Country Block
-
Hey I understand how other obligations go. It is something that I can live with, I was just wondering if anyone was seeing this same thing. Thanks again for this great package.
Also, do you know of any other firewall distros that has this kind of ability to block country CIDR's ranges?
Thanks,
Matt
-
IANA says which country gets which IP range, or more accurately which regional authority is in charge of handing them out. IANA does not change them that frequently. Any changes to IPs either bogon, apipa, etc are usually scheduled to be made before they are actually going to be used.
What could of happened is that when you selected the countries, you clicked save before all of them could get applied and lately you waited for it to load before doing a select/unselect and then deselecting US, I had this happen to me, I selected all countries, deselected US and clicked save, not all countries were added because I did not give CB a chance to load them all. Make sure you wait for the page to stop loading before making any changes (Someone was having this issue with IP Blocklist, I saw that Tommy, stated for them to let the page to fully load as well.)
-
What could of happened is that when you selected the countries, you clicked save before all of them could get applied and lately you waited for it to load before doing a select/unselect and then deselecting US, I had this happen to me, I selected all countries, deselected US and clicked save, not all countries were added because I did not give CB a chance to load them all. Make sure you wait for the page to stop loading before making any changes (Someone was having this issue with IP Blocklist, I saw that Tommy, stated for them to let the page to fully load as well.)
For all packages and parts of PfSense that have a delay like this , it would be good to have something more obvious to let us know that an action is occurring.
It would I think be great to have common code that could be used by package maintainers to display something. Or maybe there is a firefox addon to do that. I'll check.ps: -Tom Schaefer - thank you for your work on this package.
-
Yeah I thought of the page taking a bit to load and I did let it load completely. Tommy was able to see the same thing according to his last post. As far as the package goes, it is running really good compared to how it was when I first started using it. Leaps and bounds have been done to get the package at this stable point and I feel Tommy has done an excellent job is such a short period of time. I am sure he will improve this package more, but ROAM was not built in a day.
In general a loading screen or notification when changes are taking effect would be nice, but I can't think of any other packages I am using does this either. I believe http://www.countryipblocks.net/ is where this list are being housed and more and likely I would say they are making changes and corrections?
Tommy, thanks again
-
Yes I have gone into CB and deselected enable CB then clicked the save button at the bottom. (in red it says blocking 0 countries)
Then I re check the enable CB and click save at the bottom and the check now appears in the enable option but there is red text at the bottom that says blocking 0 countries.
There are countries enabled as I use the most spamming ones at the top of the list and says what is it 10 out of x amount enabled.The only way I can get the red text at the bottom to go away and turn into black saying you are currently blocking x countries is to reinstall the package..
I don't really know what could cause that. Just keep in mind that you are using a BETA version of pfsense. There are no reports of this happening on stable versions.
I will get VM copy of the BETA going and take a look. Can you send me your config? PM it to me.TB sorry for such a delay on this. Been really busy. Anyways I had some other issues crop up since i did the beta update when this issue did show up. Long story short I had to start from scratch with todays most recent version of the beta and reconfigure all settings and packages. Since I have done this, everything seems to be working fine. I guess that beta update I did a few days ago screwed some things up. So no need to look into this any farther as it was something that went bad with my setup.
Multipel reboots have been done and all is good. -
That's good news Kilthro. Glad you got it working!
-
Thank you for all the time and hard work that you have put into created this great package Tommyboy.
When i have the Block outbound? check I see a lot source inbound activity being block from the outside in system log, but if i uncheck the Block outbound their is no more activity in the system logs, all interface check, Enable Logging check, Current Status = Running, You are blocking 108212 Networks. its running but was wondering if its blocking inbound connections
-
It wil block from LAN -> WAN .
-
I seem to be having an email problem. The following settings:
SMTP Auth: No
SMTP Security: None
Host: isp smtp address
Port: 25
U: <blank>P: <blank>Use HTML formatting: Yes
From email address: isp email address
To email address: personal email address
Subject: Check CountryblockClick Save: Couldn't write values to file!
