gz		200 OK
 /usr/local/share/GeoIP/GeoLite2-Country-CSV.zip		200 OK
Download Process Ended [ 01/05/20 12:32:28 ]

Country code update Start
 Processing ISO IPv4 Continent/Country Data [ 01/05/20 12:32:31 ]
 Processing ISO IPv6 Continent/Country Data [ 01/05/20 12:33:08 ]
 Creating pfBlockerNG Continent PHP files
 IPv4 Africa			 [ 01/05/20 12:33:18 ]
 IPv6 Africa			 [ 01/05/20 12:33:19 ]
 IPv4 Antarctica		
 IPv6 Antarctica		
 IPv4 Asia			
 IPv6 Asia			 [ 01/05/20 12:33:22 ]
 IPv4 Europe			 [ 01/05/20 12:33:23 ]
 IPv6 Europe			 [ 01/05/20 12:33:33 ]
 IPv4 North America		 [ 01/05/20 12:33:35 ]
 IPv6 North America		 [ 01/05/20 12:33:42 ]
 IPv4 Oceania			 [ 01/05/20 12:33:44 ]
 IPv6 Oceania			
 IPv4 South America		
 IPv6 South America		 [ 01/05/20 12:33:45 ]
 IPv4 Proxy and Satellite	 [ 01/05/20 12:33:46 ]
 IPv6 Proxy and Satellite	
 IPv4 Top Spammers		
 IPv6 Top Spammers		
 pfBlockerNG Reputation Tab
Country Code Update Ended

chudak · Jan 6, 2020, 5:26 PM

@jdeloach said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

@chudak said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

@mcury said in pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!:

I just updated, already put my license key and it's working.

How do you know it worked?

I am on pfBlockerNG-devel 2.2.5_28, added MaxMind License Key, ran update and reload, but when look at
ls -lah /usr/local/share/GeoIP/
my files dated Dec 3 2019

Did it work ?

You can run the following from the command prompt to see if it updates:
"php /usr/local/www/pfblockerng/pfblockerng.php dc", copy and paste without the quotes.

yup that worked, thx !