Loosing pfBlockerNG created firewall rules after cron run

lveatch

I am running version 2.1.2_1 and seem to be loosing a GeoIP based firewall rule after cron executes.  However, I can run manually forced update which corrects the problem.

My concern is that I thought pfBlockerNG would keep the previous configuration if there was a failed ip block list download, but I seem to loose the blocking firewall rule leaving my home network exposed more than I'd like.

The GeoIP based rule (pfB_NAmerica_v4) is for "Continent - North America" where I have United States US and US_rep selected for both ipv4 and ipv6.  I have the "invert source" checked under "Advanced Inbound Firewall Rule Settings".  List action is set to "Deny Inbound".

This works fine for what seems like a few days, then I'll receive the following error notice.  Manually executing a forced update will typically recreate the firewall rule.

Filter Reload

There were error(s) loading the rules: /tmp/rules.debug:200: macro 'pfB_NAmerica_v4' not defined - The line in question reads [200]: block in log quick on $WAN reply-to ( igb0 xxx.xxx.xxx.xxx ) inet from ! $pfB_NAmerica_v4 to any tracker 1770009585 label "USER_RULE: pfB_NAmerica_v4 auto rule"
@ 2017-10-30 10:29:05

The hour before the error has the following stats where both of the pfB_NAmerica_v*.txt files have content.

Alias table IP Counts
-----------------------------
  284912 total
  114227 /var/db/aliastables/pfB_Top_v4.txt
   71902 /var/db/aliastables/pfB_NAmerica_v4.txt
   48097 /var/db/aliastables/pfB_Top_v6.txt
   33729 /var/db/aliastables/pfB_firehol.txt
   10856 /var/db/aliastables/pfB_NAmerica_v6.txt
    4194 /var/db/aliastables/pfB_emergingthreats.txt
    1816 /var/db/aliastables/pfB_binarydefense.txt
      88 /var/db/aliastables/pfB_DNSBLIP.txt
       2 /var/db/aliastables/pfB_Home_Attack_Logs.txt
       1 /var/db/aliastables/pfB_Scanning2.txt

However, at the 10am run, both files are missing

Alias table IP Counts
-----------------------------
  284919 total
  114227 /var/db/aliastables/pfB_Top_v4.txt
   71902 /var/db/aliastables/pfB_NAmerica_v4.txt
   48097 /var/db/aliastables/pfB_Top_v6.txt
   33729 /var/db/aliastables/pfB_firehol.txt
   10856 /var/db/aliastables/pfB_NAmerica_v6.txt
    4194 /var/db/aliastables/pfB_emergingthreats.txt
    1823 /var/db/aliastables/pfB_binarydefense.txt
      88 /var/db/aliastables/pfB_DNSBLIP.txt
       2 /var/db/aliastables/pfB_Home_Attack_Logs.txt
       1 /var/db/aliastables/pfB_Scanning2.txt

 CRON  PROCESS  START [ 10/30/17 10:00:00 ]
[ Home_Attack_Logs ]
  Remote timestamp: Wed, 25 Oct 2017 23:41:17 GMT
  Local  timestamp: Mon, 30 Oct 2017 14:00:05 GMT	Update found
[ banlist ]
  Remote timestamp: Mon, 30 Oct 2017 14:00:04 GMT
  Local  timestamp: Mon, 30 Oct 2017 13:00:05 GMT	Update found
[ firehol_level3 ]
	( No remote timestamp/md5 unchanged )		Update not required
[ malwaredomains ]
  Remote timestamp: Fri, 27 Oct 2017 22:00:56 GMT
  Local  timestamp: Fri, 27 Oct 2017 22:00:56 GMT	Update not required
[ zeustracker_domains ]
  Remote timestamp: Sat, 28 Oct 2017 10:42:45 GMT
  Local  timestamp: Sat, 28 Oct 2017 10:42:45 GMT	Update not required
[ aws_simple_tracking ]
  Remote timestamp: Fri, 31 Jul 2015 19:01:02 GMT
  Local  timestamp: Fri, 31 Jul 2015 19:01:02 GMT	Update not required
[ aws_simple_ads ]
  Remote timestamp: Wed, 09 Mar 2016 19:46:05 GMT
  Local  timestamp: Wed, 09 Mar 2016 19:46:05 GMT	Update not required
 UPDATE PROCESS START [ 10/30/17 10:00:02 ]
[ Removing List(s) : pfB_NAmerica_v4 ]
[ Removing List(s) : pfB_NAmerica_v6 ]

