4. pfBlocker GeoIP Not Working

pfBlocker GeoIP Not Working

  • E

    I have been having an issue with pfBlocker's GeoIP functionality since the upgrade to pfSense 2.4.5. I currently am on 2.2.5_32 of pfB.

    I utilize the GeoIP functionality to deny inbound connections to specific countries. However, it seems as if the rule that pfB adds to the pfS firewall rules doesn't correctly analyze the packets. For example, if I look at the firewall rules page under the states column it will list 0/0 B for each firewall rule added by pfB. In addition, if I look at the pfB dashboard the packets column will sit at 0.
    2020-05-06_9-09-08.jpg

    I know that I am receiving traffic from the countries I am attempting to block because I enable the kill states setting in pfB and I can see pfB remove open states in the update logs from the specific countries I am trying to block.

    I also have certain alias' that will show a count of 0 IPs even though I can pull up the individual file from within the pfB log page.
    2020-05-06_9-04-55.jpg

    I have attempted to completely reinstall pfB with and without the keep settings option.

    Any ideas as to what would cause this? I previously had pfB working flawlessly for quite some time.

    0
  • M

    I had a similar issue after upgrading to 2.4.5 this weekend. pfBlocker had not had a max mind key before the update as it was an old version. I let the package update during the pfSense upgrade. I entered the maxmind key and ran an update in pfB but that didn't help. Ultimately I had to make a firewall rule change to get it to accept the GeoIP aliases. I suppose I could have just rebooted or done a filter reload too. Try either of those and see if it helps.

    0
  • E

    Unfortunately, that did not work for me. I did a filter reload, tried adding a new firewall rule, and rebooted. I also verified the maxmind key is being correctly pulled based off of the 'last used' field on the maxmind site.

    0
    J
     1 Reply
  • A

    I have the same problem.

    Any solution ?

    0
  • J

    @econ said in pfBlocker GeoIP Not Working:

    Unfortunately, that did not work for me. I did a filter reload, tried adding a new firewall rule, and rebooted. I also verified the maxmind key is being correctly pulled based off of the 'last used' field on the maxmind site.

    You probably need to force Maxmind to update.

    Run this command from the command prompt to force Maxmind to update: php /usr/local/www/pfblockerng/pfblockerng.php dc . This should force the Maxmind.com database to update.

    0
    A
     1 Reply
  • A

    It worked, thanks !

    Just for those who are struggling: I had to put this command, including the quotes in the PHP window:

    "/usr/local/www/pfblockerng/pfblockerng.php dc"

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy