Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Factory reset and reinstall of pfblockerng fails to reinstall rules

    pfBlockerNG
    3
    3
    657
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Gordon Shumway
      last edited by

      Netgate SG-3100, Version 21.02-release, Pfsense+, FreeBSD 12.2Stable.

      Two weeks ago I clicked on the option to update to "Version 21.02.2" and things went downhill fast from there. I lost internet connectivity and not knowing where to start I tried to restore a recent config backup. That failed. I contacted support to get a bootable version of 21.02 firmware to restore and was eventually able to boot it and "run recovery" and reload a recent config. Now for some odd reason a reinstall of pfblockerng won't put the "dsnbl" firewall rules back. I have tried completely uninstalling pfblockerng, rebooting the device, and starting over but no luck. Any ideas where to start/restart? I am by no means a Pfsense or firewall expert so please don't tear me up too badly.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @Gordon Shumway
        last edited by

        @gordon-shumway said in Factory reset and reinstall of pfblockerng fails to reinstall rules:

        That failed.

        Multiple reasons. Like :
        The names of the interfaces you use right now are not the same as the ones before, referenced in the backup.
        The lists you used before do not exist any more.
        Etc.

        I advise you to set up pfBlokcerNG "from scratch".
        You can use your saved config as a 'instruction manual' : it's a very readable file, locate the pfBlockerNG section, install the feeds and settings per feed, and after each feed or option page, do a forced pfBlockerNG restart.

        And respect the golden rule : keep it simple.

        Btw : pfSense, by default, has no pfblockerng. So it works ;)
        When you install pfblockerng - it's not activated, nothing is loaded (no feeds) - no settings are changed - so it works.
        When you go now "step by step", install one feed after another, and check things after each step, you might find a point where things (have to be) different as the last time : this is the point where the saved config would bail out. But now you see why.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • lohphatL
          lohphat
          last edited by

          I was seeing odd behavior after the upgrade so I just started over with a clean config for pfBlockerNG-devel things are working again.

          I suspect that there's "config rot" over time which requires occasional need to flush the config and start over.

          Not only for packages, I've had to reset standard base config settings after the upgrade to get things to work.

          Since then, things have been running smoothly with low CPU and memory usage.

          SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_1)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.