Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG-devel v3.1.0_19/10

    Scheduled Pinned Locked Moved pfBlockerNG
    77 Posts 17 Posters 18.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • BBcan177B
      BBcan177 Moderator @Draco
      last edited by

      @draco said in pfBlockerNG-devel v3.1.0_19/10:

      I had hoped this might let pfBlocker directly download a JSON list like the one found at Microsoft Azure IPs. This is a file I manually download and then use pfSense's GUI CMD interface to upload for pfBlocker (I set the format to AUTO). Ran this on 3.1.0_11 just now.

      The Link you posted is the HTML page. You need to use the direct link:

      https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20230123.json

      Keep in mind that this will parse all IPs in the json file. You could also create a new shell script to parse this JSON and get more refinement on which IPs to pull ( "Advanced Tunables - Post-Script Script" feature.)

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      D 1 Reply Last reply Reply Quote 0
      • Y
        yorke @BBcan177
        last edited by

        @bbcan177

        I figure out why i was getting those errors some package/feature on pfsense needed to be update (ie unbound and about 4 others ) once I ran the update and reboot and reinstall
        PfblockerNG work, no more errors.
        Thanks BBcan177

        1 Reply Last reply Reply Quote 0
        • B
          bigjohns97 @cmcdonald
          last edited by

          @cmcdonald I am seeing the same error about missing python modules on 23.01 RC, was this fixed on that version as well?

          N 1 Reply Last reply Reply Quote 0
          • N
            nimrod @bigjohns97
            last edited by

            @bigjohns97 said in pfBlockerNG-devel v3.1.0_19/10:

            @cmcdonald I am seeing the same error about missing python modules on 23.01 RC, was this fixed on that version as well?

            Yes.

            B 1 Reply Last reply Reply Quote 0
            • D
              Draco @BBcan177
              last edited by

              @bbcan177 said in pfBlockerNG-devel v3.1.0_19/10:

              he Link you posted is the HTML page. You need to use the direct link:
              https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20230123.json

              Fair enough -- this means I will need to manually update the link each time, but better than copying the file from my computer up to pfSense each time, thanks!

              I might have to write a screen-scraper to pull the latest URL off the download page...

              D 1 Reply Last reply Reply Quote 0
              • B
                bigjohns97 @nimrod
                last edited by

                @nimrod Can you confirm what add-on's I should see because they differ than what is posted above.

                pkg info "py*" unbound

                py311-maxminddb-2.2.0_2
                py311-setuptools-63.1.0
                py311-sqlite3-3.11.1_8
                py39-libzfs-1.1.2022081600
                py39-setuptools-63.1.0
                py39-yaml-5.4.1
                python311-3.11.1_1
                python39-3.9.15
                unbound-1.17.0

                N 1 Reply Last reply Reply Quote 0
                • N
                  nimrod @bigjohns97
                  last edited by

                  @bigjohns97

                  Is this before or after pfblocker reinstall ?

                  B 1 Reply Last reply Reply Quote 0
                  • B
                    bigjohns97 @nimrod
                    last edited by

                    @nimrod After

                    N 1 Reply Last reply Reply Quote 0
                    • N
                      nimrod @bigjohns97
                      last edited by

                      @bigjohns97

                      I just noticed you are on Plus version of pfsense. The output that i shared is from CE edition.

                      B 1 Reply Last reply Reply Quote 0
                      • B
                        bigjohns97 @nimrod
                        last edited by

                        @nimrod That wouldn't matter, the difference between 2.6/22.x and 2.7/23.x is really what I am trying to confirm was fixed.

                        @BBcan177 builds the pfblockerng code but I believe netgate dev's such as @cmcdonald are who associate package prerequisites and manage how the actual package is presenting in package manager.

                        This is why my original question was to @cmcdonald as to whether his fix he did in this thread was also applied to the new 2.7/23.x branch.

