pfBlockerNG-devel 3.0.0_3 DNSBL alerts no longer showing source IP
-
I've just updated to the latest release and noticed under the reports and alerts its no longer displaying the source IP that generated an alert,
The bottom two rows are pre upgrade.
-
@mr_jinx
Hi,
as I have read this should be normal if you are in Unbound Python Mode.Regards,
fireodoKettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
pfsense 2.7.2 CE
Packages: Apcupsd Cron Iftop Iperf LCDproc Nmap pfBlockerNG RRD_Summary Shellcmd Snort Speedtest System_Patches. -
@mr_jinx
Is this the page you're referring to? This, mine on 3.0.0_2 on Python.
-
@provels said in pfBlockerNG-devel 3.0.0_3 DNSBL alerts no longer showing source IP:
@mr_jinx
Is this the page you're referring to? This, mine on 3.0.0_2 on Python.
No. mr_jinx is meaning this: "DNSBL Block- Last 50 Alert Entries"
-
@fireodo
OK, found. I see a mix of Unknown and IPs on my 3.0.0_2 version using Python.
-
@fireodo your right, I changed it back to unbound mode and i can now see the source IP being logged.
-
@mr_jinx you can also leave python mode enabled and tick this to have alerts
-
@mind12 said in pfBlockerNG-devel 3.0.0_3 DNSBL alerts no longer showing source IP:
@mr_jinx you can also leave python mode enabled and tick this to have alerts
I have DNSBL Event Logging enabled with the pfBlockerNG python module filtering enabled. It seems like this fixes the issue for HTTP requests, but HTTPS requests still show up as unknown.
Is there anyway to fix this while still using the pfBlockerNG python module?
How do we change the SSL certificate used for pfBlockerNG with the python module? Perhaps that is the issue since the machines on my LAN show all DNSBL rejections/redirects as an invalid SSL certificate
-
I am running Version 2.4.5-RELEASE-p1 and pfBlocker DEVEL 3.0.0_3
