• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Country Block

Scheduled Pinned Locked Moved
pfSense Packages
79
691
629.4k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    darklogic
    last edited by Oct 7, 2010, 1:16 PM

    Way to go TB on the CB. Your updates have been fast and great with awsome enhancements. I do have a request. Is there a way to maintain your saved settings after doing updates. I will always have to put the CIDR back in my whitelist. I whitelist all the BlackBerry RIM IP's and was wondering if there was a way to maintain youe whitelist in between updates?

    Thanks again for this awsome package. I do agree it really adds a lot of value to pfsense. Not many firewalls out there that I know of can do this. And please if anyone can think of another firewall that has the ability to do this, please tell.

    Thanks,

    Matt

    1 Reply Last reply Reply Quote 0
    • K
      kilthro
      last edited by Oct 7, 2010, 1:52 PM

      @robfantini:

      @kilthro:

      @robfantini:

      @kilthro:

      all i can say is WOW!

      The fastest updates I have ever seen lol..
      Thanks again!!! This package has made pfsense awesome!

      OK you might want to edit that.

      Well pfsense is awesome already and the supporting people that keep it top notch make it better than anything else in the league. This package has made it even better for me. It is something that I was looking for that nothing else would offer for me. Well, within a reasonable price that I could afford that is.  So to get continued updates/modifications ect is awesome. Even with paid software I havent seen this quick of a turn around when things are identified.

      I agree , and you know my comment was an almost failed attempt at humor.

      Seriously CB  is something I was  waiting   for , it has cut our mail server's work load 90% .

      lol I got it. Just wanted to give ppl some kudos lol  ;D

      1 Reply Last reply Reply Quote 0
      • D
        deltaend
        last edited by Oct 7, 2010, 10:32 PM

        TB, once again, you have my thanks!

        1 Reply Last reply Reply Quote 0
        • T
          tommyboy180
          last edited by Oct 7, 2010, 10:45 PM

          @deltaend:

          TB, once again, you have my thanks!

          Thank you!

          -Tom Schaefer
          SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

          Please support pfBlocker | File Browser | Strikeback

          1 Reply Last reply Reply Quote 0
          • T
            tommyboy180
            last edited by Oct 7, 2010, 10:46 PM

            @darklogic:

            Way to go TB on the CB. Your updates have been fast and great with awsome enhancements. I do have a request. Is there a way to maintain your saved settings after doing updates. I will always have to put the CIDR back in my whitelist. I whitelist all the BlackBerry RIM IP's and was wondering if there was a way to maintain youe whitelist in between updates?

            Thanks again for this awsome package. I do agree it really adds a lot of value to pfsense. Not many firewalls out there that I know of can do this. And please if anyone can think of another firewall that has the ability to do this, please tell.

            Thanks,

            Matt

            The file that holds your whitelist settings is /usr/local/www/packages/countryblock/whitelist.txt  You can save that file and re-upload it after your updates to preserve your settings.
            Thank you for your support!

            -Tom Schaefer
            SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

            Please support pfBlocker | File Browser | Strikeback

            1 Reply Last reply Reply Quote 0
            • S
              Supermule Banned
              last edited by Oct 10, 2010, 6:22 PM

              No updates for 48 hours? Hope your all right ;)

              1 Reply Last reply Reply Quote 0
              • D
                darklogic
                last edited by Oct 12, 2010, 7:22 PM

                LOL. Yeah he has been pumping the updates out like crazy. This last update seems to be rock solid for me. Also Tommy, I appreciate the insight on the whitelist.

                Thanks,

                1 Reply Last reply Reply Quote 0
                • T
                  tommyboy180
                  last edited by Oct 12, 2010, 10:24 PM

                  @darklogic:

                  LOL. Yeah he has been pumping the updates out like crazy. This last update seems to be rock solid for me. Also Tommy, I appreciate the insight on the whitelist.

                  Thanks,

                  Thank you for the support! I don't think I will be pushing any countryblock updates in the near future. I need fix some other projects for the mean time and hopefully get some IPblocklist updates out there.

                  -Tom Schaefer
                  SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                  Please support pfBlocker | File Browser | Strikeback

                  1 Reply Last reply Reply Quote 0
                  • K
                    kilthro
                    last edited by Oct 12, 2010, 11:44 PM

                    TB,

                    With the most recent package I am having a problem when I reboot the firewall.  I am on the most current beta as well as of today.

                    When I reboot, country block will not be running even though the enable country block is checked at the top.

