Upgrade to pfBlockerNG 2.1.4_20 - Block Rules Gone?

nfld_republic

Hi Folks - I just upgraded pfBlockerNG to 2.1.4_20 and all of my IP-based blocks (e.g., AWS, etc.). Before I start recrating them is there any way to restore them? I have a current backup before 2.1.4_20.

Thanks!

NollipfSense

@nfld_republic check keep setting!

provels

@nfld_republic Yes, a restore should work.

nfld_republic

@NollipfSense That was checked...

nfld_republic

@provels - Restore did not work. Seems like all the alises are gone.

NollipfSense

@nfld_republic Wow...seems you have an issue...are you using pfBlockerNG-Dev? If not, that's the solution...v2.2.5_28!

nfld_republic

@NollipfSense - Nope, release streams:
pfSense 2.4.4-RELEASE-p3 (amd64)
pfBlockerNG 2.1.4_20

Weird...

nfld_republic

Does anyone have the AWS EC2 IP list URL?

NollipfSense

@nfld_republic So, the pfBlockerNG 2.1.4.20...is that the Dev? I don't remember what I had before I upgraded to pfSense 2.5-Dev; however, your issue is weird indeed, as I have never had a situation that a restore from a backup didn't resolve nor a complete removal of pBlockerNG and a reinstall didn't restore all settings. So, your pfSense configurations are messed up.

provels

There are no references to pfBlocker in the config.xml you are restoring?

nfld_republic

@provels There are (subsets):

<filter>
		<rule>
			<ipprotocol>inet</ipprotocol>
			<type>block</type>
			<descr><![CDATA[pfB_BinaryDefense auto rule]]></descr>
			<source>
				<address>pfB_BinaryDefense</address>
			</source>
			<destination>
				<any></any>
			</destination>
			<log></log>
			<created>
				<time>1572831020</time>
				<username>Auto</username>
			</created>
			<interface>wan</interface>
			<tracker>1770009093</tracker>
		</rule>
		<rule>
			<ipprotocol>inet</ipprotocol>
			<type>block</type>
			<descr><![CDATA[pfB_EmergingThreats auto rule]]></descr>
			<source>
				<address>pfB_EmergingThreats</address>
			</source>
			<destination>
				<any></any>
			</destination>
			<log></log>
			<created>
				<time>1572831020</time>
				<username>Auto</username>
			</created>
			<interface>wan</interface>
			<tracker>1770009327</tracker>
		</rule>

Aliases:

<aliases>
		<alias>
			<name>pfB_BinaryDefense</name>
			<url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_BinaryDefense</url>
			<updatefreq>32</updatefreq>
			<address></address>
			<descr><![CDATA[pfBlockerNG  Auto  List Alias]]></descr>
			<type>urltable</type>
			<detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail>
		</alias>
		<alias>
			<name>pfB_EmergingThreats</name>
			<url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_EmergingThreats</url>
			<updatefreq>32</updatefreq>
			<address></address>
			<descr><![CDATA[pfBlockerNG  Auto  List Alias]]></descr>
			<type>urltable</type>
			<detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail>
		</alias>

provels

@nfld_republic Nothing like <pfblockerngdnsbl> or <pfblockernglistsv4>?
Those contain all my URLS.
Might be <pfblockerdnsbl> or <pfblockerlistsv4> for you since you're not running NG, but I can't be sure.

nfld_republic

@provels - Hi, I am running pfBlockerNG (v. 2.1.4_20).

I don't use DNSBL, just the IPs. I started readding the blocklist IPs (e.g., BinaryDefense, EmergingThreats, firehol Level 1 to 3) and they now work.