pfBlockerNG-devel feedback
-
system log:
Oct 7 17:18:32 check_reload_status Syncing firewall Oct 7 17:18:32 php_pfb [pfBlockerNG] filterlog daemon started Oct 7 17:18:32 php-fpm 960 [pfBlockerNG] Restarting firewall filter daemon Oct 7 17:18:32 check_reload_status Reloading filter Oct 7 17:18:31 check_reload_status Syncing firewall Oct 7 17:18:31 check_reload_status Syncing firewall Oct 7 17:18:29 php [pfBlockerNG] DNSBL parser daemon startedpfblockerng.log after stop/start of pfBlocker in GUI:
**Saving configuration [ 10/07/18 17:16:23 ]** Reloading Unbound Resolver..... completed [ 10/07/18 17:16:24 ] DNSBL update [ 1147610 | PASSED ]... completed [ 10/07/18 17:16:25 ] Removing DNSBL Unbound custom option ------------------------------------------------------------------------ Saving DNSBL config changes.VIP address configured. Widget Packet statistics reset. Stop Service DNSBL ** DNSBL Disabled ** ** Stopping firewall filter daemon ** **Saving configuration [ 10/07/18 17:17:57 ]** Configuring DNSBL... completed Reloading Unbound Resolver..... completed [ 10/07/18 17:18:27 ] DNSBL update [ 1147610 | PASSED ]... completed [ 10/07/18 17:18:28 ] Adding DNSBL Unbound server:include option ------------------------------------------------------------------------ Saving new DNSBL web server configuration to port [ 9081 and 9443 ] Saving DNSBL config changes.VIP address configured. Widget Packet statistics reset. Restarting DNSBL Service ** Restarting firewall filter daemon **using /usr/local/etc/rc.d/pfb_filter.sh restart it's a no go too.
I has using 2.4.4 beta from 04 september before and pfblocker _12 and it was working. I've updated pfblocker to _17 and lost the block page. Upgraded pfsense to latest beta 2.4.5. Didn't solved it.
-
@hugovsky said in pfBlockerNG-devel feedback:
I has using 2.4.4 beta from 04 september before and pfblocker _12 and it was working. I've updated pfblocker to _17 and lost the block page. Upgraded pfsense to latest beta 2.4.5. Didn't solved it.
When you ran that command from the shell, did it report any errors?
As a note, thepfb_filteris for IP not DNSBL... The DNSBL service ispfb_dnsbl.I am also not sure what you mean by "lost the block page?"
Run the following and report the output:
ls -lah /var/log/filter.logps auxww | grep pfb -
I've also noted that the percentage of domains blocked is at 100%
-
@hugovsky said in pfBlockerNG-devel feedback:
I've also noted that the percentage of domains blocked is at 100%
Click the trashcan Icon in the
Packetcolumn to reset it... The widget wrench also contains some other tunables. -
"Block page" it's the page you see when you go drectly to 10.10.10.1, the vip ip.
Cleared the stats and "block percentage" is ok now.
ls -lah /var/log/filter.log:
[2.4.5-DEVELOPMENT][root@firewall]/root: ls -lah /var/log/filter.log -rw------- 1 root wheel 195K Oct 7 17:16 /var/log/filter.logps auxww | grep pfb:
[2.4.5-DEVELOPMENT][root@firewall]/root: ps auxww | grep pfb root 38351 0.0 0.0 10392 7340 - S 17:18 0:02.08 /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf root 38455 0.0 0.2 50880 38640 - I 17:18 0:01.77 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc dnsbl root 38468 0.0 0.2 50880 38216 - I 17:18 0:00.26 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc index root 38796 0.0 0.2 50880 38632 - S 17:18 0:00.78 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc queries root 44777 0.0 0.0 6564 2456 0 S+ 17:38 0:00.00 grep pfb root 48602 0.0 0.0 4340 1956 0 S 17:21 0:00.35 /usr/local/sbin/clog_pfb -f /var/log/filter.log root 48774 0.0 0.2 50880 38208 0 I 17:21 0:00.25 /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog -
What does this report:
ls -la /usr/local/bin/php*Try the following:
rm /usr/local/bin/php_pfbAnd then restart the
pfb_filterservice. -
ls -lah /usr/local/bin/php*:
[2.4.5-DEVELOPMENT][root@firewall]/root: ls -lah /usr/local/bin/php* -rwxr-xr-x 2 root wheel 4.6M Sep 20 13:18 /usr/local/bin/php -rwxr-xr-x 1 root wheel 4.6M Sep 20 13:18 /usr/local/bin/php-cgi -rwxr-xr-x 1 root wheel 2.7K Sep 20 13:18 /usr/local/bin/php-config -rwxr-xr-x 2 root wheel 4.6M Sep 20 13:18 /usr/local/bin/php_pfb -rwxr-xr-x 1 root wheel 4.4K Sep 20 13:18 /usr/local/bin/phpizeDid what you sugested and no diference.
