Upgrade to pfBlockerNG 2.1.4_20 - Block Rules Gone?
-
Hi Folks - I just upgraded pfBlockerNG to 2.1.4_20 and all of my IP-based blocks (e.g., AWS, etc.). Before I start recrating them is there any way to restore them? I have a current backup before 2.1.4_20.
Thanks!
-
@nfld_republic check keep setting!
-
@nfld_republic Yes, a restore should work.
-
@NollipfSense That was checked...
-
@provels - Restore did not work. Seems like all the alises are gone.
-
@nfld_republic Wow...seems you have an issue...are you using pfBlockerNG-Dev? If not, that's the solution...v2.2.5_28!
-
@NollipfSense - Nope, release streams:
pfSense 2.4.4-RELEASE-p3 (amd64)
pfBlockerNG 2.1.4_20Weird...
-
Does anyone have the AWS EC2 IP list URL?
-
@nfld_republic So, the pfBlockerNG 2.1.4.20...is that the Dev? I don't remember what I had before I upgraded to pfSense 2.5-Dev; however, your issue is weird indeed, as I have never had a situation that a restore from a backup didn't resolve nor a complete removal of pBlockerNG and a reinstall didn't restore all settings. So, your pfSense configurations are messed up.
-
There are no references to pfBlocker in the config.xml you are restoring?
-
@provels There are (subsets):
<filter> <rule> <ipprotocol>inet</ipprotocol> <type>block</type> <descr><![CDATA[pfB_BinaryDefense auto rule]]></descr> <source> <address>pfB_BinaryDefense</address> </source> <destination> <any></any> </destination> <log></log> <created> <time>1572831020</time> <username>Auto</username> </created> <interface>wan</interface> <tracker>1770009093</tracker> </rule> <rule> <ipprotocol>inet</ipprotocol> <type>block</type> <descr><![CDATA[pfB_EmergingThreats auto rule]]></descr> <source> <address>pfB_EmergingThreats</address> </source> <destination> <any></any> </destination> <log></log> <created> <time>1572831020</time> <username>Auto</username> </created> <interface>wan</interface> <tracker>1770009327</tracker> </rule>
Aliases:
<aliases> <alias> <name>pfB_BinaryDefense</name> <url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_BinaryDefense</url> <updatefreq>32</updatefreq> <address></address> <descr><![CDATA[pfBlockerNG Auto List Alias]]></descr> <type>urltable</type> <detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail> </alias> <alias> <name>pfB_EmergingThreats</name> <url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_EmergingThreats</url> <updatefreq>32</updatefreq> <address></address> <descr><![CDATA[pfBlockerNG Auto List Alias]]></descr> <type>urltable</type> <detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail> </alias>
-
@nfld_republic Nothing like <pfblockerngdnsbl> or <pfblockernglistsv4>?
Those contain all my URLS.
Might be <pfblockerdnsbl> or <pfblockerlistsv4> for you since you're not running NG, but I can't be sure. -
@provels - Hi, I am running pfBlockerNG (v. 2.1.4_20).
I don't use DNSBL, just the IPs. I started readding the blocklist IPs (e.g., BinaryDefense, EmergingThreats, firehol Level 1 to 3) and they now work.