• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Monster pfBlockerNG import script pfBlockerNG_import_gravity.php 224 lists

Scheduled Pinned Locked Moved pfBlockerNG
21 Posts 9 Posters 5.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    tonymorella
    last edited by Sep 21, 2016, 2:12 PM

    @n3by:

    also change this:

    line 680

                        "header"     => "trustedsec_atif"),
    

    ->

                        "header"     => "trustedsec_atif")),
    

    and
    line 1020

                "custom_update"      => "disabled")
    

    ->

                "custom_update"      => "disabled"),
    

    Thanks for the review, changes updated on github.  This is what happens when your up 24 hours straight :)

    1 Reply Last reply Reply Quote 0
    • I
      iplost
      last edited by Sep 21, 2016, 2:33 PM

      Ok, thanks for update in github

      One detail,  wget is not by default in pfSense 2.3.2, other way to download script:

      
       curl https://raw.githubusercontent.com/tonymorella/pfsense_scipts/master/pfBlockerNG_import_gravity.php > pfBlockerNG_import_gravity.php
      
      
      1 Reply Last reply Reply Quote 0
      • P
        pfcode
        last edited by Oct 12, 2016, 8:35 PM

        Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"

        Release: pfSense 2.4.3(amd64)
        M/B: Supermicro A1SRi-2558F
        HDD: Intel X25-M 160G
        RAM: 2x8Gb Kingston ECC ValueRAM
        AP: Netgear R7000 (XWRT), Unifi AC Pro

        1 Reply Last reply Reply Quote 0
        • T
          tonymorella
          last edited by Oct 13, 2016, 4:30 AM

          @pfcode:

          Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"

          Good point,  by default I added all the URLs to a custom allow lists so they can not block each other :) Also you need to create and account to access the blueliv.com API

          1 Reply Last reply Reply Quote 0
          • P
            pfcode
            last edited by Oct 15, 2016, 2:48 PM

            @tonymorella:

            @pfcode:

            Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"

            Good point,  by default I added all the URLs to a custom allow lists so they can not block each other :) Also you need to create and account to access the blueliv.com API

            Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje,  What am I missing?

            Release: pfSense 2.4.3(amd64)
            M/B: Supermicro A1SRi-2558F
            HDD: Intel X25-M 160G
            RAM: 2x8Gb Kingston ECC ValueRAM
            AP: Netgear R7000 (XWRT), Unifi AC Pro

            1 Reply Last reply Reply Quote 0
            • B
              BBcan177 Moderator
              last edited by Oct 15, 2016, 6:42 PM

              @pfcode:

              Also, can't get access from "https://freeapi.blueliv.com"

              Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje,  What am I missing?

              I haven't used blueliv, but your not checking the correct domain name…

              ping freeapi.blueliv.com

              PING f01.blueliv.com (88.198.51.46): 56 data bytes

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • P
                pfcode
                last edited by Oct 15, 2016, 11:47 PM

                @BBcan177:

                @pfcode:

                Also, can't get access from "https://freeapi.blueliv.com"

                Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje,  What am I missing?

                I haven't used blueliv, but your not checking the correct domain name…

                ping freeapi.blueliv.com

                PING f01.blueliv.com (88.198.51.46): 56 data bytes

                Hi,

                if I manually add the ip in the suppress list and apply the changes,  Should I do a update or force reload?

                Release: pfSense 2.4.3(amd64)
                M/B: Supermicro A1SRi-2558F
                HDD: Intel X25-M 160G
                RAM: 2x8Gb Kingston ECC ValueRAM
                AP: Netgear R7000 (XWRT), Unifi AC Pro

                1 Reply Last reply Reply Quote 0
                • J
                  johnabbot
                  last edited by Oct 16, 2016, 7:17 AM

                  I think you should put a warning about false positives on the bots and organisations ones. I had to delete them.

                  1 Reply Last reply Reply Quote 0
                  • T
                    tonymorella
                    last edited by Oct 16, 2016, 6:46 PM

                    @johnabbot:

                    I think you should put a warning about false positives on the bots and organisations ones. I had to delete them.

                    Sure why not :)  I used Organisations for allow rules not block, did you notice issues with this one??

                    1 Reply Last reply Reply Quote 0
                    • J
                      johnabbot
                      last edited by Oct 18, 2016, 4:25 AM

                      blocking emails to/from me.com from a local mail server I think it was.

                      1 Reply Last reply Reply Quote 0
                      • M
                        motific
                        last edited by Jan 5, 2017, 10:27 PM

                        Thanks for the script, it was quite a timesaver.

                        A number of the lists ought to end up in the DNSBL section rather than IP4 (Privacy/SomeoneWhoCares is one example) - if you're maintaining the script that's something to check.  If I get some time I might take a look.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                          This community forum collects and processes your personal information.
                          consent.not_received