                    If I click save at the bottom and it refreshes no change. Still blocking 0 networks. Then I uncheck save then recheck and save same thing.
                    I do have a cron job set of it and when checking the sys logs I see this error.

                    php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. sed: /tmp/rules.debug: No such file or directory grep: /tmp/rules.debug: No such file or directory grep: /tmp/rules.debug: No such file or directory 1 1 rm: /tmp/rules.debug.tmp: No such file or directory sed: /tmp/rules.debug: No such file or directory execute.sh: cannot open /tmp/rules.debug: No such file or directory'

                    If I reinstall the package, it will start working again. I have duplicated this multiple times this evening when rebooting the firewall.
                    Any reason why?

                    1 Reply Last reply Reply Quote 0
                    • T
                      tommyboy180
                      last edited by Oct 13, 2010, 12:41 AM

                      @kilthro:

                      TB,

                      With the most recent package I am having a problem when I reboot the firewall.  I am on the most current beta as well as of today.

                      When I reboot, country block will not be running even though the enable country block is checked at the top.

                      If I click save at the bottom and it refreshes no change. Still blocking 0 networks. Then I uncheck save then recheck and save same thing.
                      I do have a cron job set of it and when checking the sys logs I see this error.

                      php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. sed: /tmp/rules.debug: No such file or directory grep: /tmp/rules.debug: No such file or directory grep: /tmp/rules.debug: No such file or directory 1 1 rm: /tmp/rules.debug.tmp: No such file or directory sed: /tmp/rules.debug: No such file or directory execute.sh: cannot open /tmp/rules.debug: No such file or directory'

                      If I reinstall the package, it will start working again. I have duplicated this multiple times this evening when rebooting the firewall.
                      Any reason why?

                      If /tmp/rules.debug isn't found then your problem isn't countryblock. Are you running pfsense in transparent mode or is it even a Firewall? /tmp/rules.debug is the file that contains the pf firewall rules.

                      -Tom Schaefer
                      SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                      Please support pfBlocker | File Browser | Strikeback

                      1 Reply Last reply Reply Quote 0
                      • R
                        robfantini
                        last edited by Oct 13, 2010, 12:49 PM Oct 13, 2010, 10:10 AM

                        On some systems , /tmp  is cleared on reboot .

                        Try copying some other files to /tmp , reboot and see if they exist after a reboot.

                        If  /tmp is cleared on reboot, then /tmp/rules.debug should be stored in another location. like /var/tmp .  on our system /var/tmp is not cleared on reboot.

                        1 Reply Last reply Reply Quote 0
                        • K
                          kilthro
                          last edited by Oct 13, 2010, 1:26 PM Oct 13, 2010, 1:22 PM

                          It seems as if this is what is happening. That folder is being cleared upon reboot. I dont have anything specially configured to do that so so something must do that in the beta version when its booting as a startup script.

                          Does that TMP location pull the rules from elsewhere. The only app that seems to be affected by this is country block. Snort and other packages seem to be working just fine.

                          TB i have it set as a firewall. Its the Internet facing firewall at my location.

                          So either this is a change in most recent beta or how the newer package of CB is handling this. It was working ok on an older beta version and the 1.5 cb when I rebooted just fine.

                          1 Reply Last reply Reply Quote 0
                          • T
                            tommyboy180
                            last edited by Oct 13, 2010, 7:25 PM

                            Perhaps the startup script is running before your firewall rules are re-created.
                            Have you tried to manually run Countryblock after the system has booted, from the GUI?

                            -Tom Schaefer
                            SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                            Please support pfBlocker | File Browser | Strikeback

                            1 Reply Last reply Reply Quote 0
                            • K
                              kilthro
                              last edited by Oct 13, 2010, 7:47 PM

                              Yes I have gone into CB and deselected enable CB then clicked the save button at the bottom. (in red it says blocking 0 countries)
                              Then I re check the enable CB and click save at the bottom and the check now appears in the enable option but there is red text at the bottom that says blocking 0 countries.
                              There are countries enabled as I use the most spamming ones at the top of the list and says what is it 10 out of x amount enabled.

                              The only way I can get the red text at the bottom to go away and turn into black saying you are currently blocking x countries is to reinstall the package..

                              1 Reply Last reply Reply Quote 0
                              • T
                                tommyboy180
                                last edited by Oct 13, 2010, 8:10 PM

                                @kilthro:

                                Yes I have gone into CB and deselected enable CB then clicked the save button at the bottom. (in red it says blocking 0 countries)
                                Then I re check the enable CB and click save at the bottom and the check now appears in the enable option but there is red text at the bottom that says blocking 0 countries.
                                There are countries enabled as I use the most spamming ones at the top of the list and says what is it 10 out of x amount enabled.

