pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!
-
I reinstalled pfBlockerNG and triggered Forced Reload-DNSBL. Everything seemed fine and DNS resolver was up with Unbound python mode.
Then I rebooted the box for a second check and unfortunately the resolver was down again with error "can't open file pfb_unbound.py for reading".
-
@cantor
You can't use RamDisks, since the /var/ folder is wiped on reboot. Need to disable that option, and reinstall once more to get the python script back. -
Ouch! That's it. Thanks for your help. Now everything works fine. :-)
-
I'm looking for a little clarification regarding the unbound config changes after switching to python mode.
- I've notice that unbound is unstarted after any pfBlockerNG-devel v3.x.x package updates. DNS lookups fail so I have to manually restart it.
- The docs indicate to change the interface to localhost in unbound. I assume it's the "Outgoing Network Interfaces" (now set to "localhost") and not the "Network Interfaces" (currently set to "all") above it.
- My DNS settings in general setup already has localhost configured (Disable DNS Forwarder is unchecked) as one of the upstream DNS servers. Do I keep this config or remove 127.0.0.1?
127.0.0.1
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
So...have I made the correct changes? It seems to be working so far but want a 2nd opinion via another set of eyes to make sure I've understood the intended setup.
-
been bombarded by this dont know what happens but im blocking ipv6 everywhere.
[02-Mar-2021 15:29:50 Asia/Manila] PHP Fatal error: Uncaught Error: Class 'Net_IPv6' not found in /etc/inc/util.inc:680
Stack trace:
#0 /etc/inc/util.inc(657): is_ipaddrv6('pagead2.googles...')
#1 /usr/local/www/pfblockerng/www/index.php(59): is_ipaddr('pagead2.googles...')
#2 {main}
thrown in /etc/inc/util.inc on line 680 -
@thegenius21
See also here (not posted in the pfB section although probably a pfB related issue). -
I have tried to install the latest version of PFblockerNg v3.0 however the initialisation is still running after 30 mins. Unloaded older version and tryting to load latest version but still hangs. What is the CLI to install manually please?
-
There's no CLI command to install "pfSense"packages.
What happens when you install a 'simple/small' pfSense package like 'Cron' ?
-
@mikeelawson said in pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!:
I have tried to install the latest version of PFblockerNg v3.0 however the initialisation is still running after 30 mins. Unloaded older version and tryting to load latest version but still hangs. What is the CLI to install manually please?
Related to this:
https://redmine.pfsense.org/issues/11398If you wait at the page it will eventually timeout. While it is in that condition, you can kill the Unbound pid and it should complete faster. Then restart Unbound post-install.
pkill unbound
-
@bbcan177 I have tried the unbound command, but again just hangs when I try to install.
-
@mikeelawson
At what point ?
Any logs ? Screenshot ? -
@gertjan It started happening when I tried to install new package. Screenshot, just shows initialising, no further update
-
@mikeelawson said in pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!:
@gertjan It started happening when I tried to install new package. Screenshot, just shows initialising, no further update
Yeah, that's the GUI ....
The GUI is only good if everything works well.For all the other days, there is
@gertjan said in pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!:
You should click on the link, and read.
You'll notice that there are no GUI examples.
Its right from the first line "command line only".
I advise you to read, test and report back here if you find different. -
@j-koopmann This is the behaviour with my setup too, have you found out what could have been causing this? when pfblocker has a match it send an answer (the VIP) with SERVFAIL.
-
@flepti said in pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!:
my setup too
You mean you use pfSense 2.4.5 and "007" fBlockerNG-devel ?
Easy solution : upgrade ?!