Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Finally found the bug!

    pfBlockerNG
    2
    3
    330
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Heracles31
      last edited by

      Hi,

      My first network-wide anti-adware solution was PI-Hole. I moved to pfBlockerNG and used it during a little while for blacklisting IPs based on location. Overall, I preferred my old PI-Hole, so I moved back to it and removed pfBlockerNG.

      For now months, I was unable to turn DHCP On on two of my subnets at the same time. Either one or the other was OK, but should I try to have it on both, pfSense refused saying that VMX4 was overlapping with another subnet (VMX4 matches multiple shared networks).

      Of course, I verified a million times that there were no typos or mistakes in my subnets / ranges / pools / etc.. This weekend, I chose to fix that once and for all. I went in the CLI and searched for the conflict in the text files. No luck...

      I then re-addressed one of the segment to a different range. It worked and DHCP served both.
      I then extended the the other segment to take back the space freed by the other. It failed but this time with a much more interesting error message : Pool can not include existing interface IP 172.24.128.209.

      None of my interface had that IP according to the WebUI (dashboard or reviewing each interface manually). Still, in the diagnosis tool, the PING test to that IP worked and I received the replies. Went to the CLI again and indeed, VMX4 had 2 IP Addresses : its legitimate one and that .209 IP that did not show anywhere in the WebUI.

      I searched for it in all the config files and found it : it is a leftover from pfBlockerNG in /conf/config.xml. I deleted the <virtualip> section corresponding to it and Bingo!

      So clearly, there is something missing in the removal of pfBlockerNG and not all config files are properly cleaned when doing so.

      Hope this will be fixed and that this message may save time to others...

      1 Reply Last reply Reply Quote 1
      • viktor_gV
        viktor_g Netgate
        last edited by

        Please create a bug report at https://redmine.pfsense.org/

        See https://docs.netgate.com/pfsense/en/latest/development/bug-reports.html

        1 Reply Last reply Reply Quote 0
        • H
          Heracles31
          last edited by

          @viktor_g said in Finally found the bug!:

          https://docs.netgate.com/pfsense/en/latest/development/bug-reports.html

          I can sure do that...

          Bug ID #10983

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.