Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfBlockerNG update removing firewall rules schedule

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jamesbeale
      last edited by

      Hi

      Can anyone replicate this problem? It seems like my firewall schedule rules are being removed by pfBlockerNG update.

      See before and after screens attached.

      Thanks.

      James.
      ![Rules before pfblockerng update.jpg](/public/imported_attachments/1/Rules before pfblockerng update.jpg)
      ![Rules before pfblockerng update.jpg_thumb](/public/imported_attachments/1/Rules before pfblockerng update.jpg_thumb)
      ![Rules after pfblockerng update.jpg](/public/imported_attachments/1/Rules after pfblockerng update.jpg)
      ![Rules after pfblockerng update.jpg_thumb](/public/imported_attachments/1/Rules after pfblockerng update.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        If you are using "auto type" rules, you need to utilize the Adv. In/outbound firewall rule settings to configure the rule. Otherwise use "alias type" rule settings and create the rule manually. Click the blue infoblock icons in the IPv4 tab for more details.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • J
          jamesbeale
          last edited by

          Thank you so much for taking the time to reply.

          I'm afraid I'm struggling with getting the pfBlockerNG and Alias parts to perform together, probably because I'm misunderstanding what's needed.

          So, here goes - with apologies!

          In the attached screen shots, "pfblockerng ipv4.jpg" and "pfblockerng ipv4_part2.jpg", I think I'm asking pfBlockerNG to create an alias list called engbfacebook, using Whois from the AS number AS32934.

          Certainly this does create the file /var/db/aliastables/pfB_engbfacebookcom.txt, which is filled with IP addresses.

          All well so far!

          But then I fall over how to get this information over to the Alias section of the Firewall tab. In "pfblocerng ipv4_part2.jpg" I thought I was asking pfBlockerNG to either create or add to a Firawall Alias called engbfacebook.

          I have tried both creating a blank Alias called engbfacebook, and no Alias at all.  Neither method results in an Alias with a list of IPs from pfB_engbfacebookcom.txt.

          Once I can understand where I've gone wrong here, the manual creation of a rule is straightforward enough… I think!

          Can I trouble you once more, please, to tell me where I'm going wrong with this?

          Thanks again,

          James.

          pfblockerng_ipv4.jpg
          pfblockerng_ipv4.jpg_thumb
          pfblockerng_ipv4_part2.jpg
          pfblockerng_ipv4_part2.jpg_thumb

          1 Reply Last reply Reply Quote 0
          • BBcan177B
            BBcan177 Moderator
            last edited by

            When you use "Alias Deny" It will not auto create the firewall rules… So configuring the "Adv. In/Out" Firewall rule customizations are not applicable for the "Alias type" rules... Please click on the Blue infoblock icon in the "List Action" settings for further details.

            Goto the pfSense tab - Firewall/Aliases/URLs and you will see the defined pfBlockerNG Aliases... These can be referenced in manually created firewall rules in the "Destination/Source" input field  (ie - "Single Host or alias")

            "Experience is something you don't get until just after you need it."

            Website: http://pfBlockerNG.com
            Twitter: @BBcan177  #pfBlockerNG
            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

            1 Reply Last reply Reply Quote 0
            • J
              jamesbeale
              last edited by

              Thank you so much for taking the trouble to point me in the right direction.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.