Packet Counts Not Updating in pfBlockerNG Widget
-
@bbcan177 I added the prefix and now the rule is not being deleted on reload, however the dashboard widget is still not incrementing when I test with IPs from the list.
-
@mlines
See my post above for the patch ^^^^^ -
@bbcan177 I applied the patch from the command line, and then both reloaded and rebooted. Still not updating the counts, though the blocks appear to be working.
-
@bbcan177 Not sure if this is related, but checking /var/log/pfblockerng/, these are the only files I see listed:
dnsbl_parsed_error.log maxmind_ver
extras.log pfblockerng.log -
@mlines
If you are on pfSense 2.5, did you change the Log format to "syslog"? If so, it will only work with "BSD" format. I will address that in the upcoming versions. -
@bbcan177 I'm on 2.4.5 p1 on a SG-1100. I have changed the types from Alias Deny to Deny Both and now the counts are working for IP blocks. Still not showing for DNSBL. Continuing to investigate.
-
@bbcan177 said in Packet Counts Not Updating in pfBlockerNG Widget:
For Alias type rules, you need to prefix the Firewall rules Descriptions with "pfb_" in order for those to be reported in the Dashboard widget, and also so that they are not removed by the package.
The prefix "pfB_" is reserved for Auto type rules, and those are controlled automatically by the package.
Hi bbcan177,
I have alias deny, and the name say for example "level1" under "name/description" tab under IPv4. When I run the update it creates Alias named pfB_level1, under alias. I do not know how to change the pfB_level1 to pfb_level1. May be I am misunderstanding this. Should it be pfB_pfb_level1.
I also tried changing the "name/Description" tab to pfb_level1. The new alias created was "pfB_pfb_level1", but the counters under widget did not change.
Please let me know what am I doing wrong. I am on 2.4.5_p1
Many thanks,
Molecule -
@molykule It is not the name of IP Group Name / Description you have to change, it is the FW Rules Extra Options Description you have to prefix with "pfb_".
-
@ronpfs
Hi Ronpfs,Many thanks. So that if somebody else is lost just like me,
I have the rule as "Alias Deny" which creates the rule under Firewall -- Alias tab an Alias with the name (Example "pfB_level1"). Then under the rule I have reject, single host/alias and then pfB_level1. Then way down on the same page, under "Extra Options" in Description tab I have pfb_level1.
That starts the widget count,
thanks for all your help,
Molykule -
@molykule Click on the under Action in any IP group.
Alias' Rules: 'Alias' rules create an alias for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired.With this alias you create your own FW rules.
-
@molykule So here is what is happening for me at least (SG-1100 2.4.5p1). I add the PRI1 blocklist as Alias Deny. Add it to the WAN interface to test with reject and logging. While I do a force reload I can see the pfB_PRI1_v4 list appear on the dashboard widget and the count start to increment (as I get hammered constantly), however by the time the reload finishes the rule has disappeared from the WAN rule list, and the count is showing 0 in the widget.
-
If you set the Firewall Rule Description to start with "pfb_", it will not be removed by the package.
Maybe send a screenshot of where you are putting the Description. -
@bbcan177 So if I set the description to "pfb_....", the rule is not deleted however it does not increment the count. If I set the description to "pfB_", the count is incremented during the reload but then the rule is deleted at the end of the reload.
-
@mlines - if the name of the IP list for Alias Deny is pfB_PRI1_v4, make sure that the description of the firewall that uses this pfBlockerNG alias starts with "pfb_" (note the small "b"). So for instance, you could put pfb_PRI1_v4 as the only text into the firewall rule description, and the counter in the widget should start to work (again, note the the small "b"). Hope this helps.
-
@tman222 Thanks - I can do that and the rule will not be deleted, however the dashboard counter no longer works.
-
-
Leave the Firewall Rule Description prefix with "pfb_"
-
Then download the patched file:
curl -o /usr/local/www/widgets/widgets/pfblockerng.widget.php "https://gist.githubusercontent.com/BBcan177/22a3c6b6fe9b7b5f7415dfaa189c49a4/raw"
-
-
@bbcan177 Ok, I think I have it (and to be clear for everyone else). Apply the patch as described above. Then, make the rule description the same as the Alias List name, except use a small b instead of a capital B.
For example, when adding the PRI1 feed as Alias Deny, the resultant Alias name will be pfB_PRI1_v4. When adding a rule that uses this Alias, set the description to "pfb_PRI1_v4". Do not customize or otherwise change the description (my mistake).
-
@mlines said in Packet Counts Not Updating in pfBlockerNG Widget:
@bbcan177 Ok, I think I have it (and to be clear for everyone else). Apply the patch as described above. Then, make the rule description the same as the Alias List name, except use a small b instead of a capital B.
For example, when adding the PRI1 feed as Alias Deny, the resultant Alias name will be pfB_PRI1_v4. When adding a rule that uses this Alias, set the description to "pfb_PRI1_v4". Do not customize or otherwise change the description (my mistake).
Hi @mlines - as I understand it, it should work as long as the firewall description starts with "pfb_". So for instance, if you had the firewall rule description as something like "pfb_PRI1_v4 alias to deny xyz traffic" the widget counter should still work. Hope this helps.
-
@bbcan177 said in Packet Counts Not Updating in pfBlockerNG Widget:
If you set the Firewall Rule Description to start with "pfb_", it will not be removed by the package.
Maybe send a screenshot of where you are putting the Description.@BBcan177 Hmm, alternate descriptions used to work before. Why not just look at the Alias name like before? I don't like changing the descriptions...
-
@bbcan177 said in Packet Counts Not Updating in pfBlockerNG Widget:
patch
Hi
I have the same problem too.
I don't know how to use pfsense well so I wanted to know how to put this patch.
Can you show me how to do it even with screenshots? Thank you
