Whitelisting From Alerts Page Not Working
-
pfBlocker 2.1.4_12
pfSense 2.4.4-RELEASE (amd64)Attempting to add a DNSBL whitelist (used apple.com as an example) entry from the alerts page using the <+>:
Receive yellow banner at top:
Removed - Domain|CNAME(s) | iadsdk.apple.com | iadsdk.apple.com.edgekey.net | e4805.a.akamaiedge.net | from Unbound Resolver DNSBL. You may need to flush your browsers DNS CacheHowever, I receive a <pfSense is restoring the configuration /cf/conf/backup/config-1538140572.xml>, and the entry does not show up in the whitelist
Manual entry works once a DNSBL Reload is completed.
If not a known issue, could anyone provide direction on how to troubleshoot?
-
@totalchaos1010 said in Whitelisting From Alerts Page Not Working:
However, I receive a <pfSense is restoring the configuration /cf/conf/backup/config-1538140572.xml>, and the entry does not show up in the whitelist
Maybe there is another configuration outside of the package that is causing this issue... Try to save changes to any other pfSense configuration and see if the error repeats?
-
@bbcan177 said in Whitelisting From Alerts Page Not Working:
Try to save changes to any other pfSense configuration and see if the error repeats?
Thank you for the prompt response. Not sure how I would save to another pFsense config. Do you mean a whole other setup?
I have a 40 line custom whitelist that I created using the alerts page over the course of a year. Recently did the 2.4.4 upgrade, and just today the pfblocker upgrade. Same packages have remained within this last year. Nothing really has changed.
Also, recently just noticed that the domain on the alerts page now shows that it is whitelisted, however not in the custom whitelist. Could this be a permissions issue?
Again thank you for you response and guidance.
-
@totalchaos1010 said in Whitelisting From Alerts Page Not Working:
Thank you for the prompt response. Not sure how I would save to another pFsense config. Do you mean a whole other setup?
I have a 40 line custom whitelist that I created using the alerts page over the course of a year. Recently did the 2.4.4 upgrade, and just today the pfblocker upgrade. Same packages have remained within this last year. Nothing really has changed.
Also, recently just noticed that the domain on the alerts page now shows that it is whitelisted, however not in the custom whitelist. Could this be a permissions issue?
Again thank you for you response and guidance.When you whitelist a domain from the Alerts Tab, it removes the domain from the database, and then saves to the whitelist. So the first part seems to have executed, but the last part which is saving to the whitelist failed.
Do you have any errors in pfSense system.log? Its hard to diagnose without some more details. Are you experiencing any other issues in this box?
-
Seems the errors in the system log may help:
Sep 28 10:17:04 php-fpm 32174 /pfblockerng/pfblockerng_alerts.php: New alert found: pfSense is restoring the configuration /cf/conf/backup/config-1538144167.xml
Sep 28 10:17:04 php-fpm 32174 /pfblockerng/pfblockerng_alerts.php: pfSense is restoring the configuration /cf/conf/backup/config-1538144167.xml
Sep 28 10:17:04 php-fpm 32174 /pfblockerng/pfblockerng_alerts.php: XML error: XML_ERR_NAME_REQUIRED at line 3659 in /conf/config.xmland a few:
Sep 28 10:40:43 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process. -
@totalchaos1010 said in Whitelisting From Alerts Page Not Working:
pfBlocker 2.1.4_12
pfSense 2.4.4-RELEASE (amd64)Can you upgrade to the pfBlockerNG-devel version?
-
@bbcan177 said in Whitelisting From Alerts Page Not Working:
@totalchaos1010 said in Whitelisting From Alerts Page Not Working:
pfBlocker 2.1.4_12
pfSense 2.4.4-RELEASE (amd64)Can you upgrade to the pfBlockerNG-devel version?
Think I'll stick with the stable version and manually add for the time being. Thanks for the feedback.
-
I’m having the exact same issue.
I’m on the same versions of pfsense and pfblocker.
I can manually add without issue.
I too would rather not use a development build because I don’t want to deal with unpredictable bugs...which is kind of what I have here, so...
-
I have posted a PR which will fix this issue here:
https://github.com/pfsense/FreeBSD-ports/pull/577/filesJust waiting for the devs to review and merge.
You can manually edit this file:
/usr/local/www/pfblockerng/pfblockerng_alerts.phpand comment out Line #82 with//(prefix two slashes to that line)https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-pfBlockerNG/files/usr/local/www/pfblockerng/pfblockerng_alerts.php#L82
-
Thanks for fast follow up!
-
@mloiterman said in Whitelisting From Alerts Page Not Working:
Thanks for fast follow up!
It has been merged. Let me know if you have any other issues... Thanks!
-
My only question is how to get the fix apart from making the change myself or using a dev build? Am I waiting for an update to the pfblocker pkg?
-
@mloiterman There should be a new version posted for pfBlockerNG. Update to 2.1.4_17.
Might need to run
pkg update -ffrom the shell. -
@BBcan177
Thanks for the fix. Confirmed working, on my end. -
Thanks, works perfectly now.
