Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL Virtual IP: Address must be in an isolated Range that is not used in your Network

    Scheduled Pinned Locked Moved pfBlockerNG
    1 Posts 1 Posters 191 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      HolyK
      last edited by HolyK

      Hi!
      I know that similar topic is already there but mine seems a bit different...

      When i do some changes under "Firewall > pfBlockerNG > DNSBL" and hit Save i am getting following error:

      "DNSBL Virtual IP: Address must be in an isolated Range that is not used in your Network."

      As per the advice from the other topic i went to Diagnostics and executed following PHP:

      $ip_validate = where_is_ipaddr_configured('192.168.33.33', '' , true, true, '');
print_r($ip_validate);

      Output is:

      Array
(
    [0] => Array
        (
            [if] => lan
            [ip_or_subnet] => 192.168.33.33/32
        )

)

      But there is no interface configured with such IP within pfSense WEB UI. I am not using the 192.168.x.x subnets anywhere neither my VPN provider.

      On the other hand check from OS shows the the igb1 interface is configured with that IP but i guess that is the one configured by pfBlockerNG itself:

      igb1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=6500bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether 00:e0:xx:xx:c0:d5
        hwaddr 00:e0:xx:xx:c0:d5
        inet6 fe80::2e0:xxxx:xxxx:c0d5%igb1 prefixlen 64 scopeid 0x2
        inet 192.168.33.33 netmask 0xffffffff broadcast 192.168.33.33
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active

      Note that I had this issue before. I simply changed the previous IP to the current one unter DNSBL configuration and Saved. But now the situation repeats. It does not seems right.

      I am on 2.4.5-RELEASE-p1 and pfBlockerNG-devel 2.2.5_37

      @BBcan177 If you need more details, tests please let me know.

      Thanks!

      EDIT: I've exported the pfSense config and aside of the IP Alias area there are two places where the IP is defined and both seems to be relevant.

        <virtualip>
    <vip>
      <interface>lan</interface>
      <descr><![CDATA[pfB DNSBL - DO NOT EDIT]]></descr>
      <type>single</type>
      <subnet_bits>32</subnet_bits>
      <subnet>192.168.33.33</subnet>
      <mode>ipalias</mode>
    </vip>
  </virtualip>


    <pfblockerngdnsblsettings>
      <config>
        <pfb_dnsvip>192.168.33.33</pfb_dnsvip>
        <pfb_dnsport>8081</pfb_dnsport>
        <pfb_dnsport_ssl>8443</pfb_dnsport_ssl>
        <pfb_dnsbl>on</pfb_dnsbl>
        ...
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.