• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Bug report: PfblockerNG add 1.1.1.1 when threat source input is empty

Scheduled Pinned Locked Moved pfBlockerNG
6 Posts 3 Posters 608 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    securli
    last edited by Jul 22, 2020, 4:01 AM

    At Firewall / pfBlockerNG / Edit / IPv4
    When you add "IPv4 Lists", if the threat source, like http://abc.com/def.txt is an empty file, pfBlockerNG will add an IP 1.1.1.1 to prevent empty input, then it will block cloudflare public DNS 1.1.1.1 , it is very popular now a day, it shouldn't work like this.

    V 1 Reply Last reply Jul 22, 2020, 5:52 AM Reply Quote 0
    • V
      viktor_g Netgate @securli
      last edited by Jul 22, 2020, 5:52 AM

      @securli What is your pfBlockerNG version?
      Unable to reproduce

      1 Reply Last reply Reply Quote 0
      • S
        securli
        last edited by Jul 22, 2020, 6:14 AM

        pfBlockerNG 2.1.4_22

        pfsense 2.4.5-RELEASE-p1 (amd64)
        built on Tue Jun 02 17:51:17 EDT 2020
        FreeBSD 11.3-STABLE

        The most interesting is that pfBlockerNG have a message told me that it add 1.1.1.1 to prevent empty, so there must have this function inside pfBlockerNG.

        1 Reply Last reply Reply Quote 0
        • J
          JeGr LAYER 8 Moderator
          last edited by JeGr Jul 22, 2020, 6:51 AM Jul 22, 2020, 6:50 AM

          That is the old stable version of pfBNG? Please install the dev version that really isn't that "dev" anymore and a big upgrade to that version. It already has that hardcoded things fixed with a configurable IP that defaults to 127.1.1.7 now so to not make problems with real IPs. I think there's some older thread about that already in how to (manually) fix that in the old stable.

          Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

          If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

          S 1 Reply Last reply Jul 22, 2020, 3:07 PM Reply Quote 1
          • S
            securli @JeGr
            last edited by Jul 22, 2020, 3:07 PM

            @JeGr Thank you very much, this bug is so stupid, it should check the downloaded file is zero or not instead of random block an IP address.

            1 Reply Last reply Reply Quote 0
            • J
              JeGr LAYER 8 Moderator
              last edited by Jul 23, 2020, 8:47 AM

              @securli said in Bug report: PfblockerNG add 1.1.1.1 when threat source input is empty:

              @JeGr Thank you very much, this bug is so stupid, it should check the downloaded file is zero or not instead of random block an IP address.

              That's what it does. But pf can't handle empty files/lists so it has to be at least one entry in it, that's why in the old version there was a default value - 1.1.1.1 - long before that IP was made a DNS service by Cloudflare and APNIC. That's why it was changed to 127.1.1.7 per (new) default.

              Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

              If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

              1 Reply Last reply Reply Quote 0
              1 out of 6
              • First post
                1/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received