===[  DNSBL Process  ]================================================

[ easylist_wo_elements ] exists.
[ EasyPrivacy ]		 exists.
[ yoyo_ads ]		 Downloading update .. 200 OK.
 No Domains Found

[ spamhaus_drop ]	 Downloading update [ 10/30/17 10:00:03 ] .. 200 OK
 No Domains Found

[ dshield_top10_2 ]	 exists.
[ hosts_file_ads ]	 exists.
[ malwaredomains ]	 exists.
[ zeustracker_domains ]	 exists.
[ aws_simple_tracking ]	 exists.
[ aws_simple_ads ]	 exists.
[ DNSBL_IP ]		 Updating aliastable... 
  no changes.
  Total IP count = 88

===[  Continent Process  ]============================================

[ pfB_NAmerica_v4 ]	 Changes found... Updating

[ pfB_NAmerica_v6 ]	 Changes found... Updating

[ pfB_Top_v4 ]		 exists. [ 10/30/17 10:00:05 ]
[ pfB_Top_v6 ]		 exists.

===[  IPv4 Process  ]=================================================

[ Home_Attack_Logs ]	 Downloading update .. completed ..

[ Scanning2_custom ]	 exists.
[ banlist ]		 Downloading update .. 200 OK. completed ..

[ emerging_block_ips ]	 exists.
[ emergingg_comprimised_ips ] exists.
[ firehol_level3 ]	 exists.

===[  IPv6 Process  ]=================================================

===[  Aliastables / Rules  ]================================

Firewall rule changes found, applying Filter Reload

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 284830 ]

===[ Deny List IP Counts ]===========================

  202073 total
  114227 /var/db/pfblockerng/deny/pfB_Top_v4.txt
   48097 /var/db/pfblockerng/deny/pfB_Top_v6.txt
   33729 /var/db/pfblockerng/deny/firehol_level3.txt
    2154 /var/db/pfblockerng/deny/emergingg_comprimised_ips.txt
    2040 /var/db/pfblockerng/deny/emerging_block_ips.txt
    1823 /var/db/pfblockerng/deny/banlist.txt
       2 /var/db/pfblockerng/deny/Home_Attack_Logs.txt
       1 /var/db/pfblockerng/deny/Scanning2_custom.txt

===[ Native List IP Counts ] ===================================

   82758 total
   71902 /var/db/pfblockerng/native/pfB_NAmerica_v4.txt
   10856 /var/db/pfblockerng/native/pfB_NAmerica_v6.txt

===[ DNSBL Domain/IP Counts ] ===================================

   78866 total
   46739 /var/db/pfblockerng/dnsbl/hosts_file_ads.txt
   18743 /var/db/pfblockerng/dnsbl/malwaredomains.txt
    8847 /var/db/pfblockerng/dnsbl/easylist_wo_elements.txt
    2968 /var/db/pfblockerng/dnsbl/EasyPrivacy.txt
    1019 /var/db/pfblockerng/dnsbl/aws_simple_ads.txt
     388 /var/db/pfblockerng/dnsbl/zeustracker_domains.txt
      64 /var/db/pfblockerng/dnsbl/dshield_top10_2.txt
      37 /var/db/pfblockerng/dnsbl/easylist_wo_elements.ip
      36 /var/db/pfblockerng/dnsbl/dshield_top10_2.ip
      15 /var/db/pfblockerng/dnsbl/EasyPrivacy.ip
      10 /var/db/pfblockerng/dnsbl/aws_simple_tracking.txt

====================[ Last Updated List Summary ]==============

Oct 23	01:32	Scanning2_custom
Oct 26	23:30	emerging_block_ips
Oct 26	23:32	emergingg_comprimised_ips
Oct 29	19:00	pfB_Top_v4
Oct 29	19:00	pfB_Top_v6
Oct 30	07:00	firehol_level3
Oct 30	09:00	banlist
Oct 30	10:00	pfB_NAmerica_v4
Oct 30	10:00	pfB_NAmerica_v6
Oct 30	10:00	Home_Attack_Logs