                        cmcdonaldC 1 Reply Last reply Reply Quote 0
                        • cmcdonaldC
                          cmcdonald Netgate Developer @bigjohns97
                          last edited by

                          @bigjohns97

                          Report the output of

                          pkg info unbound

                          ldd `which unbound`

                          pkg info py*

                          Need help fast? https://www.netgate.com/support

                          B 1 Reply Last reply Reply Quote 0
                          • B
                            bigjohns97 @cmcdonald
                            last edited by cmcdonald

                            @cmcdonald said in pfBlockerNG-devel v3.1.0_19/10:

                            @bigjohns97

                            Report the output of

                            pkg info unbound

                            unbound-1.17.0
                            Name : unbound
                            Version : 1.17.0
                            Installed on : Sat Jan 14 12:37:18 2023 CST
                            Origin : dns/unbound
                            Architecture : FreeBSD:14:amd64
                            Prefix : /usr/local
                            Categories : dns
                            Licenses : BSD3CLAUSE
                            Maintainer : jaap@NLnetLabs.nl
                            WWW : https://www.nlnetlabs.nl/projects/unbound
                            Comment : Validating, recursive, and caching DNS resolver
                            Options :
                            DEP-RSA1024 : off
                            DNSCRYPT : on
                            DNSTAP : off
                            DOCS : off
                            DOH : on
                            ECDSA : on
                            EVAPI : off
                            FILTER_AAAA : off
                            GOST : on
                            HIREDIS : off
                            LIBEVENT : on
                            MUNIN_PLUGIN : off
                            PYTHON : on
                            SUBNET : off
                            TFOCL : off
                            TFOSE : off
                            THREADS : on
                            Shared Libs required:
                            libsodium.so.23
                            libpython3.9.so.1.0
                            libnghttp2.so.14
                            libexpat.so.1
                            libevent-2.1.so.7
                            Shared Libs provided:
                            libunbound.so.8
                            Annotations :
                            FreeBSD_version: 1400073
                            build_timestamp: 2022-10-27T06:51:33+0000
                            built_by : poudriere-git-3.3.99.20220831
                            cpe : cpe:2.3:a:nlnetlabs:unbound:1.17.0:::::freebsd14:x64
                            port_checkout_unclean: no
                            port_git_hash : 7b7b452fb8d5
                            ports_top_checkout_unclean: yes
                            ports_top_git_hash: 0c964f08a5cb
                            repo_type : binary
                            repository : pfSense
                            Flat size : 8.36MiB
                            Description :
                            Unbound is designed as a set of modular components, so that also
                            DNSSEC (secure DNS) validation and stub-resolvers (that do not run as
                            a server, but are linked into an application) are easily possible.

                            Goals:
                            * A validating recursive DNS resolver.
                            * Code diversity in the DNS resolver monoculture.
                            * Drop-in replacement for BIND apart from config.
                            * DNSSEC support.
                            * Fully RFC compliant.
                            * High performance, even with validation enabled.
                            * Used as: stub resolver, full caching name server, resolver library.
                            * Elegant design of validator, resolver, cache modules.
                            o provide the ability to pick and choose modules.
                            * Robust.
                            * In C, open source: The BSD license.
                            * Smallest as possible component that does the job.
                            * Stub-zones can be configured (local data or AS112 zones).

                            Non-goals:
                            * An authoritative name server.
                            * Too many Features.

                            WWW: https://www.nlnetlabs.nl/projects/unbound

                            ldd `which unbound`

                            /usr/local/sbin/unbound:
                            libssl.so.111 => /usr/lib/libssl.so.111 (0x822469000)
                            libsodium.so.23 => /usr/local/lib/libsodium.so.23 (0x8236ec000)
                            libutil.so.9 => /lib/libutil.so.9 (0x822a37000)
                            libevent-2.1.so.7 => /usr/local/lib/libevent-2.1.so.7 (0x823fcb000)
                            libpython3.9.so.1.0 => /usr/local/lib/libpython3.9.so.1.0 (0x824b25000)
                            libcrypto.so.111 => /lib/libcrypto.so.111 (0x8259f7000)
                            libnghttp2.so.14 => /usr/local/lib/libnghttp2.so.14 (0x82790a000)
                            libthr.so.3 => /lib/libthr.so.3 (0x825eff000)
                            libc.so.7 => /lib/libc.so.7 (0x826edd000)
                            libcrypt.so.5 => /lib/libcrypt.so.5 (0x8284bd000)
                            libintl.so.8 => /usr/local/lib/libintl.so.8 (0x829b94000)
                            libdl.so.1 => /usr/lib/libdl.so.1 (0x828694000)
                            libm.so.5 => /lib/libm.so.5 (0x828758000)
                            [vdso] (0x8215a5000)

                            pkg info "py*"

                            py311-maxminddb-2.2.0_2
                            py311-setuptools-63.1.0
                            py311-sqlite3-3.11.1_8
                            py39-libzfs-1.1.2022081600
                            py39-setuptools-63.1.0
                            py39-yaml-5.4.1
                            python311-3.11.1_1
                            python39-3.9.15

                            cmcdonaldC 1 Reply Last reply Reply Quote 0
                            • cmcdonaldC
                              cmcdonald Netgate Developer @bigjohns97
                              last edited by

                              @bigjohns97 and this is on 23.01?

