Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade to pfBlockerNG 2.1.4_20 - Block Rules Gone?

    Scheduled Pinned Locked Moved pfBlockerNG
    13 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • nfld_republicN
      nfld_republic
      last edited by

      Hi Folks - I just upgraded pfBlockerNG to 2.1.4_20 and all of my IP-based blocks (e.g., AWS, etc.). Before I start recrating them is there any way to restore them? I have a current backup before 2.1.4_20.

      Thanks!

      NollipfSenseN provelsP 2 Replies Last reply Reply Quote 0
      • NollipfSenseN
        NollipfSense @nfld_republic
        last edited by

        @nfld_republic check keep setting!

        Screen Shot 2020-01-11 at 9.14.48 AM.png

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        nfld_republicN 1 Reply Last reply Reply Quote 0
        • provelsP
          provels @nfld_republic
          last edited by

          @nfld_republic Yes, a restore should work.

          Peder

          MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
          BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

          nfld_republicN 1 Reply Last reply Reply Quote 0
          • nfld_republicN
            nfld_republic @NollipfSense
            last edited by

            @NollipfSense That was checked...

            1 Reply Last reply Reply Quote 0
            • nfld_republicN
              nfld_republic @provels
              last edited by

              @provels - Restore did not work. Seems like all the alises are gone.

              NollipfSenseN 1 Reply Last reply Reply Quote 0
              • NollipfSenseN
                NollipfSense @nfld_republic
                last edited by NollipfSense

                @nfld_republic Wow...seems you have an issue...are you using pfBlockerNG-Dev? If not, that's the solution...v2.2.5_28!

                pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                nfld_republicN 1 Reply Last reply Reply Quote 0
                • nfld_republicN
                  nfld_republic @NollipfSense
                  last edited by

                  @NollipfSense - Nope, release streams:
                  pfSense 2.4.4-RELEASE-p3 (amd64)
                  pfBlockerNG 2.1.4_20

                  Weird...

                  NollipfSenseN 1 Reply Last reply Reply Quote 0
                  • nfld_republicN
                    nfld_republic
                    last edited by

                    Does anyone have the AWS EC2 IP list URL?

                    1 Reply Last reply Reply Quote 0
                    • NollipfSenseN
                      NollipfSense @nfld_republic
                      last edited by

                      @nfld_republic So, the pfBlockerNG 2.1.4.20...is that the Dev? I don't remember what I had before I upgraded to pfSense 2.5-Dev; however, your issue is weird indeed, as I have never had a situation that a restore from a backup didn't resolve nor a complete removal of pBlockerNG and a reinstall didn't restore all settings. So, your pfSense configurations are messed up.

                      pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                      pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                      1 Reply Last reply Reply Quote 0
                      • provelsP
                        provels
                        last edited by

                        There are no references to pfBlocker in the config.xml you are restoring?

                        Peder

                        MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
                        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

                        nfld_republicN 1 Reply Last reply Reply Quote 0
                        • nfld_republicN
                          nfld_republic @provels
                          last edited by nfld_republic

                          @provels There are (subsets):

                          <filter>
                          		<rule>
                          			<ipprotocol>inet</ipprotocol>
                          			<type>block</type>
                          			<descr><![CDATA[pfB_BinaryDefense auto rule]]></descr>
                          			<source>
                          				<address>pfB_BinaryDefense</address>
                          			</source>
                          			<destination>
                          				<any></any>
                          			</destination>
                          			<log></log>
                          			<created>
                          				<time>1572831020</time>
                          				<username>Auto</username>
                          			</created>
                          			<interface>wan</interface>
                          			<tracker>1770009093</tracker>
                          		</rule>
                          		<rule>
                          			<ipprotocol>inet</ipprotocol>
                          			<type>block</type>
                          			<descr><![CDATA[pfB_EmergingThreats auto rule]]></descr>
                          			<source>
                          				<address>pfB_EmergingThreats</address>
                          			</source>
                          			<destination>
                          				<any></any>
                          			</destination>
                          			<log></log>
                          			<created>
                          				<time>1572831020</time>
                          				<username>Auto</username>
                          			</created>
                          			<interface>wan</interface>
                          			<tracker>1770009327</tracker>
                          		</rule>
                          

                          Aliases:

                          <aliases>
                          		<alias>
                          			<name>pfB_BinaryDefense</name>
                          			<url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_BinaryDefense</url>
                          			<updatefreq>32</updatefreq>
                          			<address></address>
                          			<descr><![CDATA[pfBlockerNG  Auto  List Alias]]></descr>
                          			<type>urltable</type>
                          			<detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail>
                          		</alias>
                          		<alias>
                          			<name>pfB_EmergingThreats</name>
                          			<url>http://127.0.0.1:80/pfblockerng/pfblockerng.php?pfb=pfB_EmergingThreats</url>
                          			<updatefreq>32</updatefreq>
                          			<address></address>
                          			<descr><![CDATA[pfBlockerNG  Auto  List Alias]]></descr>
                          			<type>urltable</type>
                          			<detail><![CDATA[DO NOT EDIT THIS ALIAS]]></detail>
                          		</alias>
                          
                          provelsP 1 Reply Last reply Reply Quote 0
                          • provelsP
                            provels @nfld_republic
                            last edited by provels

                            @nfld_republic Nothing like <pfblockerngdnsbl> or <pfblockernglistsv4>?
                            Those contain all my URLS.
                            Might be <pfblockerdnsbl> or <pfblockerlistsv4> for you since you're not running NG, but I can't be sure.

                            Peder

                            MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
                            BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

                            nfld_republicN 1 Reply Last reply Reply Quote 0
                            • nfld_republicN
                              nfld_republic @provels
                              last edited by

                              @provels - Hi, I am running pfBlockerNG (v. 2.1.4_20).

                              I don't use DNSBL, just the IPs. I started readding the blocklist IPs (e.g., BinaryDefense, EmergingThreats, firehol Level 1 to 3) and they now work.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.