pfBlocker GeoIP Not Working
-
I had a similar issue after upgrading to 2.4.5 this weekend. pfBlocker had not had a max mind key before the update as it was an old version. I let the package update during the pfSense upgrade. I entered the maxmind key and ran an update in pfB but that didn't help. Ultimately I had to make a firewall rule change to get it to accept the GeoIP aliases. I suppose I could have just rebooted or done a filter reload too. Try either of those and see if it helps.
-
Unfortunately, that did not work for me. I did a filter reload, tried adding a new firewall rule, and rebooted. I also verified the maxmind key is being correctly pulled based off of the 'last used' field on the maxmind site.
-
I have the same problem.
Any solution ?
-
@econ said in pfBlocker GeoIP Not Working:
Unfortunately, that did not work for me. I did a filter reload, tried adding a new firewall rule, and rebooted. I also verified the maxmind key is being correctly pulled based off of the 'last used' field on the maxmind site.
You probably need to force Maxmind to update.
Run this command from the command prompt to force Maxmind to update: php /usr/local/www/pfblockerng/pfblockerng.php dc . This should force the Maxmind.com database to update.
-
It worked, thanks !
Just for those who are struggling: I had to put this command, including the quotes in the PHP window:
"/usr/local/www/pfblockerng/pfblockerng.php dc"
-
I'm running pfsense version 2.4.5-RELEASE-p1 (amd64) & pfBlockerNG-devel 2.2.5_33
Any idea how to get this IP stats to show up on the widget? I ran this command ( php /usr/local/www/pfblockerng/pfblockerng.php dc) to manually force Maxmind to update. Is it supposed to update on its own if you have a license key? This widget has never updated correctly for me for IP. I see this in the update log though [ pfB_Top_v4 ] Removed 6 state(s) for [ 178.xxx.xxx.xxx ]
-
This is what I have:
It is also a bit obscure to me what the IP count is, but I have never investigated in-depth.
-
I dont get any numbers in that field at all
-
This is what I have when I hover:
I guess it depends on the config of the IP tab. All my combos are set to default.
-
Now its working after I increased the Maximum Firewall entries from 400000 to 950000. This option is under the: System-->Advanced-->Firewall & Nat area.
-
Firewall Maximum Table Entries
is already at 3M on mine.Very strange that you have Block & Reject packets under IP and that I don't have any... it probably depends on the config & the firewall rules...
-
Oh wow 3 million. What does your GeoIP settings look like? I have deny inbound on everything and North America Disabled
-
This is what I have. I am now thinking that perhaps I should change to "deny inbound" instead of "disabled" ? (I want to block those of course)
In Europe, I allow 2 countries.
-
@Alex99 Yeah change that to deny and you will probably see your counter go up, I'm going to try that with North America (allow inbound) as well just to test.
This is probably a better approach than blocking all the countries: Pfblocker … is this normal after 3 hours of uptime