pfBlockerNG firewall filter service will not start latest snapshot
-
pfblockerng-devel have his on log, check it
Firewall / pfBlockerNG / Log Browser
what i can see on my system is
root 94903 0.0 0.1 50536 2268 - I 23:02 0:00.00 /usr/local/sbin/clog_pfb -f /var/log/filter.log root 94965 0.0 1.0 59184 38968 - S 23:02 0:00.34 /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog
maybe it's not working because it still use clog and after the last update the log file are no more circular?
i personally don't use it so i don't know if it work or not but it seems to start at least to me -
As @jimp wrote in the post, that the CLOG binary would be removed I'm curious as to why the process is running after all. But I suppose pfBNG brought its own version or copy called clog_pfb? On a 2.4.4 those two (clog and clog_pfb) are identical size and date so could be hardlinked or just copied (whysoever?)
-
@JeGr i have uninstalled pfblockerng and that clog is no more so it's part of the pfblockerng package. It have its own copy
-
Did you check the file system if theres a clog_pfb binary left over? Then pfB is bringing its own (what I'm curious about as to why - and why it even has its own php?) and if that's the case the logging should still work.
The problem is/could be, that with changing the logging structure in 2.5 snapshots, @BBcan177 would have to roll out another fork package of pfBlockerNG like -snapshots for it to incorporate the changes for logging as those would not work in 2.4.4 or less (as they are still clog based). So to accomodate that it would have its log part rewritten and be incompatible with <2.5 versions and as the development is still ongoing (and not pushed to the -stable package), that would be a bit complicated.
IMHO the best course would be to push the current -stable to sth. like "-old", push -devel to -stable and then use "-devel" für development of new versions matching things like snapshots but that's not something easily done and the workload is already high for him.
-
pfblockerng_install.inc
update_status(" done.\n\nCreating Firewall filter service..."); pfb_filter_service(); stop_service('pfb_filter'); update_status(" done.\nRenew Firewall filter executables..."); unlink_if_exists('/usr/local/bin/php_pfb'); link('/usr/local/bin/php', '/usr/local/bin/php_pfb'); unlink_if_exists('/usr/local/sbin/clog_pfb'); link('/usr/local/sbin/clog', '/usr/local/sbin/clog_pfb');
i have update pfsense
reinstalled pfblockerng
i don't have /usr/local/sbin/clog
of course there isn't also /usr/local/sbin/clog_pfb
it was removed
ending with a non working pfBlockerNG
redmine https://redmine.pfsense.org/issues/9724in the meantime i'm testing this solution if it work .. from clog to tail
root 26168 0.0 0.1 10648 2264 0 S 12:01 0:00.01 /usr/bin/tail -f /var/log/filter.log
-
@kiokoman said in pfBlockerNG firewall filter service will not start latest snapshot:
of course there isn't also /usr/local/sbin/clog_pfb
Aaah so my hunch was right and he is/was using hardlinks that now won't work on current snapshots as there's no clog binary anymore. Curious though as to why he uses a hardlink at all.
But yeah, that's why the log view isn't visible at present with newer snapshots :)
-
if someone is interested he can try to modify
/usr/local/etc/rc.d/pfb_filter.shon line 38
change it from
/usr/local/sbin/clog_pfb -f /var/log/filter.log | /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog &
to
/usr/bin/tail -f /var/log/filter.log | /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog &
i can't test dnsbl as i don't have unbound but i can see that if i try to go to an ip address in the black list it will redirect
PR https://github.com/pfsense/FreeBSD-ports/pull/670
-
It appears this has been fixed in the latest PFBNG devel release.
-
-
Got same issue but in my case no error is generated, all I see is after I added to watchdog it is been started every minute in the system log, no errors, just stopping right after started.
If I check logs inside pfblockerng-devel, is no errors.
Any ideas?
What does the service even do? as the actual functionality seems fine otherwise.
2.5-snapshot, on my 2.4.5 unit it is running.