Click Test: 404 on packages/countryblock/email_send.php
I've uninstalled the package, rebooted pfsense, re-installed package, reconfigured, attempted email and still the same error code.</blank></blank>
-
Thank you for all the time and hard work that you have put into created this great package Tommyboy.
When i have the Block outbound? check I see a lot source inbound activity being block from the outside in system log, but if i uncheck the Block outbound their is no more activity in the system logs, all interface check, Enable Logging check, Current Status = Running, You are blocking 108212 Networks. its running but was wondering if its blocking inbound connections
ToxIcon,
you still are blocking. To test you can use a proxy or use your work network.
As each attempt comes in or out you will see it in the log if you have it checked. If you don't see anything in the logs then the sites that you are blocking are not trying to send traffic your way.I seem to be having an email problem. The following settings:
SMTP Auth: No
SMTP Security: None
Host: isp smtp address
Port: 25
U: <blank>P: <blank>Use HTML formatting: Yes
From email address: isp email address
To email address: personal email address
Subject: Check CountryblockClick Save: Couldn't write values to file!
Click Test: 404 on packages/countryblock/email_send.php
I've uninstalled the package, rebooted pfsense, re-installed package, reconfigured, attempted email and still the same error code.</blank></blank>
Username is blank. This is causing the error. Right now password is allowed blank. You can edit the page and copy the syntax I have on password to username as well.
I will allow blank usernames on my next update. -
A weird error seems to have cropped up in my CB installation:
Here, I've chosen only the Top Spammers:
"Check the country that you would like to block completely. Currently 10 of 246 selected."And, just above the Save/Update button:
"Current Status = Running
/tmp/rules.debug:378: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory
You are blocking 0 Networks"I've re-installed, as well as uninstall/re-install - same error. The error is not there if no countries are selected.
Thanks for any input
-
When I got this error, I had to uninstall it, then reboot, then reinstall it.
Are you on a beta build? Most of my issues like this was due to a beta update that corrupted items. Once I installed most recent beta cleanly and redid CB all my issues like this went away.
-
I have gotten this error as well, I went to IP Blocklist (which I have installed as well) and enabled/updated it then went back to CB and tried again and it updated without errors.
-
I have gotten this error as well, I went to IP Blocklist (which I have installed as well) and enabled/updated it then went back to CB and tried again and it updated without errors.
Thanks XIII, that did the trick
-
Your welcome. CB and IP Blocklist were designed to work together.
From what I have noticed, the error does not happen that often. I have only seen it twice in the several months that I have had both. -
I sure appreciate BOTH packages :)
-
This is odd but I thought I'd at least ask in case I forgot something. I just switched bsd boxes as I needed more pci slots and everything has been set up running smooth now for a few weeks. It appears that I'm getting more foreign spam than I did before. Coincidentally, I used to receive maybe 3 a week and their IPs would be here in the US anyway. Now, it seems I get about 10/day from IPs listed under different countries.
My question is, does Country Block also block spam from different countries that happen to come from relays outside the US, if selected? Maybe just a weird coincidence but I gave CB all the credit!
The difference is that the old bsd box had 1.7 and this one is the latest 1.9 version. I also have outbound blocked now (not before) on all NICs (WAN, server, backup server, son's) except the one for my personal lan as not to interfere with my browsing. Whitelist is still empty. Email settings are also added now but every time I test I get a Warning fsockopen() error. Thoughts?