-
Also noted that pfBlocker doesn't log my direct connection to 10.10.10.1. It used to.
-
@bbcan177 said in pfBlockerNG-devel feedback:
@veldkornet said in pfBlockerNG-devel feedback:
On my dashboard, DNSBL always has a yellow icon and says
DNSBL is out of sync. Perform a force reload to correct.Although I’ve already done a force reload a few times...
Also, unrelated to the above, would it be possible to allow the ability to choose your own certificate for DNSBL so that you don’t get certificate errors for the https page?For the
Syncissue: Typically this is caused by having multiple feeds with the same "Header/Label" name. Every Header needs to be unique. Also can be caused if you have a duplicated Feed.For the Certificate errors, you can fix this in pfBlockerNG-devel, see here:
https://forum.netgate.com/topic/136302/is-hiding-dnsbl-alerts-without-whitlisting-possibleFor the sync issue, I went through all the feeds but I didn’t notice any duplicates in Feed or tag... is it possible that there’s a duplicate from the custom feed and the Easylist Shalla (for example)? Or is there another way to track it down?
FYI, I’m using most of these: https://firebog.net
-
See the last part of the pfblockerng.log which will summarize all headers.
Failing that, uncheck "keep settings" and hit "save" in the general tab which will clear all downloaded files.
Follow that by rechecking "keep settings", save and a Force update.
-
@veldkornet Look at https://forum.netgate.com/topic/130361/pfblockerng-devel-2-1-2/14
-
@bbcan177 I am unclear as to the correct setting on Services -> DNS Resolver -> General Settings under Network Interfaces: it specifies "[IP Address] (pfB DNSBL - DO NOT EDIT)". Well, it got edited (and, indeed, again now). Should this entry be selected (i.e., highlighted/checked) or not? In general, do I want all local internal interfaces checked here including the pfB DNSBL one? Perhaps, the entry could be more "descriptive" than "Do not edit" (e.g., "Select to enable pfB DNSBL").
-
Speaking of the DNS Resolver, under the custom options, the following:
include: /var/unbound/pfb_dnsbl.*confAs that looked wrong, I changed it to:
include: /var/unbound/pfb_dnsbl*.confRight, so now it works properly and picks up all of the config files, but now because of this, I get the following error:
The following input errors were detected: The generated config file cannot be parsed by unbound. Please correct the following errors: /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'server.tag' /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:4: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'pfBlockerNG' /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'DNSBL' /var/unbound/pfb_dnsbl_lighty.conf:4: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword 'server.bind' /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:5: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword '0.0.0.0' /var/unbound/pfb_dnsbl_lighty.conf:5: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword 'server.port' /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:6: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword '8082' /var/unbound/pfb_dnsbl_lighty.conf:6: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword 'server.event-handler' /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:7: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword 'freebsd-kqueue' /var/unbound/pfb_dnsbl_lighty.conf:7: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword 'server.network-backend' /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:8: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword 'freebsd-sendfile' /var/unbound/pfb_dnsbl_lighty.conf:8: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword 'server.dir-listing' /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:9: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword 'disable' /var/unbound/pfb_dnsbl_lighty.conf:9: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword 'server.document-root' /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:10: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword '/usr/local/www/pfblockerng/www/' /var/unbound/pfb_dnsbl_lighty.conf:10: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword 'server.errorlog' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:11: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '|/usr/local/bin/php' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '-f' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '/usr/local/pkg/pfblockerng/pfblockerng.inc' /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword 'dnsbl' /var/unbound/pfb_dnsbl_lighty.conf:11: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword 'server.pid-file' /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:12: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword '/var/run/dnsbl.pid' /var/unbound/pfb_dnsbl_lighty.conf:12: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'server.modules' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_access' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_accesslog' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_fastcgi' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_rewrite' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_openssl' /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword 'server.indexfiles' /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:14: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword 'index.php' /var/unbound/pfb_dnsbl_lighty.conf:14: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'mimetype.assign' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '.html' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'text/html' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '.gif' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'image/gif' /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword 'url.access-deny' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '~' /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '.inc' /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'fastcgi.server' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '.php' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'localhost' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'socket' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '/var/run/php-fpm.socket' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ',' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'broken-scriptfilename' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'enable' /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword 'debug.log-condition-handling' /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:19: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword 'enable' /var/unbound/pfb_dnsbl_lighty.conf:19: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword 'accesslog.use-syslog' /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:20: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword 'disable' /var/unbound/pfb_dnsbl_lighty.conf:20: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword 'accesslog.format' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:21: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword 'INDEX!