Disable action does not work ?
-
I use pfBlockerNG-devel 3.0.0_16 and troubleshooting an issue and needed to disable one of the GeoIP feeds.
I went to GeoIP
Disabled the feed
Saved
Ran force reloadChecked and the rule was not actually working (ping an IP that is blocked by the feed).
Checked the FW (floating) and the corresponding rule was still enabled (does pfBlockerNG-devel disable FW rule in this scenario??)
Then
Disabled FW rule and confirmed that it was successful.Why before I disabled the FW it did not work?
Anything else I missed doing ?Thx
-
My turn :
I went to GeoIP
I enabled a feedLike this :
Saved
Ran force reloadI had these 4 new firewall rules on my Floating page :
I removed the GEOP feed, saved, ran force reload.
The four firewall rules (see above) on the floating page were gone.
Btw : Normally, I do not use the GEOIP feeds, as I'm not hosting any web or mail server / I'm not letting anything in (well, I do, but these are limited using known source IP addresses).
-
I removed the GEOP feed, saved, ran force reload.
Ho did you "remove" it? I see only option to "disable" for GeoIP (unlike for IPv4 they can be deleted)
-
Disabled is like removed (for me).
-
@gertjan said in Disable action does not work ?:
Disabled is like removed (for me).
Got it! That's helpful.
Just to confirm - after you disabled GeoIP feed the corresponding FW rules were removed as well ?This is what I expect, but don't see happening!
-
@chudak said in Disable action does not work ?:
Just to confirm - after you disabled GeoIP feed the corresponding FW rules were removed as well ?
I confirm.
Did you hit the save button(see image above) ?
edit : this button :
No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
-
Confirmed the same problem on 2.5.1-RELEASE/pfBlockerNG-devel 3.0.0_16
Disable GeoIP Europe + update/reload -> does not remove pfB_NAmerica_v4 FW rule !
-
@chudak Maybe post pfblockerng.log, we can't see much without that.
-
@ronpfs said in Disable action does not work ?:
@chudak Maybe post pfblockerng.log, we can see much without that.
https://pastebin.ubuntu.com/p/SHnvfgm2xN/
Please take a look !
Thx! -
@chudak Did you ran a Force Update or a Force Reload All after disabling the GeoIP group?
-
@ronpfs said in Disable action does not work ?:
@chudak Did you ran a Force Update or a Force Reload All after disabling the GeoIP group?
Yes
-
@chudak So you ran both ? timestamp of the Force Update ?
-
You know I need to play with a bit and produce a good log. Will update later.
Thx for looking !
-
@chudak said in Disable action does not work ?:
You know I need to play with a bit and produce a good log. Will update later.
Thx for looking !Start by enable only on GeoIP group check if things change with a Force Update, then run a Force Reload IP or ALL.
Disable that GeoIP group, Update, Reload IP.
-
It looks like it was my bad and disable in fact does work.
My apologies !
Can I ask you kinda related-unrelated question.
When I look at my Whitelist I see:
and corresponding FW rule:
Do White_List_hosts and White_List_ports have to be used? Can they be removed ?
-
@chudak said in Disable action does not work ?:
Do White_List_hosts and White_List_ports have to be used? Can they be removed ?
When was this settings configured ? Look at both aliases to see if they are still relevant.
-
@ronpfs said in Disable action does not work ?:
When was this settings configured ? Look at both aliases to see if they are still relevant.
The problem is I don;t actually remember when and how :)
So I'd say no need for them. But when I try to disable "Custom DST Port" and "Custom Destination" and Save I get:
???
What do you see there ?
-
@chudak Strange. You are sure you untick both boxes, save, etc ?
-
@ronpfs said in Disable action does not work ?:
@chudak Strange. You are sure you untick both boxes, save, etc ?
Yup, unchecked both and on save that error.
Do you have aliases in tee WL?
