pfBlocker doesn't create any rule or alias

info385

Hey there,

I think I have a problem with pfBlocker.

I activated the API key in general settings and rebooted.
I was able to browse the GeoIP menu, and I tried to select a few countries and apply a deny rule.
No rule was created in the Firewall.
I tried to do the same with a country and chose Alias, to create the rule later. But it doesn't create any alias.

The GeoIP page remember the countries I've selected because the list is like the last time I applied some settings.

Sometimes when I click Save, it doesn't load completely, I can let my browser on hold for a few minutes and it doesn't load.

Any idea what's happening ?

Cheers

jdeloach

@info385 said in pfBlocker doesn't create any rule or alias:

Hey there,

I think I have a problem with pfBlocker.

I activated the API key in general settings and rebooted.
I was able to browse the GeoIP menu, and I tried to select a few countries and apply a deny rule.
No rule was created in the Firewall.
I tried to do the same with a country and chose Alias, to create the rule later. But it doesn't create any alias.

The GeoIP page remember the countries I've selected because the list is like the last time I applied some settings.

Sometimes when I click Save, it doesn't load completely, I can let my browser on hold for a few minutes and it doesn't load.

Any idea what's happening ?

Cheers

You have to Force a reload, before it will create any rules after you select the countries you want to block.

Goto Firewall, pfblockerNG, Update, Select 'Force' option, Reload, Run. After that completes the rules will be created.

This should solve your problem.

info385

Thanks for your reply!

I tried to create an alias for Switzerland and forced to reload.
I saw an error saying there's :
Could not open ISO

No IP found so it adds 1.1.1.1 so the file isn't empty.
Still no rule created. Is there really 0 entry for Switzerland or it's an error ?

Then I tried to select all the countries in the top20, the page failed on loading after clicking on Save.

And indeed, after a new reload, this time it has added the alias.

So basically, if I want to reset GeoIP, I need to set every country on List action: Disabled
and remove the alias and rules ?

And by the way, I still don't get how we're supposed to setup without 'blocking the world'
The best way to do it would be

• accept country1 and country2
• drop everything else

Any example of config ?

Best regards

SteveITS

The Force option Update will download the IP lists and create the aliases. If you're getting an error with the update, then it probably didn't create the aliases. In other words it has no information to work with. I've not run into an error there, let alone mentioning an ISO.

Generally when I've created them I use Alias Native and then create my own firewall rules.