SG-3100 21.02_2 pfB 3.0.0_16 - It was working but now it isn't
Had to reinstall and restore xml config due to a power outage..
Before reinstall, pfblockerng was working flawless with the following feeds:
IP (default installed with pfblockerng)
Abuse_Feodo_C2_v4, Abuse_IPBL_v4, Abuse_SSLBL_v4, CINS_army_v4, ET_Block_v4, ET_Comp_v4, ISC_Block_v4, Spamhaus_Drop_v4, Spamhaus_eDrop_v4, Talos_BL_v4 ]
PlexRemoteCheck_v4 - very small list: https://s3-eu-west-1.amazonaws.com/plex-sidekiq-servers-list/sidekiqIPs.txt
DNSBL Default: (default installed with pfblockerng)
Complete Malicious - Collection of Malicious Domain Feeds
Now, I'm getting the php dump error during reboot... It seems that there is something else happening here, not only the php error, otherwise it wouldn't be working before the reinstall..
By the way, exactly same configuration..
Hey, it's working now..
It seems that when you install pfblockerng, you can't have any ipsec tunnels configured.
So, what I did was to remove all my IPsec tunnels, install pfblockerng, configure it accordingly, then configure my ipsec tunnels after that..
It working flawless again.. No php errors..
Can someone test and confirm what I found ??
Edit: Rebooted a few times, and the error happened, so removed again the ipsec tunnels, and rebooted 5 times, no more errors.. I guess that there is something with ipsec and pfblockerng that triggers the problem.. Without any tunnels configured, the php error is not triggered.. no matter how large the feeds lists are.
You can install the System Patches package and then create an entry for the patch URL
https://redmine.pfsense.org/attachments/download/3707/patch-disable-pcrejit-arm.diffto apply the fix.
Then run console menu options 16 and 11 to restart PHP and the GUI, or reboot.
pfBlockerNG and URL tables use PCRE matching so the crash you observed may be fixed by that patch.
Thanks jimp, already using this patch, I was following the redmine ticket about the php bug.
It is working perfectly after applying this patch :) Good job jimp and Netgate.
Good to hear it worked for you!
We were still getting a couple reports that people had issues but without any details about what was still broken. If you, or anyone else reading this thread, happen to encounter further problems, make sure to follow-up with log messages and other info so we can diagnose it further.