IPv4 alias tables IP count
-----------------------------
225966

IPv6 alias tables IP count
-----------------------------
58953

Alias table IP Counts
-----------------------------
  284919 total
  114227 /var/db/aliastables/pfB_Top_v4.txt
   71902 /var/db/aliastables/pfB_NAmerica_v4.txt
   48097 /var/db/aliastables/pfB_Top_v6.txt
   33729 /var/db/aliastables/pfB_firehol.txt
   10856 /var/db/aliastables/pfB_NAmerica_v6.txt
    4194 /var/db/aliastables/pfB_emergingthreats.txt
    1823 /var/db/aliastables/pfB_binarydefense.txt
      88 /var/db/aliastables/pfB_DNSBLIP.txt
       2 /var/db/aliastables/pfB_Home_Attack_Logs.txt
       1 /var/db/aliastables/pfB_Scanning2.txt

pfSense Table Stats
-------------------
table-entries hard limit  2000000
Table Usage Count         27

 UPDATE PROCESS ENDED

**Saving configuration [ 10/30/17 10:28:59 ] ...
[ Removing List(s) : pfB_NAmerica_v4 ]
[ Removing List(s) : pfB_NAmerica_v6 ]

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 284830 ]

===[ Deny List IP Counts ]===========================

  202073 total
  114227 /var/db/pfblockerng/deny/pfB_Top_v4.txt
   48097 /var/db/pfblockerng/deny/pfB_Top_v6.txt
   33729 /var/db/pfblockerng/deny/firehol_level3.txt
    2154 /var/db/pfblockerng/deny/emergingg_comprimised_ips.txt
    2040 /var/db/pfblockerng/deny/emerging_block_ips.txt
    1823 /var/db/pfblockerng/deny/banlist.txt
       2 /var/db/pfblockerng/deny/Home_Attack_Logs.txt
       1 /var/db/pfblockerng/deny/Scanning2_custom.txt

===[ DNSBL Domain/IP Counts ] ===================================

   78866 total
   46739 /var/db/pfblockerng/dnsbl/hosts_file_ads.txt
   18743 /var/db/pfblockerng/dnsbl/malwaredomains.txt
    8847 /var/db/pfblockerng/dnsbl/easylist_wo_elements.txt
    2968 /var/db/pfblockerng/dnsbl/EasyPrivacy.txt
    1019 /var/db/pfblockerng/dnsbl/aws_simple_ads.txt
     388 /var/db/pfblockerng/dnsbl/zeustracker_domains.txt
      64 /var/db/pfblockerng/dnsbl/dshield_top10_2.txt
      37 /var/db/pfblockerng/dnsbl/easylist_wo_elements.ip
      36 /var/db/pfblockerng/dnsbl/dshield_top10_2.ip
      15 /var/db/pfblockerng/dnsbl/EasyPrivacy.ip
      10 /var/db/pfblockerng/dnsbl/aws_simple_tracking.txt

====================[ Last Updated List Summary ]==============

Oct 23	01:32	Scanning2_custom
Oct 26	23:30	emerging_block_ips
Oct 26	23:32	emergingg_comprimised_ips
Oct 29	19:00	pfB_Top_v4
Oct 29	19:00	pfB_Top_v6
Oct 30	07:00	firehol_level3
Oct 30	09:00	banlist
Oct 30	10:00	pfB_NAmerica_v4
Oct 30	10:00	pfB_NAmerica_v6
Oct 30	10:00	Home_Attack_Logs

IPv4 alias tables IP count
-----------------------------
154064

IPv6 alias tables IP count
-----------------------------
48097

Alias table IP Counts
-----------------------------
  202161 total
  114227 /var/db/aliastables/pfB_Top_v4.txt
   48097 /var/db/aliastables/pfB_Top_v6.txt
   33729 /var/db/aliastables/pfB_firehol.txt
    4194 /var/db/aliastables/pfB_emergingthreats.txt
    1823 /var/db/aliastables/pfB_binarydefense.txt
      88 /var/db/aliastables/pfB_DNSBLIP.txt
       2 /var/db/aliastables/pfB_Home_Attack_Logs.txt
       1 /var/db/aliastables/pfB_Scanning2.txt

pfSense Table Stats
-------------------
table-entries hard limit  2000000
Table Usage Count         27

 UPDATE PROCESS ENDED [ 10/30/17 10:29:01 ]

Thoughts as to what is occuring?

Regards
Len