Disable action does not work ?
-
@chudak So you ran both ? timestamp of the Force Update ?
-
You know I need to play with a bit and produce a good log. Will update later.
Thx for looking !
-
@chudak said in Disable action does not work ?:
You know I need to play with a bit and produce a good log. Will update later.
Thx for looking !Start by enable only on GeoIP group check if things change with a Force Update, then run a Force Reload IP or ALL.
Disable that GeoIP group, Update, Reload IP.
-
It looks like it was my bad and disable in fact does work.
My apologies !
Can I ask you kinda related-unrelated question.
When I look at my Whitelist I see:
and corresponding FW rule:
Do White_List_hosts and White_List_ports have to be used? Can they be removed ?
-
@chudak said in Disable action does not work ?:
Do White_List_hosts and White_List_ports have to be used? Can they be removed ?
When was this settings configured ? Look at both aliases to see if they are still relevant.
-
@ronpfs said in Disable action does not work ?:
When was this settings configured ? Look at both aliases to see if they are still relevant.
The problem is I don;t actually remember when and how :)
So I'd say no need for them. But when I try to disable "Custom DST Port" and "Custom Destination" and Save I get:
???
What do you see there ?
-
@chudak Strange. You are sure you untick both boxes, save, etc ?
-
@ronpfs said in Disable action does not work ?:
@chudak Strange. You are sure you untick both boxes, save, etc ?
Yup, unchecked both and on save that error.
Do you have aliases in tee WL?
-
@chudak And you did that in the Whitelist group ? not with the FW rules.
I do have a Whitelist rules with both boxes unticked, maybe empty the field also. -
Not sure what you call "the Whitelist group"
I have it in my IPv4 list
Tried emptying as well with no love
-
@chudak said in Disable action does not work ?:
Not sure what you call "the Whitelist group"
Permit group ....
-
@ronpfs said in Disable action does not work ?:
@chudak said in Disable action does not work ?:
Not sure what you call "the Whitelist group"
Permit group ....
is Permit group different from my ?
where is the Permit group ? -
@chudak Well you have a Group Whitelist for IP permit both. Mine is permit Outbound.
2.4.5-RELEASE-p1 (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5 -
@ronpfs said in Disable action does not work ?:
@chudak Well you have a Group Whitelist for IP permit both. Mine is permit Outbound.
ok i see, seems like the same then
-
are you on pfBlockerNG-devel 3.0.0_16 ?
-
@chudak With permit both, the FW rules requires Custom port/dest settings, this is a requirement from pfSense, nothing to do with pfBlockerNG.
With permit Outbound that requirements isn't needed. Check the forum for similar issues.
-
@ronpfs said in Disable action does not work ?:
@chudak With permit both, the FW rules requires Custom port/dest settings, this is a requirement from pfSense, nothing to do with pfBlockerNG.
With permit Outbound that requirements isn't needed. Check the forum for similar issues.
copy that
what do you have ?
-
@chudak Permit outbound, any protocol ,nothing in Advanced FW Rules
-
@ronpfs said in Disable action does not work ?:
@chudak Permit outbound, any protocol ,nothing in Advanced FW Rules
I’ve changed my to Permit outbound and my Issues including https://forum.netgate.com/topic/162857/problem-after-pfblockerng-devel-3-0-0_16-update/13 are gone !
I’m very puzzled. How it used to work all this time and how it was setup like this. Need to do explaining to myself :)
Thanks a million for being patient!
How does permit outbound actually works ? (Need to think about it)
-
@chudak said in Disable action does not work ?:
How does permit outbound actually works ? (Need to think about it)
That may contain some answers : https://docs.netgate.com/