                              Need help fast? https://www.netgate.com/support

                              B 1 Reply Last reply Reply Quote 0
                              • B
                                bigjohns97 @cmcdonald
                                last edited by

                                @cmcdonald Correct, dashboard shows 23.01 RC

                                Current Base System23.01.r.20230202.1645
                                Latest Base System23.01.r.20230202.1645
                                StatusUp to date.

                                cmcdonaldC 1 Reply Last reply Reply Quote 0
                                • cmcdonaldC
                                  cmcdonald Netgate Developer @bigjohns97
                                  last edited by cmcdonald

                                  @bigjohns97 That is very odd.

                                  The problem is you are running older Unbound which is using Python 3.9 and not 3.11

                                  unbound-1.17.1_2
                                  py311-libzfs-1.1.2022081600
                                  py311-maxminddb-2.2.0_2
                                  py311-setuptools-63.1.0
                                  py311-sqlite3-3.11.1_8
                                  py39-libzfs-1.1.2022081600
                                  py39-maxminddb-2.2.0_1
                                  py39-setuptools-63.1.0
                                  python311-3.11.1_1
                                  python39-3.9.16
                                  

                                  These are the versions that we ship with 23.01-RC

                                  I would try reinstalling unbound:

                                  pkg install -fy unbound

                                  Need help fast? https://www.netgate.com/support

                                  B 1 Reply Last reply Reply Quote 0
                                  • B
                                    bigjohns97 @cmcdonald
                                    last edited by bigjohns97

                                    @cmcdonald That's odd, I also seem to be missing that 311 libzfs which I am using zfs and boot environments.

                                    How would I go about getting these correct packages?

                                    Edit: that worked, I now show the following.

                                    py311-maxminddb-2.2.0_2
                                    py311-setuptools-63.1.0
                                    py311-sqlite3-3.11.1_8
                                    py39-libzfs-1.1.2022081600
                                    py39-setuptools-63.1.0
                                    py39-yaml-5.4.1
                                    python311-3.11.1_1
                                    python39-3.9.15
                                    unbound-1.17.1_2

                                    cmcdonaldC 1 Reply Last reply Reply Quote 0
                                    • cmcdonaldC
                                      cmcdonald Netgate Developer @bigjohns97
                                      last edited by

                                      @bigjohns97 what if you just do pkg upgrade what does it offer to upgrade?

                                      Need help fast? https://www.netgate.com/support

                                      B 1 Reply Last reply Reply Quote 0
                                      • B
                                        bigjohns97 @cmcdonald
                                        last edited by

                                        @cmcdonald

                                        Updating pfSense-core repository catalogue...
                                        pfSense-core repository is up to date.
                                        Updating pfSense repository catalogue...
                                        pfSense repository is up to date.
                                        All repositories are up to date.
                                        Checking for upgrades (4 candidates): 100%
                                        Processing candidates (4 candidates): 100%
                                        The following 5 package(s) will be affected (of 0 checked):

                                        New packages to be INSTALLED:
                                        whois: 5.5.7 [pfSense]

                                        Installed packages to be UPGRADED:
                                        pfSense: 23.01.b.20230106.0600 -> 23.01.r.20230202.1645 [pfSense]
                                        pfSense-Status_Monitoring: 1.7.11_4 -> 1.8 [pfSense]
                                        pfSense-repo: 23.01.b.20230106.0600 -> 23.01.r.20230202.1645 [pfSense]
                                        python39: 3.9.15 -> 3.9.16 [pfSense]

                                        Number of packages to be installed: 1
                                        Number of packages to be upgraded: 4

                                        71 KiB to be downloaded.

                                        Proceed with this action? [y/N]:

                                        cmcdonaldC 1 Reply Last reply Reply Quote 0
                                        • cmcdonaldC
                                          cmcdonald Netgate Developer @bigjohns97
                                          last edited by

                                          @bigjohns97

                                          What repo is set on the update GUI page?

                                          Need help fast? https://www.netgate.com/support

                                          B 1 Reply Last reply Reply Quote 0
                                          • B
                                            bigjohns97 @cmcdonald
                                            last edited by

                                            @cmcdonald

                                            6dda5b3e-c5ee-41d9-817c-6050de1b94e4-image.png

                                            cmcdonaldC 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.