PfBlockerNG Custom Source Aliasproblem

hadiaghajani

I have a problem with pfBlockerNG 3.2.0_8 in pfsense version 2.7.2
I create an IPv4 rule in PfBlockerNG , in Advanced Outbound Firewall Rule Settings , i checked Custom Source and I wrote alias name, but it doesn't show alias record to select, I wrote alias name without select and save, pfsense show's this error:

Fatal error: Uncaught TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in /usr/local/www/pfblockerng/pfblockerng_category_edit.php:447 Stack trace: #0 {main} thrown in /usr/local/www/pfblockerng/pfblockerng_category_edit.php on line 447 PHP ERROR: Type: 1, File: /usr/local/www/pfblockerng/pfblockerng_category_edit.php, Line: 447, Message: Uncaught TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in /usr/local/www/pfblockerng/pfblockerng_category_edit.php:447 Stack trace: #0 {main} throw

sorry my English is not good

rvoosterhout

I have the same problem. When entering an Custom Source, the dropdown to select the alias doesn't show up. Saving the IPv4 list with the alias name without selecting the alias give me the same error as the topic starter.

Gertjan

@rvoosterhout

Create the file first ?

Here :

As the guidelines "blue I" says, I've created a file first. I've called my file 'filename'.
Here it is :

I've put this into it : a random IPv4 :

10.11.12.13

@rvoosterhout said in PfBlockerNG Custom Source Aliasproblem:

Saving the IPv4 list with the alias name without selecting the alias give me the same error as the topic starter.

Indeed, not a beautiful recovery.
But BS in is BS out ^^

rvoosterhout

@Gertjan I mean in the 'Advanced Inbound Firewall Rule Settings' under 'Custom Destination'. OP has the problem in the Advanced Outbound Firewall Rule Settings in the 'Custom Source', but same issue.

Bob.Dig

@rvoosterhout Don't use it, why would you.

Gertjan

@rvoosterhout said in PfBlockerNG Custom Source Aliasproblem:

@Gertjan I mean in the 'Advanced Inbound Firewall Rule Settings' under 'Custom Destination'. OP has the problem in the Advanced Outbound Firewall Rule Settings in the 'Custom Source', but same issue.

Whatever I fill in here, that is, an alias that contains IP addresses like :

So when I enter 10_15 under Custom Destination it doesn't 'stick' after the Save.
No errors, though, but that's probably normal as I use this version :

rvoosterhout

@Bob-Dig Why would I not, could you please explain? Maybe there is a better solution for my needs, I'm only a beginner networking engineer and still learning.
I have a firewall rule that allows traffic from the WAN to a webserver port 443 running on 192.168.1.5. What I'm trying to do is to instead of opening my network to anybody from the outside, limit the requests only to pass if they originate from the IP addresses from the Cloudflare Proxy servers, since that is where my DNS is hosted.
So I created an entry in PfB under IPv4, called it Whitelist_CloudFlare, and as IPv4 Source Definitions I'm using the list provided by CloudFlare. https://www.cloudflare.com/ips-v4/#
Using this method, I'm sure that the IPs from CF are always up to date, since they get pulled every hour.
To have PfB create and manage the firewall rule, I want to use the Advanced Inbound Firewall Rule Settings, with the custom DST port set to 443 and the Custom Destination to my webserver.

Again, please let me know if there is a better way to do this.

Bob.Dig

@rvoosterhout I would create an alias native with pfb and make the rule yourself.
If you really want to do it your way, don't forget to select TCP and or UDP too.

rvoosterhout

@Bob-Dig That's a good idea and exactly what I'm trying to do. Thank you

hadiaghajani

@rvoosterhout I found the problem , when you create Alias , change type to NETWORK