UPDATE 1:
Just a quick thought - I used to have IP Blocklist on the old box with a few .gz installed…but I eventually had it disabled as it was blocking a lot of stuff and then CB came out. It just seems that if I checked a certain country under CB then I wouldn't see anymore email from that country...UPDATE 2:
Well I installed IP-Blocklist and it didn't block the spam but it did a few other sites which I'll need to clean up. Weird. Why would I be getting spam in from countries that are blocked? Well I went ahead and uninstalled the package, rebooted pfsense, reinstalled Country Block, and just re-configured it. The only difference I have on this box vs. the old one is that (besides not being version 1.7) I have block outbound checked and I only have the first option under "Interfaces" unchecked which is LAN.UPDATE 3:
Well I just checked Country Block…damn more foreign spam. This time I'm going to unblock outgoing, select all my interfaces, and then reboot. That's it, everything is as it was on the old box outside of this being a newer version. I'm stumped if this doesn't work.UPDATE 4:
Well I'm confused now…I'm still receiving spam from all sorts of countries. Any ideas as to what I could be doing wrong? -
This is odd but I thought I'd at least ask in case I forgot something. I just switched bsd boxes as I needed more pci slots and everything has been set up running smooth now for a few weeks. It appears that I'm getting more foreign spam than I did before. Coincidentally, I used to receive maybe 3 a week and their IPs would be here in the US anyway. Now, it seems I get about 10/day from IPs listed under different countries.
My question is, does Country Block also block spam from different countries that happen to come from relays outside the US, if selected? Maybe just a weird coincidence but I gave CB all the credit!
The difference is that the old bsd box had 1.7 and this one is the latest 1.9 version. I also have outbound blocked now (not before) on all NICs (WAN, server, backup server, son's) except the one for my personal lan as not to interfere with my browsing. Whitelist is still empty. Email settings are also added now but every time I test I get a Warning fsockopen() error. Thoughts?
UPDATE 1:
Just a quick thought - I used to have IP Blocklist on the old box with a few .gz installed…but I eventually had it disabled as it was blocking a lot of stuff and then CB came out. It just seems that if I checked a certain country under CB then I wouldn't see anymore email from that country...UPDATE 2:
Well I installed IP-Blocklist and it didn't block the spam but it did a few other sites which I'll need to clean up. Weird. Why would I be getting spam in from countries that are blocked? Well I went ahead and uninstalled the package, rebooted pfsense, reinstalled Country Block, and just re-configured it. The only difference I have on this box vs. the old one is that (besides not being version 1.7) I have block outbound checked and I only have the first option under "Interfaces" unchecked which is LAN.UPDATE 3:
Well I just checked Country Block…damn more foreign spam. This time I'm going to unblock outgoing, select all my interfaces, and then reboot. That's it, everything is as it was on the old box outside of this being a newer version. I'm stumped if this doesn't work.UPDATE 4:
Well I'm confused now…I'm still receiving spam from all sorts of countries. Any ideas as to what I could be doing wrong?I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
-
I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
All interfaces have been checked since "update 4" and I'm going to re-check block outbound. I now got 245/246 countries (not US) selected and it says I am blocking 70330 Networks. I have no whitelist and no email is configured. I just removed the cron command and rebooted just in case. I'm at a loss - the only difference I have now is simply the version was 1.7 and now is 1.9. Anyone else experiencing anything with version 1.9? Is there a temporary rollback for testing?
-
I've read your post over a couple times now and it doesn't make any sense to me.
I do have an idea for you to test. You mention that the LAN interface is not selected under the Interfaces tab. Select that for me and save the changes. I do recommend to everyone to have all interfaces selected.Test will all interfaces selected and let me know if that works.
All interfaces have been checked since "update 4" and I'm going to re-check block outbound. I now got 245/246 countries (not US) selected and it says I am blocking 70330 Networks. I have no whitelist and no email is configured. I just removed the cron command and rebooted just in case. I'm at a loss - the only difference I have now is simply the version was 1.7 and now is 1.9. Anyone else experiencing anything with version 1.9? Is there a temporary rollback for testing?
I could look and see if I have a backup of the old version but it would be moot. The underlying way that 1.9 and any other version including 1.0 works is by editing the pf firewall. 1.9 just has some nice bells and whistles but it's not to different the my first version.
Can you locate the IPs or even a single IP that continues to SPAM you? We can find out exactly what is going on if you can give me some IPs.