%r!%V!%h!%{Referer}i' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '*' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '%r' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '*' /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '%{User-Agent}i' /var/unbound/pfb_dnsbl_lighty.conf:21: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword 'accesslog.filename' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:22: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '|/usr/local/bin/php' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '-f' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '/usr/local/pkg/pfblockerng/pfblockerng.inc' /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword 'index' /var/unbound/pfb_dnsbl_lighty.conf:22: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '$HTTP[' /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword 'scheme' /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword ']' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '==' /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword 'http' /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '{' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword 'url.rewrite-once' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '.*' /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword 'index.php' /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:26: error: unknown keyword '}' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '$HTTP[' /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword 'remoteip' /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword ']' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '=~' /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '.*' /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '{' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '$SERVER[' /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword 'socket' /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword ']' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '==' /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '0.0.0.0' /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray ':' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '8443' /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '{' /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword 'ssl.engine' /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:30: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword 'enable' /var/unbound/pfb_dnsbl_lighty.conf:30: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword 'ssl.pemfile' /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:31: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword '/var/unbound/dnsbl_cert.pem' /var/unbound/pfb_dnsbl_lighty.conf:31: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:32: error: unknown keyword '}' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '$SERVER[' /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword 'socket' /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword ']' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '==' /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '10.10.10.1' /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray ':' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '443' /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '{' /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword 'ssl.engine' /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:35: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword 'enable' /var/unbound/pfb_dnsbl_lighty.conf:35: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword 'ssl.pemfile' /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:36: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword '/var/unbound/dnsbl_cert.pem' /var/unbound/pfb_dnsbl_lighty.conf:36: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:37: error: unknown keyword '}' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '$HTTP[' /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword 'host' /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword ']' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '=~' /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '.*' /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '{' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword 'url.rewrite-once' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '=' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '(' /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '.*' /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '=>' /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword 'index.php' /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"' /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword ')' /var/unbound/pfb_dnsbl_lighty.conf:41: error: unknown keyword '}' /var/unbound/pfb_dnsbl_lighty.conf:42: error: unknown keyword '}' read /var/unbound/test/unbound.conf failed: 268 errors in configuration fileSo first off, was it supposed to be .*conf? Or *.conf? Secondly, what's this pfb_dnsbl_lighty.conf file?
-
@veldkornet said in pfBlockerNG-devel feedback:
So first off, was it supposed to be .*conf? Or *.conf? Secondly, what's this pfb_dnsbl_lighty.conf file?
No this is not the correct way. Moving the asterisk as you did will include other temporary files that are in that folder.
You seem to have some other issue with the Resolver configuration.
Goto the pfSense DNS Resolver and increase the log verbosity to 2, and then review the resolver.log for additional clues.