                                The only way I can get the red text at the bottom to go away and turn into black saying you are currently blocking x countries is to reinstall the package..

                                I don't really know what could cause that. Just keep in mind that you are using a BETA version of pfsense. There are no reports of this happening on stable versions.
                                I will get VM copy of the BETA going and take a look. Can you send me your config? PM it to me.

                                -Tom Schaefer
                                SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                                Please support pfBlocker | File Browser | Strikeback

                                1 Reply Last reply Reply Quote 0
                                • K
                                  kilthro
                                  last edited by Oct 13, 2010, 8:29 PM

                                  Right I understand that I am on beta so it may not be a bug in your package persay. I think most of it is the location of the files it is referring to gets wiped. Is it possible to have it store files else where as suggested in a previous post?

                                  @robfantini:

                                  On some systems , /tmp  is cleared on reboot .

                                  Try copying some other files to /tmp , reboot and see if they exist after a reboot.

                                  If  /tmp is cleared on reboot, then /tmp/rules.debug should be stored in another location. like /var/tmp .  on our system /var/tmp is not cleared on reboot.

                                  1 Reply Last reply Reply Quote 0
                                  • T
                                    tommyboy180
                                    last edited by Oct 13, 2010, 10:22 PM

                                    @kilthro:

                                    Right I understand that I am on beta so it may not be a bug in your package persay. I think most of it is the location of the files it is referring to gets wiped. Is it possible to have it store files else where as suggested in a previous post?

                                    @robfantini:

                                    On some systems , /tmp  is cleared on reboot .

                                    Try copying some other files to /tmp , reboot and see if they exist after a reboot.

                                    If  /tmp is cleared on reboot, then /tmp/rules.debug should be stored in another location. like /var/tmp .  on our system /var/tmp is not cleared on reboot.

                                    No, not possible. The firewall config will always be stored in /tmp. This is a pfsense thing and cannot be changed by the user.

                                    -Tom Schaefer
                                    SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                                    Please support pfBlocker | File Browser | Strikeback

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      darklogic
                                      last edited by Oct 14, 2010, 12:00 PM

                                      I am on the last stable version of pfsense 1.2.3 RELEASE with CB version 0.1.9, all is running smooth and very well. The package will restart ok if anything happens, it will e-mail me the alert of an issue. all-and-all it is working good.

                                      I have noticed something and was wondering if there is a way to make CB completely restart on its own in order to obtain updated block IP's. I noticed that my blocked IP list number will not increase or decrease unless I manually click the save/update button on the main page of CB.

                                      This is something I can live with, but I am wondering if anyone else noticed this or maybe has a quick fix?

                                      Thanks,

                                      Matt

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        tommyboy180
                                        last edited by Oct 14, 2010, 5:27 PM

                                        @darklogic:

                                        I am on the last stable version of pfsense 1.2.3 RELEASE with CB version 0.1.9, all is running smooth and very well. The package will restart ok if anything happens, it will e-mail me the alert of an issue. all-and-all it is working good.

                                        I have noticed something and was wondering if there is a way to make CB completely restart on its own in order to obtain updated block IP's. I noticed that my blocked IP list number will not increase or decrease unless I manually click the save/update button on the main page of CB.

                                        This is something I can live with, but I am wondering if anyone else noticed this or maybe has a quick fix?

                                        Thanks,

                                        Matt

                                        Hey Matt,
                                        I can't imagine that country lists update frequently enough to see a visual change. My understanding is those lists barley change over months of time. I never considered this to be a problem. What country changes that frequently?

                                        -Tom Schaefer
                                        SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                                        Please support pfBlocker | File Browser | Strikeback

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          darklogic
                                          last edited by Oct 14, 2010, 5:41 PM

                                          I am not really sure what countries are changing and I always whitelist the same IP CIDR's and block everything but the US. I am currently blocking 245 out of 246 Countries in the list. I seen an increase from 67576 to You are blocking 69853 Networks. This number yesterday was 69834 and over the past couple of months it had increased from the 67576 amount.

                                          I was under the same impression that things would rarely if any change because of the lack of availible IPv4 addresses.

                                          Thanks,

                                          Matt

                                          1 Reply Last reply Reply Quote 0
                                          277 out of 691
                                          • First post
                                            277/691
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                            This community forum collects and processes your personal information.
                                            consent.not_received