How to reset pfBocker?
-
I was doing some testing with it and I cannot get the "Test" list, namely called "pfB_Test" and even "pfB_DNSBLIP" at least part time giving me errors, saying it cannot resolve the destination alias. I deleted the test one, uninstalled pfBlocker, reinstalled, made it delete settings, still it complains and shows me this non-existent test list. How can I wipe it clean so I can start over? I did see the script from 2015, but didn't know if that would still work.
-
In the IPv4 tab, I assume you created a new alias called "Test". What feeds did you enter in this alias? Or did you add IPs to the customlist at the bottom of this alias?
To delete the Test alias you can click the Delete icon and it will remove the alias and any associated firewall rules.
DNSBL_IP is an alias that is used by DNSBL to block any IPs that are found in the DNSBL feeds. What feeds have you added to the DNSBL tab?
If you want to delete all settings you will need to uncheck the "keep settings"
in the general tab and Save. Then re-install the package to clear all settings. -
I did, yes. I didn't put in any feeds, just added some domains in the custom list and enabled the conversion of them to IP's.
I had long deleted it and wiped settings for the package and yet its ghost still haunts me.
I added only this feed so for in DNSBL. (https://hosts-file.net/ad_servers.txt)
I did that uncheck keep settings thing, but the Test feed I did in IPv4 tab has been long gone and still somehow is around somewhat, enough to regularly complain and be listed on widget.
-
Goto the pfSense diagnostics/tables page and delete the "pfB_Test" alias if it exists.
Aliastable IP contents are saved in /var/db/aliastables. If that alias exists there, you can manually delete it.
The conversion of domains to IPs is a hit and miss process if the domain may have several different IPs. So it's use should be limited to domains that typically have a single IP address. It's probably better to use the Whois format and enter the AS number if available for the domains or block those domains via DNSBL.
-
I don't see it in the Tables page, although there aren't any delete icons for anything in there anyways.
Alias is not in the aliastables file either.
-
Try this command:
pfctl -t pfB_Test -T kill -
Didn't remove the trace of it. Said 0 tables were deleted.
-
Only other possibility is a firewall rule that has a reference to that alias. If it's there then delete that rule.
-
I had cleared out everything it had created in all of those Firewall sections.
-
Check the pfsense firewall / aliases / urls tab. And see if it's referenced there.
-
It is not.
-
When you goto the Dashboard are you getting an error notice? Did you clear that notice? Does it return after clearing it? Maybe it's just a remnant of an old notice. Can also try a reboot.
-
I've gotten error notices regularly upon entering dashboard, it happening overnight and waking up to it. I got one after I instructed pfSense to reboot. I think I also got one for looking at it the wrong way.
So they've come back often, even after total clear out of settings and reinstall. Have rebooted numerous times, even updated pfSense one of those times.