-
Hi all
Everything was working fine no changes have been made but for the last couple days
i have been getting the errors listed below
DNSBL OUT OF SYNC
*** DNSBL update [ 1308990 ] [ 1308991 ] ... OUT OF SYNC ! *** [ 10/10/18 17:52:40 ]
followed listed instructions above to try and correct the errors with no luck
DNSBL log attachAlso getting
domain/ referer feed
iadsdk.apple.com [ Unknown ] Unknown
DNSBL-HTTPS | Unknown Unknown
ocsp.digicert.com [ Unknown ] Unknown
www.youtube.com [ Unknown ] Unknown
DNSBL-HTTPS | Unknown Unknown
DNSBL-HTTPS | Unknown Unknown
liveupdate.symantec.com [ Unknown ] UnknownAnother
disable log under floating rules doesn’t not seem to work for me, i created
ipv4 list disable logs for that list and global log is also disable but the rules
is still being created with log enable.
0_1539269924600_DNSBL.txt -
The sync is off by one, so its not critical in the sense that its still going to block the domains listed. There is a disrepancy of the number of domains listed in the Unbound DB vs the /dnsbl/ folder.
I'd suggest a Force Reload and see if that fixes it.
-
@bbcan177
I started seeing the SQLite3 error myself:Warning: SQLite3::exec(): database disk image is malformed in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3931 Warning: SQLite3::exec(): database disk image is malformed in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3934 Warning: SQLite3::query(): Unable to prepare statement: 11, database disk image is malformed in /usr/local/www/widgets/widgets/pfblockerng.widget.php on line 297I first noticed it today when logging on to check for updates. The message appeared after the update.
2.4.5-DEVELOPMENT (amd64) Current Base System: 2.4.5.a.20181025.0115 built on Thu Oct 25 01:16:47 EDT 2018 FreeBSD 11.2-RELEASE-p4 pfBlockerNG 2.2.5_17I read thru the posts on how to fix. Just wanted to know know if there is any information you want before I take action.
-
@xentrk said in pfBlockerNG-devel feedback:
I started seeing the SQLite3 error myself:
Warning: SQLite3::exec(): database disk image is malformed in /usr/local/pkg/pfblockerng/pfblockerng.inc onThis is a different issue. I sent you a PM.
-
Just saw that _18 was online! Great! So installed it with the new wizard, really nice touch!
Quick question before having a bigger look into it: The wizard created an alias on LAN per default. In the corresponding DNSBL page flagged with "CARP beta" there's an option to change that to a CARP VIP: Why not use an Alias for the CARP VIP (on LAN) instead? The advantage would be that a) you don't have to configure a full CARP interface setup (and have problems like in another thread, that pfBNG always uses VHID 1 and that's potentially dangerout!) AND as an alias on top of an existing CARP interface - and I would assume almost every CARP setup uses a CARP VIP on LAN - you won't have to think about syncing either, as Alias-style VIPs on CARPs are synced via VirtualIP standards. Also you would use the already configured (and working) LAN VIP as your carrier and failing over with it, too. So I can see no problems with that.
If CARP setting stays, than I'd recommend adding VHID field for configuring that, too, as always using 1 (as said above) is potentially dangerous with other clusters in the same network broadcast domain.
Greets,
Jens -
@jegr said in pfBlockerNG-devel feedback:
Just saw that _18 was online! Great! So installed it with the new wizard, really nice touch!
Thanks. Yes it was on the list of to-do items... List just never stops ;)
Quick question before having a bigger look into it: The wizard created an alias on LAN per default. In the corresponding DNSBL page flagged with "CARP beta" there's an option to change that to a CARP VIP: Why not use an Alias for the CARP VIP (on LAN) instead? The advantage would be that a) you don't have to configure a full CARP interface setup (and have problems like in another thread, that pfBNG always uses VHID 1 and that's potentially dangerout!) AND as an alias on top of an existing CARP interface - and I would assume almost every CARP setup uses a CARP VIP on LAN - you won't have to think about syncing either, as Alias-style VIPs on CARPs are synced via VirtualIP standards. Also you would use the already configured (and working) LAN VIP as your carrier and failing over with it, too. So I can see no problems with that.
If CARP setting stays, than I'd recommend adding VHID field for configuring that, too, as always using 1 (as said above) is potentially dangerous with other clusters in the same network broadcast domain.I am not a user of CARP, so all feedback appreciated about it.... I can definately add a "VHID" option and will checkout the Alias option also...
I will see if one of the pfSense Devs will help offline to ensure I am covering all bases...
Appreciated!
