pfBlockerNG / pfBlockerNG-devel v3.2.0_3 - pfSense 2.6 Only
-
I just upgraded my pfsense to 23.01 and pfBlockerNG to 3.2.0_3 and I am now having consistent errors on the Talos_BL download.
I checked the source, it opens ok. I forced a reload and also had no problems. Only the CRON is failing.
Here is a snippet of the log:
[ Talos_BL_v4 ] Previous download failed. Re-attempt download UPDATE PROCESS START [ v3.2.0_3 ]Is anybody else having this problem?
-
@fbrunken said in pfBlockerNG / pfBlockerNG-devel v3.2.0_3 - pfSense 2.6 Only:
Is anybody else having this problem?
I am not using this list but i see it resolvs to:
https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/021/752/original/ip_filter.blf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAU7AK5ITMJQBJPARJ%2F20230226%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230226T182807Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=612ccaba26d773a1ba87c2f891cbec74081e5c6881c72e71a642bda98b35230a
perhaps you should use this direct link ...
just my 2 cents
-
Dear @fireodo
Thanks for the suggestion.
Anyway, I finished the upgrade and was having consistent issues with the list. So, I tried the link myself and forced a reload. Both worked. Then, once the CRON job kicked in, I still had the problem...
But now, for whatever reason, it is working. No changes... In short, whatever the problem was, everything is fine now.
Thanks anyway
-
Updated Tuesday...everything working without flaws.
Thank you very much and sincerely for your work with the package. It even saves our planet: I got rid of my raspi with pihole years ago, thanx to your work...
;) -
@fbrunken said in pfBlockerNG / pfBlockerNG-devel v3.2.0_3 - pfSense 2.6 Only:
Thanks anyway
You're welcome!
-
We have a function to filter traffic by specific country does this still exist?
-
@ncm-com yes.
-
@steveits I have version 3.2.0_3 and only following option available
-
These are the world regions available.
Which is the one your are missing ?Btw : do you host services like a web or mail server behind your pfSense ?
edit : if not, then this is the best setting :
as they will all hit the only and perfect WAN firewall rule : "block all".
There is no need to put a rule above that final block all rule that says : you are blocked. -
@gertjan Yes I have a web service, but before the update, I can filter what countries I can allow to enter my web server rather than a continent, I'm looking for that function
-
@ncm-com on the IPv4 tab you can create an alias using whatever countries you wish.
-
@steveits so if I deny all locations on GeoIP and allow one country on IPv4 it will overrule? let's say I need to add only a few countries to the allowed list.
-
@ncm-com
Hey there,
I would just pick those allowed countries, place that before default deny all, done. -
This post is deleted! -
@ncm-com said in pfBlockerNG / pfBlockerNG-devel v3.2.0_3 - pfSense 2.6 Only:
@steveits so if I deny all locations on GeoIP and allow one country on IPv4 it will overrule? let's say I need to add only a few countries to the allowed list.
On the Geo page use Alias Native and it will create an alias. You can then create your own rules in the order you wish.
-
B BBcan177 unpinned this topic on
