pfBlockerNG and configuration history

mcury

I'll be testing the commit 6e558c8679c7cb9048a8c29101cb3158330d6dde.
Feedback will be posted here.

tinfoilmatt

@mcury said in pfBlockerNG and configuration history:

I'll be testing the commit 6e558c8679c7cb9048a8c29101cb3158330d6dde.

Linked.

mcury

pfSense version: 25.07.1
pfBlocker version: pfBlockerNG-devel 3.2.7

Name: pfblockerNG config rewrites Bug #14409
Path Strip Count: 0
Everything else set to default.

Patch modified to match the correct lines in the 25.07.1 pfBlockerNG-devel 3.2.7

https://redmine.pfsense.org/issues/14409

--- /usr/local/pkg/pfblockerng/pfblockerng.inc
+++ /usr/local/pkg/pfblockerng/pfblockerng.inc
@@ -1969,6 +1969,7 @@
 			}
 		}
 
+		$vip_count = 0;		
 		$pfbfound = FALSE;
 		// Collect existing pfSense VIPs
 		foreach (config_get_path('virtualip/vip', []) as $ex_vip) {
@@ -1976,6 +1977,7 @@
 				// Collect DNSBL VIP
 				$dnsbl_ex_vip[] = $ex_vip;
 				$pfbfound = TRUE;
+				$vip_count++;
 			} else {
 				// Collect all 'other' VIPs
 				$pfb_ex_vip[] = $ex_vip;
@@ -2017,7 +2019,6 @@
 		}
 
 		// Validate DNSBL VIP address(es)
-		$pfb['dnsbl_v6'] == 'on' ? $vip_count = 2 : $vip_count = 1;
 		$result = array();
 		foreach (array("inet {$pfb['dnsbl_vip']}", "inet6 ::{$pfb['dnsbl_vip']}") as $g_vip) {
 			$g_vip = escapeshellarg($g_vip);

mcury

The commit didn't work for me.
pfBlockerNG fullfilling the pfsense config history, reverting the patch now.