pfBlockerNG-devel 3.1.0 Not Logging Blocked IPs

ProperCactus

Hi, running pfBlockerNG-devel 3.1.0 in Unbound python mode, I have lists setup to block for pfBlocker NG, and as you can see from the pfBlockerNG widget I have IP addresses beling blocked:

Screen Shot 2021-10-13 at 5.23.10 pm.png

However when I click on the '99' the list that used to be populated with blocked IPs is totally empty:

Screen Shot 2021-10-13 at 5.26.47 pm.png

And when I check the ip_block logfile, it is also empty and it says that the logfile does not exist:

Screen Shot 2021-10-13 at 5.27.44 pm.png

ProperCactus

I noticed that the log file is missing and I have made it and gave it root:wheel ownership and 600 permissions like the other log files but it seems to make no difference

ProperCactus

I reinstalled the package and it's the same. Seems IP logging is broken on the latest devl package

ProperCactus

@BBcan177

ProperCactus

Crickets....... awesome! I think maybe this project is dead :/

MoonKnight

@propercactus

No problem here

ProperCactus

@ciscox Any recommendations on how to fix? Are you running in unbound mode or python mode?

Also what version pfsense and pfBlockerNG are you running?

fireodo

@propercactus said in pfBlockerNG-devel 3.1.0 Not Logging Blocked IPs:

@ciscox Any recommendations on how to fix?

Maybe doing what in pfblocker genal settings is recommended: " Note: To clear all downloaded lists, uncheck these two checkboxes and 'Save'. Re-check both boxes and run a 'Force Update|Reload' "

Are you running in unbound mode or python mode?
Yes
Also what version pfsense and pfBlockerNG are you running?
3.1.0
No problem here neither:

MoonKnight

@propercactus

Running pfSense 2.5.2 and newest pfBlockerNG-devel 3.1.0

ProperCactus

@fireodo Yea I've done that heaps coz I had an issue where some of the blocklists were firewalled, I had to allow the IPs for the lists so I been doing the force reload of the lists and stuff a lot.

I also reinstalled pfBlockerNG. No improvement.

ProperCactus

@ciscox I'm same specs as you, are you auto generating the firewall rules or are you creating aliases and then setting your own firewall rules based on the aliases?

MoonKnight

@propercactus

ProperCactus

@ciscox Yea that's where we differ, you're using auto-rules where pfBlocker will create the firewall rules for you. I cannot do that as I need to have some outbound only, some in and out etc, so I'm letting it create the aliases and I've created my own firewall rules using those aliases.

I think this might be the difference as if it doesn't create the firewall rules automatically, it may also not be creating ip_block.log.

I reckon that's the issue.