pfBlockerNG-devel v3.0.0_15
-
A Pull Request has been submitted to the pfSense devs for review and approval.
https://github.com/pfsense/FreeBSD-ports/pull/1051
CHANGELOG:
- Add Cloudflare DoH/DoT domains (one.one.one.one, and 1dot1dot1dot1.cloudflare-dns.com) for DoH/DoT SafeSearch page blocking list.
Ref: https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/android - Show DoH/DoT domain names in SafeSearch Page
- Fix issue with pfb_tail on stop service pfb_filter
Note: If you are a Reddit User and a Patron, please PM me your Reddit username, and I will add a "Patron" User Flair to show your support!
Continue to follow in the pfSense forum and on Twitter [ u/BBcan177 ], and on Reddit [ r/pfBlockerNG ]
and Patreon ( https://www.patreon.com/pfBlockerNG ) for pfBlockerNG news and support.
Thank you for the Continued Support!
"Experience is something you don't get until just after you need it."
Website: http://pfBlockerNG.com
Twitter: @BBcan177ย #pfBlockerNG
Reddit: https://www.reddit.com/r/pfBlockerNG/new/ - Add Cloudflare DoH/DoT domains (one.one.one.one, and 1dot1dot1dot1.cloudflare-dns.com) for DoH/DoT SafeSearch page blocking list.
-
Still shows 3.0.0_10 as the latest on my XG-7100 running 21.02-release-p1
-
Exactly my point... updates to packages doesnt show at all.
You need to CTRL + F5 or reboot.
If rebooted, all updates are showing.
-
@cool_corona Ive rebooted mine and updates still donโt show.
-
@cool_corona said in pfBlockerNG-devel v3.0.0_15:
Exactly my point... updates to packages doesnt show at all.
You mean the dot 15 isn't visible yet ?
Right now, it's :
for me because :
@bbcan177 said in pfBlockerNG-devel v3.0.0_15:
A Pull Request has been submitted to the pfSense devs for review and approval.
I explain :
bbcan edits the code - you can see him doing so in real time : he is using his own github.
When he thinks it's ok, he places a "pull request".
Now the Netgate guys come into play : they can look at the code, smoke a pipe, deliberate, accepts, or place questions. They might even leave office for a long weekend.
Or just stay home, because Netgate's office is in Texas, and they are all on the beach.
Or remove the snow, and how electricity comes back.
Or play with the dog (see below) and boxes
Anyway : they are in Texas, if this rings a bell (the news is international now, we all have CNN, right ?).When the pull request gets accepted, they push the Accept button, thebbcan stuff gets merged with the main pfSense github.
A build is programmed - for the FreeBSD pfSense package.
If, by any chance, the build is successful, it get published on the files serversOur pfSense package sub system checks ones in a while against the Netgate's files servers if new stuff is available.
If so, you see this :
An upgrade exists !!!!!! (dot 14 for me).
Now, normally, DO NOT upgrade.
Goto the (this !) forum and have a look for the guy that did upgrade, and see what he has to say ;)
If the forums messages show a globally positive review, you might considering upgrading.Btw : WTF : BBcan : I've not even .14 installed yet, and now .15 is already ramping up .......
The dog :
( Netgate must be a cool company - thanks for that blog page, rather difference as the others. I do like reading about compilers messing up the optimization of machine code so it kills spin-locks so it kills SG3100 devices, but I like dog also )
-
Hmmm - I am only showing
pfBlockerNG-devel net 3.0.0_10 -
There are two different and distinct respositories for packages. One repo is for CE and the other is for pfSense+. Been that way since "Factory Edition" appeared a while back.
The Netgate developer team has to manually merge Pull Requests into the pfSense+ repo and then kick off a package build there. Until that is done, new packages that appear for CE users don't show up for pfSense+ users.
RIght now, looking in the two repos, I see pfSense-2.5.0 CE has version .14 of pfBlockerNG-devel while pfSense+ is still showing only version .10.
-
@bmeeks Thankyou for the clarification, I was beginning to think something was wrong with my install
-
@bmeeks thank for the heads up.
I better get used to mention that I'm using the CE.
pfBlockerNG-devel is mostly if not all PHP scripts files, some python script files . No binaries, so basiclly, it's just a pure copy from CE (bbcan is using CE I guess) to +. -
@gertjan said in pfBlockerNG-devel v3.0.0_15:
@bmeeks thank for the heads up.
I better get used to mention that I'm using the CE.
pfBlockerNG-devel is mostly if not all PHP scripts files, some python script files . No binaries, so basiclly, it's just a pure copy from CE (bbcan is using CE I guess) to +.Yeah, discovered the existence of the two distinct repos shortly after "Factory Edition" emerged when trying to figure out why my "latest" Snort package update was not showing up for Netgate appliances but showed up for me on CE in my test virtual machines at the time.
-
_15 is available for 21.02p1 now - just updated to it.
-
Also for the CE.
-
What ?
No dot 16 this morning ??No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
-
@gertjan said in pfBlockerNG-devel v3.0.0_15:
What ?
No dot 16 this morning ??Is this a challenge :)
-
-
Anybody gets "parse error: Invalid numeric literal" while manually doing an update (probably also during automatic updates) with 3.0.0_15 ?
I see tons of these... Seems to happen with IPv4 lists....
See attached file for log output, the SPAM bot wont let me post the 20 odd lines snippet without flagging me as spam..... What a PITA.
Also any of you guys noticed Unbound does NOT restart automatically after pfBlockerNG package update?
-
@pftdm007 You need more upvotes. Let's help them out.
-
@pftdm007 said in pfBlockerNG-devel v3.0.0_15:
Anybody gets "parse error: Invalid numeric literal" while manually doing an update (probably also during automatic updates) with 3.0.0_15 ?
BGPView is rate-limiting:
https://twitter.com/BBcan177/status/1357161876812087297Reduce the frequency of ASN Updates.
Also any of you guys noticed Unbound does NOT restart automatically after pfBlockerNG package update?
See:
https://redmine.pfsense.org/issues/11398 -
@bbcan177 Yeah, it is ;)
try: manager = urllib3.PoolManager() # bgpview throttles queries time.sleep(0.5) <---------------- response = manager.request( "GET", "https://api.bgpview.io/asn/" + self.asn + "/prefixes") except (urllib3.exceptions.HTTPError, urllib3.exceptions.PoolError): returnEdited to add:
In case anyone cares, an alternative to BGPView is this for getting the routed prefixes for an ASN:elif data_provider == "radb": result = "" try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect(("whois.radb.net", 43)) sock.send(bytes("-i origin " + self.asn + "\r\n", "utf-8")) while True: data = sock.recv(1024) if not data: break result += data.decode("utf-8") sock.close() except OSError: sock.close() return if result: output = result.splitlines() # The error message if the ASN returns no data is: # "% No entries found for the selected source(s)." if output[0].startswith("% "): return routes4 = [line.removeprefix("route:").strip() for line in output if line.startswith("route:")] routes6 = [line.removeprefix("route6:").strip() for line in output if line.startswith(("route6:"))]
