GeoIP Blocks - Unusually quiet logs?
-
Hi there,
I'm pretty new to pfBlockerNG and have been testing out the GeoIP blocking for the past few months.
For the past week or so my firewall logs, which at one point would be filled with entries of pfBlocker blocking X country is virtually empty of them. I think there was maybe 2 entries present yesterday.
All I'm seeing is the regular Block ULA networks from WAN block and occasional Default deny rule IPv4 .
I haven't changed any configuration settings since day one (general logging is on) set up so I was wondering if someone could shed some light on why this has started happening? I was naturally a little concerned that it may have stopped functioning but there are zero errors in the logs and regular updates to pfBlocker are shown daily.
I upgraded to 2.1.2 yesterday, first upgrade since installing.
Any help would be much appreciated.
-
You could goto pfSense Status > System Logs > Settings
and uncheck:
Log packets matched from the default block rules in the rulesetYou can also increase the size of the log file to hold more entries. The pfBlockerNG Alerts tab reads the pfSense firewall.log for the events.
Check the Firewall interfaces, and ensure that the Firewall rules are intact. If you have the firewall rule aliastable popups enabled, when you hover over each rule, it should show some of the IPs in the rule…. If they don't show then try a Force Reload - All....
-
BBcan177,
Thank you very much for your help. It turns out my ISP device had disabled modem mode and this was actually the cause of the problems. Once I re-set modem modem the entries for pfBlocker reappeared as before in the log.
Thanks again.