IP logs are not being created/populated
-
Thx!
-
And the fix is working, thx! :)
-
-
B Beerman referenced this topic on
-
T Tzvia referenced this topic on
-
T Tzvia referenced this topic on
-
T tman222 referenced this topic on
-
T tman222 referenced this topic on
-
_ _rp referenced this topic on
-
I've tried running the command and rebooting the pfsense and it still doesn't log anything for the IP's
22.05-DEVELOPMENT (amd64)
built on Thu Mar 03 06:18:46 UTC 2022
FreeBSD 12.3-STABLE
pfblockerng-Devel 3.1.0_1 -
G Gertjan referenced this topic on
-
G Gertjan referenced this topic on
-
F fireodo referenced this topic on
-
F fireodo referenced this topic on
-
F fireodo referenced this topic on
-
F fireodo referenced this topic on
-
F fireodo referenced this topic on
-
If it helps anyone else, I just did 2 pfSense clean load upgrades from 2.5.x to 2.6. After installation the version of pfblockerNG was version 2.1.4_27. pfblockerNG logging did not work on either installation until I uninstalled pfblockerNG and reinstalled. After the reinstall it works great again!
Awesome Package!
-
@bbcan177 said in IP logs are not being created/populated:
https://www.reddit.com/r/pfBlockerNG/comments/sk9txi/ip_block_logging_not_working_pfsense_260rc/
Hello,
Old thread, I know...
I'm trying to apply this patch in the 'patch manager' package and I cant seem to get it to work.curl -o /usr/local/pkg/pfblockerng/pfblockerng.inc "https://gist.githubusercontent.com/BBcan177/7cb8635199446866d511b97166d65296/raw/"Not sure what I am doing wrong, but I paste the above url in the URL/Commit ID box and there is nothing to fetch.
Then if it paste the above command in the CLI, I get the following error:
PHP Response
Line 1 appears to have generated an error, and has been highlighted. The full response is below.
Note that the line number in the full PHP response will be 6 lines too large. Nested code and eval() errors may incorrectly point to "line 1". -
What is the source of this info ?
Last minute patches could be obtained directly from the source code tree that BB uses to write pfBlocker. These were not pages, you just get the entire file, like /usr/local/pkg/pfblockerng/pfblockerng.inc in this case.Files you curl down to your pfSense are not files to be handled with the pfSense patch manager.
Also, BBcan has to give you access to his https://gist.githubusercontent.com/BBcan177/ on his side.
This : pfBlockerNG-devel 3.1.0_4 is the latest version.
There is a patch I found in redmine : https://redmine.pfsense.org/issues/13154
Here it is
diff --git a/net/usr/local/pkg/pfblockerng/pfblockerng.inc b/net/usr/local/pkg/pfblockerng/pfblockerng.inc index 7fa8c1d2f8bf..2abbef30578b 100644 --- a/net/usr/local/pkg/pfblockerng/pfblockerng.inc +++ b/net/usr/local/pkg/pfblockerng/pfblockerng.inc @@ -4136,7 +4136,7 @@ function pfb_filterrules() { foreach ($results as $result) { if (substr($result, 0, 1) == '@') { - $r = explode(')', $result, 2); + $r = explode(' ', $result, 2); // pfSense > v2.6 uses an 'ridentifier' string if (strpos($result, 'ridentifier') != FALSE) {but please, don't copy from here (I could have added an exploit ^^), copy from redmine.
-
@gertjan
Thanks for the info!Yeah, I was looking at an old Reddit post which talked about this error and a possible fix. I'm not too keen on typing random stuff in the CLI, so I'll just wait until the real fix is implemented in 3.1.0_5 or 22.09.
The actual bug is not that bad; I've confirmed pfB is blocking/rejecting the IPs in my block list, it's just not logging them...
-
It is odd that this problem still exists for so long now. Sure, it is just an Package but it is the most important one in my book.
-
@bob-dig said in IP logs are not being created/populated:
It is odd that this problem still exists for so long now. Sure, it is just an Package but it is the most important one in my book.
Yeah, @BBcan177 is likely a busy gentleman, but Iām sure a new build will surface eventually.
But pfBlockerNG is much more than ājust a packageā. Iāll bet you pfBlockerNG is BY FAR the most used package on pfSense. In fact Iād highly recommend Netgate to find the currency needed to purchase the talents of bbcan177 and the pfBlockerNG name, and start including it as a bulitin feature of pfsense. With the same development/maintenance and continuity as pfSense itself.
Without pfBlockerNG, pfSense would be a much much less relevant product.
