pfBlockerNG-devel v3.1.0_19/10

[ Virgin_Media_UK_AS13076_v4 ]	 Downloading update .
  Downloading ASN: 13076... completed
. completed ..
  Empty file, Adding '127.1.7.7' to avoid download failure.

but I've seen that occasionally before (and why I originally set my other ASN aliases to HOLD when i suddenly found I couldn't connect from my phone externally via Wireguard or OpenVPN).

I suspect this probably just indicates a problem with the download site, rather than any underlying problem within pfBlockerNG-devel v3.1.0_11 on pfSense 2.6.0.

I've leave my test entry in there and see if it properly updates in a few days.

Thanks for such a swift update and resolution.

pfT

@pft said in pfBlockerNG-devel v3.1.0_19/10:

@bbcan177

I've also updated and can confirm this fixed the error I was seeing with ASN.

I'm now getting:
[ Virgin_Media_UK_AS13076_v4 ]	 Downloading update .
  Downloading ASN: 13076... completed
. completed ..
  Empty file, Adding '127.1.7.7' to avoid download failure.
but I've seen that occasionally before (and why I originally set my other ASN aliases to HOLD when i suddenly found I couldn't connect from my phone externally via Wireguard or OpenVPN).

I suspect this probably just indicates a problem with the download site, rather than any underlying problem within pfBlockerNG-devel v3.1.0_11 on pfSense 2.6.0.

I've leave my test entry in there and see if it properly updates in a few days.

Thanks for such a swift update and resolution.

As an update.
I did some more digging and found my test ASN numbers didn't contain any IP ranges, so the result was expected.

Once I chose an ASN containing IP ranges. (AS5089 for what i was expecting from AS13076) then it all worked perfectly.

I am still getting some weirdness though.

I'm getting:

====================[ Empty Lists w/127.1.7.7 ]==================

Spamhaus_Drop_v4.txt

even though the link at https://www.spamhaus.org/drop/drop.txt displays correctly and contains CIDRs.

Not entirely sure what's going on there, but i'm happy to live with it.

BBcan177

@pft said in pfBlockerNG-devel v3.1.0_19/10:

Not entirely sure what's going on there, but i'm happy to live with it

Probably due to deduplication

pfT

@bbcan177 said in pfBlockerNG-devel v3.1.0_19/10:

@pft said in pfBlockerNG-devel v3.1.0_19/10:

Not entirely sure what's going on there, but i'm happy to live with it

Probably due to deduplication

bbcan177,

Thanks.

That's exactly what it was. Coincidentally, I had just finished checking exactly that before seeing your post. I learn something every day.

I feel I have taken this thread completely off topic. Sorry for that.

I'll crawl back into my hole and stop bothering both you and the community. I feel quite abashed at the moment.

BBcan177

@pft read my tagline below....:)

Tigo

@bbcan177

Unfortunately, ver _20 is not showing up for me on pfsense 23.01 - it's still reading ver _16. I have tried updating the repository from shell, and it's reporting that repositories are up to date.

Is there an command that I can run from shell to force the upgrade for it? I also have the portBSD repsositories enabled as well.

Thanks,

yorke

@bbcan177

pfBlockerNG-devel 3.1.0_11 |ERROR| python module 'maxminddb
Pfsense 2.6.0-RELEASE
I upgraded pfBlockerNG-devel to 3.1.0_11 and got some issue before i upgraded everyting was work but now after the upgrade I am geting the errors listed below,
2023-01-20 18:16:12,627|ERROR| [pfBlockerNG]: Failed to load python module 'maxminddb': No module named 'maxminddb'
2023-01-20 18:16:12,627|ERROR| [pfBlockerNG]: Failed to load python module 'sqlite3': No module named '_sqlite3'
MaxMind GeoIP download the file and GeoLite2-Country.mmdb is in /usr/local/share/GeoIP
Under Report tab Alert country code are listed under GeoIP/ASN.
The report tab showns traffic being pass/block
the dashboard for DNSBL the packets stay at 0 the counter do not move, but the ip counter works
I Referenced these post https://forum.netgate.com/topic/176668/geoip-showing-unk
https://forum.netgate.com/topic/176991/geoip-shows-country-as-unknown
to try and fix it.
their are no other errors but the ones below.

BBcan177

@yorke did you try to reinstall the package? Reboot?

Tigo

@tigo

I had also uninstalled it. Rebooted. Checked the branch updates, - and it’s still v_16. Installed it again - configured - rebooted and yet no v_20.

Perhaps it hasn’t been approved - pushed out yet?

smolka_J

I have been getting quite a bit of download/update failures on 3.1.0_11 for any feed trying to update. Going into my previously working feeds lists, when I first enabled a few with pfBlockerng still disabled on the general tab after updating, settings saved fine with no errors. Re-enabled pfBlocker, forced reload, forced update and cron seeing the "Invalid URL. Terminating Download!" for each. Looking into the same DNSBL lists noting failures, attempting to save/edit/disable any while pfBlocker is enabled displays the errors below on both boxes, verified DNS hostnames and lists are all working otherwise except the same couple that were still down prior pending maintenance:

DNSBL Source Definitions, Line 1: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 2: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 3: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 5: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 6: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 7: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 8: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 10: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 11: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 12: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 13: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 14: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 15: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 16: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 18: Invalid URL or Hostname not resolvable!
DNSBL Source Definitions, Line 19: Invalid URL or Hostname not resolvable!

yorke

@bbcan177

Yes did a clean fresh install of the PfblockerNG package 3 times with the keep settings uncheck
but the error is still showing up , I notice under the Report unified Geoip is unk but under Alert Geoip/ASN list country,
the packages i have installed are PfblockerNG, Suricata and Cron (memory usage 8% ), (MBUF Usage 3%), (State table size 0%) ( cpu usage 4%) (Swap space 0%) Service Status all green,
did some test clear the Dns Resolver log under( system logs/system/dns resolver/) these 2 lines
unbound 21493 [21493:0] notice: init module 0: python
unbound 21493 [21493:0] info: [pfBlockerNG]: pfb_unbound.py script loaded
reappear go to the dashboard the DNSBL turns yellow and gives the error
|ERROR| [pfBlockerNG]: Failed to load python module 'maxminddb': No module named 'maxminddb'
|ERROR| [pfBlockerNG]: Failed to load python module 'sqlite3': No module named '_sqlite3'

BBcan177

@smoke_a_j said in pfBlockerNG-devel v3.1.0_19/10:

DNSBL Source Definitions, Line 1: Invalid URL or Hostname not resolvable!

Either DNS isn't working on your box or something is blocking those urls.

BBcan177

@yorke I would backup you config and install a fresh copy of pfSense. Followed by a restore of the config.