Packet Counts Not Updating in pfBlockerNG Widget
-
So I tried the recommended fix to add the blocklist name in the description and everytime i did a force reload the rule disappears. Readding the rule without any description at least allows the rule to persist, however the counter is still not working on the dashboard.
Is there any way to revert to the last dev version of pfBlockerNG prior to 3.0 release? That was working fine for me.
-
For Alias type rules, you need to prefix the Firewall rules Descriptions with "pfb_" in order for those to be reported in the Dashboard widget, and also so that they are not removed by the package.
The prefix "pfB_" is reserved for Auto type rules, and those are controlled automatically by the package.
-
@bbcan177 I added the prefix and now the rule is not being deleted on reload, however the dashboard widget is still not incrementing when I test with IPs from the list.
-
@mlines
See my post above for the patch ^^^^^ -
@bbcan177 I applied the patch from the command line, and then both reloaded and rebooted. Still not updating the counts, though the blocks appear to be working.
-
@bbcan177 Not sure if this is related, but checking /var/log/pfblockerng/, these are the only files I see listed:
dnsbl_parsed_error.log maxmind_ver
extras.log pfblockerng.log -
@mlines
If you are on pfSense 2.5, did you change the Log format to "syslog"? If so, it will only work with "BSD" format. I will address that in the upcoming versions. -
@bbcan177 I'm on 2.4.5 p1 on a SG-1100. I have changed the types from Alias Deny to Deny Both and now the counts are working for IP blocks. Still not showing for DNSBL. Continuing to investigate.
-
@bbcan177 said in Packet Counts Not Updating in pfBlockerNG Widget:
For Alias type rules, you need to prefix the Firewall rules Descriptions with "pfb_" in order for those to be reported in the Dashboard widget, and also so that they are not removed by the package.
The prefix "pfB_" is reserved for Auto type rules, and those are controlled automatically by the package.
Hi bbcan177,
I have alias deny, and the name say for example "level1" under "name/description" tab under IPv4. When I run the update it creates Alias named pfB_level1, under alias. I do not know how to change the pfB_level1 to pfb_level1. May be I am misunderstanding this. Should it be pfB_pfb_level1.
I also tried changing the "name/Description" tab to pfb_level1. The new alias created was "pfB_pfb_level1", but the counters under widget did not change.
Please let me know what am I doing wrong. I am on 2.4.5_p1
Many thanks,
Molecule -
@molykule It is not the name of IP Group Name / Description you have to change, it is the FW Rules Extra Options Description you have to prefix with "pfb_".
-
@ronpfs
Hi Ronpfs,Many thanks. So that if somebody else is lost just like me,
I have the rule as "Alias Deny" which creates the rule under Firewall -- Alias tab an Alias with the name (Example "pfB_level1"). Then under the rule I have reject, single host/alias and then pfB_level1. Then way down on the same page, under "Extra Options" in Description tab I have pfb_level1.
That starts the widget count,
thanks for all your help,
Molykule -
@molykule Click on the under Action in any IP group.
Alias' Rules: 'Alias' rules create an alias for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired.With this alias you create your own FW rules.
-
@molykule So here is what is happening for me at least (SG-1100 2.4.5p1). I add the PRI1 blocklist as Alias Deny. Add it to the WAN interface to test with reject and logging. While I do a force reload I can see the pfB_PRI1_v4 list appear on the dashboard widget and the count start to increment (as I get hammered constantly), however by the time the reload finishes the rule has disappeared from the WAN rule list, and the count is showing 0 in the widget.
-
If you set the Firewall Rule Description to start with "pfb_", it will not be removed by the package.
Maybe send a screenshot of where you are putting the Description. -
@bbcan177 So if I set the description to "pfb_....", the rule is not deleted however it does not increment the count. If I set the description to "pfB_", the count is incremented during the reload but then the rule is deleted at the end of the reload.
-
@mlines - if the name of the IP list for Alias Deny is pfB_PRI1_v4, make sure that the description of the firewall that uses this pfBlockerNG alias starts with "pfb_" (note the small "b"). So for instance, you could put pfb_PRI1_v4 as the only text into the firewall rule description, and the counter in the widget should start to work (again, note the the small "b"). Hope this helps.
-
@tman222 Thanks - I can do that and the rule will not be deleted, however the dashboard counter no longer works.
-
-
Leave the Firewall Rule Description prefix with "pfb_"
-
Then download the patched file:
curl -o /usr/local/www/widgets/widgets/pfblockerng.widget.php "https://gist.githubusercontent.com/BBcan177/22a3c6b6fe9b7b5f7415dfaa189c49a4/raw"
-
-
@bbcan177 Ok, I think I have it (and to be clear for everyone else). Apply the patch as described above. Then, make the rule description the same as the Alias List name, except use a small b instead of a capital B.
For example, when adding the PRI1 feed as Alias Deny, the resultant Alias name will be pfB_PRI1_v4. When adding a rule that uses this Alias, set the description to "pfb_PRI1_v4". Do not customize or otherwise change the description (my mistake).
-
@mlines said in Packet Counts Not Updating in pfBlockerNG Widget:
@bbcan177 Ok, I think I have it (and to be clear for everyone else). Apply the patch as described above. Then, make the rule description the same as the Alias List name, except use a small b instead of a capital B.
For example, when adding the PRI1 feed as Alias Deny, the resultant Alias name will be pfB_PRI1_v4. When adding a rule that uses this Alias, set the description to "pfb_PRI1_v4". Do not customize or otherwise change the description (my mistake).
Hi @mlines - as I understand it, it should work as long as the firewall description starts with "pfb_". So for instance, if you had the firewall rule description as something like "pfb_PRI1_v4 alias to deny xyz traffic" the widget counter should still work. Hope this helps.
