Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG Ghost Auto Rule

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 2 Posters 889 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zelechow
      last edited by

      Hello,
      I am encountering a weird issue where pfBlockerNg is creating a permit auto rule in our pfsense rulebase, but the GUI does not show a corresponding Ipv4 rule int pfBlockerNG rulebase. The auto rule that is being created is for the North American Continent and it permits all traffic from the continent, I erase or disable the rule and it reappears after the next cron/update for pfBlockerNg. No such rule currently exists in ipv4 or v6 tabs, there I only have alias entries for specific countries. How do I get rid of this rule?
      TNX

      1 Reply Last reply Reply Quote 0
      • RonpfSR
        RonpfS
        last edited by

        Did you look at the pfblockerng.log ? Do you have something defined in GeoIP tab?

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        1 Reply Last reply Reply Quote 0
        • Z
          zelechow
          last edited by

          @ronpfs said in pfBlockerNG Ghost Auto Rule:

          pfblockerng.log

          All I see in the logfile is when I delete the rule the next time the cron job runs I get:
          Firewall rule changes found, applying Filter Reload

          I am not sure what you mean by the Geo-IP tab. Do you mean the Country Tab? I have used it to create IPv4 rules. I don't see anything there which is defined to create the auto rule for permit traffic to all North America.

          1 Reply Last reply Reply Quote 0
          • RonpfSR
            RonpfS
            last edited by

            In pfBlockerNG-devel 2.2.1 the Country tab is now GeoIP.
            Run a Force Update than a Force Reload All and inspect the pfblockerng.log

            2.4.5-RELEASE-p1 (amd64)
            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

            1 Reply Last reply Reply Quote 0
            • Z
              zelechow
              last edited by

              Thanks,
              You gave me the direction I needed. I thought the Geo-IP tab was just a way to create rule in the IPv4 and v6 tab. I didn't realize it also kept rules independently. So solved
              Again, thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.