DNSBL Python Mode GUI table missing on pfSense 2.8.1
-
Hi,
I am running the latest development snapshot of pfSense (2.8.1) combined with pfBlockerNG-devel v3.2.10.
I am trying to configure the "Python Group Policy" to apply different blocking rules per VLAN. However, I am unable to see the policy table (where to add specific subnets/policies). The GUI remains stuck showing only the "Bypass IPs" field and the message: "This is a preliminary DNSBL Group Policy configuration...".
The issue seems to be purely within the GUI/PHP, because the Unbound logs confirm that the Python module and the pfBlockerNG scripts are loaded successfully.
My setup:
- pfSense 2.8.1 Development Snapshot
- pfBlockerNG-devel 3.2.10
- DNSBL Mode: Unbound Python Mode
Steps taken so far:
- Enabled "Unbound Python Mode" and "Python Group Policy".
- Saved and performed a Force Update/Reload (multiple times).
- Reinstalled the pfBlockerNG-devel package.
- Cleared browser cache / tried different browsers.
- Verified "Python Control" is enabled.
Despite this, the GUI does not render the policy table.
Relevant logs (DNS Resolver) showing success:
[pfBlockerNG]: init_standard script loaded
[pfBlockerNG]: pfb_unbound.py script loaded
notice: init module 0: pythonIt appears the backend works, but the frontend fails to recognize that Python is active, preventing me from adding specific group policies.
Attached is a screenshot of the GUI state.
Thanks for any assistance.
-
@Agneten said in DNSBL Python Mode GUI table missing on pfSense 2.8.1:
pfSense 2.8.1 Development Snapshot
2.8.1 left develoopement phase two moths ago.
Netgate Releases pfSense
Community Edition Version 2.8.1@Agneten said in DNSBL Python Mode GUI table missing on pfSense 2.8.1:
Attached is a screenshot of the GUI state.
I saw something that looked like a log file. Totally unreadable.
Don't you see this :
?
If that info doesn't show up like that, I suspect browser issues ?
-
Same view on chrome, edge and firefox:
-
@Agneten said in DNSBL Python Mode GUI table missing on pfSense 2.8.1:
I am unable to see the policy table (where to add specific subnets/policies).
So you can see it ?
This entry box doesn't generate a "pfSense GUI table". It's just a list of IP addresses, known only to pfBlockerng.
@Agneten said in DNSBL Python Mode GUI table missing on pfSense 2.8.1:
I am trying to configure the "Python Group Policy" to apply different blocking rules per VLAN.
No need to "try" ^^
Add the IP addresses of the devices on your LAN(s). From then on, the DNS requests from these devices will not be filtered by pfBlockerng.Have a look here where I (try to) explain that the group policy can do for your, and the consequences you have to be aware.
-
Bedankt!
According to Gemini, instead of 'this is a preliminary...' there should be a '+' where you can add your own vlans and assign different policies to them.
So it looks like Gemini is hallucinating or I'll have to wait for the next version. -
Who is Gemini ?
-
@Gertjan Gemini.google.com :-) v3 pro
-
Pro ? that and they dished the RTFM concept ?
@Agneten said in DNSBL Python Mode GUI table missing on pfSense 2.8.1:
....your own (v)lans and assign different policies to them ...
pfBlockerng doesn't (afaik) have the functionality to act differently upon LAN networks (aka interfaces) or LAN IPs. That is, it has the more or less 'all or nothing' Python "Group Policy".
I hope to be wrong of course.
My source : Here it is : 10 lines ...The thing is : unbound is set to listen to all interfaces - port 53, TCP and UDP, for DNS requests.
"pfb_unbound.py" is nothing more as a plugin written for unbound. unbound sends the DNSC request to it's plugin, and the plugin can acts (in the main operate function) upon it.
Basically, the 10 lines shown above do this : "if the requester IP is member of the policy list, accept the request and return back to unbound to handle it". If not, the comparing with DNSBL lists is done.
I agree with the "preliminary" word here. The filtering could be done way more specific. Maybe in the future ?
