pfBlocker CRON update not being disabled
-
@Amin48 sorry, what is your goal, to not update any lists again? As opposed to disabling/deleting the feeds?
FWIW there is a cron package in pfSense.
-
@Amin48 said in pfBlocker CRON update not being disabled:
I have this issue where CRON keeps updating even after I disabled the setting.
Updating ... do you mind saying what gets updated ?
When I set :
then I would presume that this line :
gets removed => no more pfBlockerng 'cron'.
Strange enough, and I agree : using 'disabled' doesn't remove the pfBlockerng cron line, so nothing gets disabled.
See this as a feature, not a bug ^^
After all : who (and when ?) will rotate all the pfBlockerng log files ??
These files are always growing, and if they are not rotated, your pfSense will crash in the future, as all disk space will be used. Way before the system goes down, access to the pfBlockerng stats pages will be so slow that the GUI fails, as the logs files that are used to create stats are just to big. -
thanks for replying, I'm essentialy trying to utilize pcBlocker GeoIP for these specific rules, and are working as expected.
However when the CRON update initiates, it automatically updates my FW rules and removes teh destination IP, which looks like the below
If the CRON update stays disabled then my rules won't get updated which is why i'm trying to prevent this. I've had a look into the "Firewall 'Auto' Rule Order" setting to see if there is anything I can change, but after several changes this rule keeps getting changed per CRON update. -
@SteveITS Hi steve, essentaily geoIP restrictions to a specific destination IP. Works as expected when GeoIP is enabled, however after the CRON update it automatically updates my FW rules and removes the destination IP, im tryign to prevent CRON updating and changing my rules.
-
My WAN firewall 'pass' rule ;
and it never changes as it's not an auto rule.
"auto" is nice, but it can do things you don't want, like re-ordering of the rule.What I did : I created the rule myself, so it won't get deleted, or recreated.
I use an alias, "pfB_Europe_v4". It's this alias that is kept up to date by pfBlockerng.
So, in short, pfBlockerng doesn't change my firewall rules, just the Alias, and the Alias is used in a WAN firewall rule I created.Here I create the "pfB_Europe_v4" Alias :
Btw : you've set (make and use an Alias) the "Destination" :
?
No "help me" PM's please. Use the forum, the community will thank you.
-
@Amin48 said in pfBlocker CRON update not being disabled:
it automatically updates my FW rules and removes the destination IP
Yes that's what it does, it regenerates the rules.
A much better way to solve this, and keep updating geo data, is to change those rules to create as Alias Native instead of Deny. Then pfB only creates an alias. You can then create your own rules however you want, in whatever order you want:
-
@Amin48
More info just one click away :
-
@Gertjan said in pfBlocker CRON update not being disabled:
make and use an Alias
...so basically what Gertjan wrote. :)
Honestly I am not sure why there is a choice Alias Permit. I know Alias Native will not deduplicate across lists, like the Deny options can. I prefer to control which IPs I'm blocking in each rule.
-
@SteveITS said in pfBlocker CRON update not being disabled:
Honestly I am not sure why there is a choice Alias Permit.
I guess the "permit" does nothing for me, true.
I use the alias, "pfB_Europe_v4" in my case, in a firewall rule where I (the admin) control everything - except the content of the alias. For me, this is a pass rule, so this rule makes my pfSense accepts VPN connections from Europe (France). Other 'UDP port 1194' will get dropped as a default behavior.
I probably should use "Native" : that's done now
-
There are alias deny for blocking and using that option the events will show in the Deny Stats. Alias Native doesn't use any deduplication.
Alias Permit/Match should be selected if they are destined for a permit or match rule.
