Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PF upgrade from 2.1.5 to 2.3.2(1) + PFblocker-NG = duplicated WAN rules

    Firewalling
    3
    5
    1088
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ashes00 last edited by

      Hello all.  Yesterday I upgraded from 2.1.5 to 2.3.2 and then on to 2.3.2.1.  I then installed PFblocker-NG, and all was well.  Today I'm looking around, and I see my 7 WAN rules are duplicated like 240 times.  I clear some out, and then it doubles.  Has anyone seen anything like this?  I was troubleshooting the system remotely, and when I tried to do a restore from a previous config it borked the system.  I think the backup config had RRD Data in it.  I will be reinstalling with copy fo original config, but wanted to see if anyone has seen any behavior with the WAN rules.  Thanks.  BBcan177 great package.  Been waiting a LONG time to try the pfBNG out.

      1 Reply Last reply Reply Quote 0
      • RonpfS
        RonpfS last edited by

        It better to disable pfBlockerNG (and DNSBL on older version) before updating/upgrading pfsense or pfblockeNG.

        Maybe disable it, cleanup the rules, enable pfBlockerNG than run a Force Update than a Force Reload All

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned last edited by

          It is even much more better to uninstall all packages before doing such upgrades of ancient pfSense versions.

          1 Reply Last reply Reply Quote 0
          • A
            ashes00 last edited by

            Sorry everyone I failed to mention that I uninstalled all packages before upgrading from 2.1.5 to 2.3.2.  I also did force the reload.  When I got home the system was hosed, but console was up.  It showed the XLM RRD Data error above all of the console menu options.  I tried to reboot from menu, and it just repeats XMP error without reboot.  I tried to Halt from menu same thing.  I ended up having to go into the shell, and halt from their.  Seeing that I had just upgraded I still had the install disk & config USB, so I just reinstalled.  I also reinstalled the pfBlockerNG package, and only setup my 4 IPv4 lists, and 4 country codes to block.  DSNBL and CIDR Aggregation have not been enabled.  I'll enable those in a few days to see if they are responsible.  I checked this Morning, and only 1 set of Rules for the WAN interface.  Wierd issue I see is when I installed pfBlocker-NG the old pfBLocker menu entry shows up.  It does not work, but seems to be stuck in the menu structure when pfBlocker-NG is installed.  When pfBlocker-NG is uninstalled the pfblocker menu entry is removed.  Wierd.

            1 Reply Last reply Reply Quote 0
            • A
              ashes00 last edited by

              Update - I have not seen the duplicate FW rules under the WAN interface since the reinstall.  I think I am going to turn on de-dup in pfB-ng, and see if creates the behavior.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post