Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IP logs are not being created/populated

    Scheduled Pinned Locked Moved pfBlockerNG
    pfblockernglogsconfiguration
    20 Posts 9 Posters 4.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Beerman @BBcan177
      last edited by

      @bbcan177

      Thx! šŸ‘ ☺

      1 Reply Last reply Reply Quote 0
      • B
        Beerman @BBcan177
        last edited by

        @bbcan177

        And the fix is working, thx! :)

        GertjanG 1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan @Beerman
          last edited by

          @beerman

          And it seems bb is running 2.6.x ;)

          The log file format changed :(

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          _ 1 Reply Last reply Reply Quote 0
          • B Beerman referenced this topic on
          • T Tzvia referenced this topic on
          • T Tzvia referenced this topic on
          • T tman222 referenced this topic on
          • T tman222 referenced this topic on
          • _ _rp referenced this topic on
          • _
            _rp @Gertjan
            last edited by

            I've tried running the command and rebooting the pfsense and it still doesn't log anything for the IP's

            22.05-DEVELOPMENT (amd64)
            built on Thu Mar 03 06:18:46 UTC 2022
            FreeBSD 12.3-STABLE
            pfblockerng-Devel 3.1.0_1

            1 Reply Last reply Reply Quote 0
            • GertjanG Gertjan referenced this topic on
            • GertjanG Gertjan referenced this topic on
            • fireodoF fireodo referenced this topic on
            • fireodoF fireodo referenced this topic on
            • fireodoF fireodo referenced this topic on
            • fireodoF fireodo referenced this topic on
            • fireodoF fireodo referenced this topic on
            • S
              SuperTechie
              last edited by

              If it helps anyone else, I just did 2 pfSense clean load upgrades from 2.5.x to 2.6. After installation the version of pfblockerNG was version 2.1.4_27. pfblockerNG logging did not work on either installation until I uninstalled pfblockerNG and reinstalled. After the reinstall it works great again!

              Awesome Package!

              1 Reply Last reply Reply Quote 0
              • A
                azdeltawye
                last edited by

                @bbcan177 said in IP logs are not being created/populated:

                https://www.reddit.com/r/pfBlockerNG/comments/sk9txi/ip_block_logging_not_working_pfsense_260rc/

                Hello,
                Old thread, I know...
                I'm trying to apply this patch in the 'patch manager' package and I cant seem to get it to work.

                curl -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7cb8635199446866d511b97166d65296/raw/"
                

                Not sure what I am doing wrong, but I paste the above url in the URL/Commit ID box and there is nothing to fetch.

                Then if it paste the above command in the CLI, I get the following error:
                PHP Response
                Line 1 appears to have generated an error, and has been highlighted. The full response is below.
                Note that the line number in the full PHP response will be 6 lines too large. Nested code and eval() errors may incorrectly point to "line 1".

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @azdeltawye
                  last edited by

                  @azdeltawye

                  What is the source of this info ?
                  Last minute patches could be obtained directly from the source code tree that BB uses to write pfBlocker. These were not pages, you just get the entire file, like /usr/local/pkg/pfblockerng/pfblockerng.inc in this case.

                  Files you curl down to your pfSense are not files to be handled with the pfSense patch manager.

                  Also, BBcan has to give you access to his https://gist.githubusercontent.com/BBcan177/ on his side.

                  This : pfBlockerNG-devel 3.1.0_4 is the latest version.

                  There is a patch I found in redmine : https://redmine.pfsense.org/issues/13154

                  Here it is

                  diff --git a/net/usr/local/pkg/pfblockerng/pfblockerng.inc b/net/usr/local/pkg/pfblockerng/pfblockerng.inc
                  index 7fa8c1d2f8bf..2abbef30578b 100644
                  --- a/net/usr/local/pkg/pfblockerng/pfblockerng.inc
                  +++ b/net/usr/local/pkg/pfblockerng/pfblockerng.inc
                  @@ -4136,7 +4136,7 @@ function pfb_filterrules() {
                           foreach ($results as $result) {
                               if (substr($result, 0, 1) == '@') {
                  
                  -                $r = explode(')', $result, 2);
                  +                $r = explode(' ', $result, 2);
                  
                                   // pfSense > v2.6 uses an 'ridentifier' string
                                   if (strpos($result, 'ridentifier') != FALSE) {
                  

                  but please, don't copy from here (I could have added an exploit ^^), copy from redmine.

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  A 1 Reply Last reply Reply Quote 0
                  • A
                    azdeltawye @Gertjan
                    last edited by

                    @gertjan
                    Thanks for the info!

                    Yeah, I was looking at an old Reddit post which talked about this error and a possible fix. I'm not too keen on typing random stuff in the CLI, so I'll just wait until the real fix is implemented in 3.1.0_5 or 22.09.

                    The actual bug is not that bad; I've confirmed pfB is blocking/rejecting the IPs in my block list, it's just not logging them...

                    1 Reply Last reply Reply Quote 0
                    • Bob.DigB
                      Bob.Dig LAYER 8
                      last edited by

                      It is odd that this problem still exists for so long now. Sure, it is just an Package but it is the most important one in my book.

                      keyserK 1 Reply Last reply Reply Quote 0
                      • keyserK
                        keyser Rebel Alliance @Bob.Dig
                        last edited by

                        @bob-dig said in IP logs are not being created/populated:

                        It is odd that this problem still exists for so long now. Sure, it is just an Package but it is the most important one in my book.

                        Yeah, @BBcan177 is likely a busy gentleman, but I’m sure a new build will surface eventually.

                        But pfBlockerNG is much more than ā€œjust a packageā€. I’ll bet you pfBlockerNG is BY FAR the most used package on pfSense. In fact I’d highly recommend Netgate to find the currency needed to purchase the talents of bbcan177 and the pfBlockerNG name, and start including it as a bulitin feature of pfsense. With the same development/maintenance and continuity as pfSense itself.

                        Without pfBlockerNG, pfSense would be a much much less relevant product.

                        Love the no fuss of using the official appliances :-)

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.