pfBlockerNG IPV4 problem
-
So the alias is populated correctly but the rule is not generated correctly against the alias?
Can we see a screenshot showing that?
How do you have the pfBlocker rule creation configured?
Steve
-
@stephenw10
Yes. The alias seems to be correct, but the rule only gets generated with 1.1.1.1 even when I have removed 1.1.1.1 from the custom IPV4 list.Whoops.. looked at wrong place. I have created a MANUAL alias that does what I need until I get this working. The alias created by the custom IPV4 rule is a url pointing to a file on the pfsense. What is the location of that file so I can check it manually?
-
Here are the screenshots you requested.
-
You can looks in Diag > Tables to see how that URL alias has been populated but it should be the same as the mouse-over which implies it's not populating.
You can see the files in /var/db/aliastables/.
Run a manual update in pfBlocker and check the logs.
Steve
-
Tables does show only 1.1.1.1. I also ran manual update again... still showing 1.1.1.1. Log is below.
Manual update log
UPDATE PROCESS START [ 12/07/20 16:14:22 ] Clearing all DNSBL Feeds... ** DNSBL Disabled ** ===[ Continent Process ]============================================ [ pfB_Africa_v4 ] exists. [ pfB_Africa_v6 ] exists. [ pfB_Asia_v4 ] exists. [ 12/07/20 16:14:23 ] [ pfB_Asia_v6 ] exists. [ pfB_Europe_v4 ] exists. [ pfB_Europe_v6 ] exists. [ pfB_NAmerica_v4 ] exists. [ pfB_NAmerica_v6 ] exists. [ pfB_Oceania_v4 ] exists. [ pfB_Oceania_v6 ] exists. [ pfB_SAmerica_v4 ] exists. [ pfB_SAmerica_v6 ] exists. ===[ IPv4 Process ]================================================= [ WhitelistIPRanges_custom ] exists. [ WhitelistDomainName_custom ] exists. [ BlacklistIPRanges_custom ] exists. ===[ Aliastables / Rules ]================================ Firewall rule changes found, applying Filter Reload UPDATE PROCESS ENDED [ 12/07/20 16:14:24 ] -
Sorry, try running full re-load there not update.
-
Aha, that got it! I still don't know why the cron task ORIGINALLY was not updating the full list. But once I started using my manual disable list, I turned cron off because it kept changing my rule order. I will turn cron back on and make a change to the list then report tomorrow if it updates properly on its own.
-
@rtkluttz said in pfBlockerNG IPV4 problem:
it kept changing my rule order.
If Auto Rules doesn't fit your setup, use Action : Alias and create your own FW Rules with these aliases.
-
Ok, the cron ran, but it is not picking up changes to my IPv4 blacklist. I have the blacklist set to update frequency of once per day and the overall cron settings on the general tab is set to once per day. But if I make any change to the custom IPv4 deny list, they don't show up unless I do the force with complete reload option ticked. Is this correct? I don't mind having to do that every time, but it makes me wonder if it is never truly picking up changes from maxmind either unless I hit the reload option.
-
What Cronjob is it running? It certainly should be updating that.
-
The one that gets enabled by the cron settings on the general tab and the one in the list itself is the only way I know how to answer you.
-
Ok so try setting the update interval to something less than the reload interval. Like it says there: 'within the Cron Interval'.
Steve
-
Ok, to get a faster picture on if it was working... I set the general tabs schedule to once every 2 hours and set the blacklist custom list update time to 1 hour. After making those changes and saving it, I edited the custom list and then left it for 3 hours or so. It still did not update on its own.
-
Hmm, check the crontab. You can use the Cron package to do that via the GUI.
-
@rtkluttz said in pfBlockerNG IPV4 problem:
Upgrade to pfBlockerNG-devel.
