Country Block
-
lol. I know. It's hard to find time to sit down and get it done when I have other projects that require my attention. I'll sit down tonight and make some progress. Thanks for the motivation.
-
You know it browski. I really have to wonder if the tree raddled your brains. :o
-
after deleting snort and reinstalling country block more errors:
Jun 27 20:10:42 php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. export: 4: bad variable name'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:07:53 php: /pkg_mgr_install.php: Beginning package installation for Country Block.New install on updated v 2.0 gives same result as seen by Novak. Reinstalled as check against bad install but no go…
-
after deleting snort and reinstalling country block more errors:
Jun 27 20:10:42 php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. export: 4: bad variable name'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:07:53 php: /pkg_mgr_install.php: Beginning package installation for Country Block.New install on updated v 2.0 gives same result as seen by Novak. Reinstalled as check against bad install but no go…
I have the same problem!! :(
-
Nice package and great addition to pfSense!
I did have some trouble with the package starting, and after a little research found the problem in execute.sh:
This line:
export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]'`
I changed to:
export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'`
The service would fail to start otherwise. Running execute.sh (/usr/local/etc/rc.d/countryblock.sh) manually from CLI produced the error:
export: 0: bad variable name
and that's because the line number is actually 10 in my /tmp/rules.debug, but due to the regular expression grep was returning 1\n0 (one newline zero), so $t was being assigned "0" instead of "10."
EDIT: Are my changes to execute.sh persistent? Eg, if I reboot will I need to edit again?
On another note the countryipblock.net web site states that no automated process may be used to download the list and may not be redistributed. (see Policies Affecting Access and Use of the Website and Database) Not that it's really any of my business and I am not affiliated with countryipblocks.net, but I thought I would mention it since it's not exactly visible on the web site unless you look for it. I don't know if this affects the package or not. (I hope not!)
Anyway, thanks Tom for this awesome package!
-Rich
- 7 days later
-
Nice package and great addition to pfSense!
I did have some trouble with the package starting, and after a little research found the problem in execute.sh:
This line:
Code:
export t=grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]'
I changed to:
Code:
export t=grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'
The service would fail to start otherwise. Running execute.sh (/usr/local/etc/rc.d/countryblock.sh) manually from CLI produced the error:
Code:
export: 0: bad variable nameand that's because the line number is actually 10 in my /tmp/rules.debug, but due to the regular expression grep was returning 1\n0 (one newline zero), so $t was being assigned "0" instead of "10."
EDIT: Are my changes to execute.sh persistent? Eg, if I reboot will I need to edit again?
On another note the countryipblock.net web site states that no automated process may be used to download the list and may not be redistributed. (see Policies Affecting Access and Use of the Website and Database) Not that it's really any of my business and I am not affiliated with countryipblocks.net, but I thought I would mention it since it's not exactly visible on the web site unless you look for it. I don't know if this affects the package or not. (I hope not!)
Anyway, thanks Tom for this awesome package!
-Rich
I had the same issue as netritious and his fix worked for me.
-
Same issue as as motersho and netritious, the grep rewrite fixed me as well.
VERY grateful. You got me past a head banging problem.
NV
-
Nice package and great addition to pfSense!
I did have some trouble with the package starting, and after a little research found the problem in execute.sh:
This line:
export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]'`
I changed to:
export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'`
The service would fail to start otherwise. Running execute.sh (/usr/local/etc/rc.d/countryblock.sh) manually from CLI produced the error:
export: 0: bad variable name
and that's because the line number is actually 10 in my /tmp/rules.debug, but due to the regular expression grep was returning 1\n0 (one newline zero), so $t was being assigned "0" instead of "10."
EDIT: Are my changes to execute.sh persistent? Eg, if I reboot will I need to edit again?
On another note the countryipblock.net web site states that no automated process may be used to download the list and may not be redistributed. (see Policies Affecting Access and Use of the Website and Database) Not that it's really any of my business and I am not affiliated with countryipblocks.net, but I thought I would mention it since it's not exactly visible on the web site unless you look for it. I don't know if this affects the package or not. (I hope not!)
Anyway, thanks Tom for this awesome package!
-Rich
Excellent! I have been working on some fixes and you have saved me some time. This will be in my next commit. Your changes to the script will be persistent.
Thank you for pointing out the notice that I was not aware of. I will do some work in the next couple of days (hopefully) and make this package independent.
Thanks Rich!
- 7 days later
-
New Version released. Version 1.3 is out!
Fixed GUI menu tile images
Working on pfsense BETA 2 x86 and x64 now
Fixed a rare glitch - Thank you netritious!
Added a whitelist feature
also removed 'bogon' from the list to prevent this ->http://forum.pfsense.org/index.php/topic,26226.0.html from happeningThanks for your support all.
-
/tmp/rules.debug:117: cannot load "/usr/local/www/packages/countryblock/countries-white.txt": No such file or directory
I get this after update….
-
Whitelist.php not found….. Who the hell has fucked up this package??? GRRRRRRRRRRRR!!!!#¤%&
-
Hey Supermule,
I think you grabbed the update a little to fast. When I updated the package two files were not uploaded right away. Completely uninstall the package and re-install it for me please.I think you will be pleased.
-
Looking great tommyboy180!
ty :)
-
/tmp/rules.debug:90: cannot load "/usr/local/www/packages/countryblock/countries-white.txt": No such file or directory still here…
-
Uninstall package, Reboot box, reinstall package and enjoy.
-
Still there….........
Current Status = NOT running
/tmp/rules.debug:112: cannot load "/usr/local/www/packages/countryblock/countries-white.txt": No such file or directory:-\
-
But after I click the whitelist icon, do nothing and then returns to the "main" page, it works…....:?
-
I have tested and tested today. I can't replicate your issue.
I started on a fresh install and everything is fine. I tested on Beta 2 and 1.2.3.
-
Does it create the whitelist pr default or is it allready in the package before it starts?
-
It touches it so the file is created when the package is installed.
-
Can you verify that it actually does that??
I had to do it manually.
-
I had the same error, and persistence paid off. I don't recall if it started working after a reboot, or 'Commit Countries" did it, but keep trying… Not very helpful, I know :( ...but in the end it's OK.
-
I had the same error, and persistence paid off. I don't recall if it started working after a reboot, or 'Commit Countries" did it, but keep trying… Not very helpful, I know :( ...but in the end it's OK.
I clicked through the "whitelist" and was finally able to make it work.
:)
-
After I updated everything worked fine. I added some entries to the whitelist and then removed them latter. I could not get the package to start again after that. I removed the package numerous times and rebooted, and contuniued to get the same error as everyone is listing. I finally added those IP's back to the whitelist and I was able to get it to start up again.
I believe you can reproduce this issue by installing the package.
Adding some IP's to the white list.
Remove the IP's
Uninstall the package
Then reinstall it.
-
Darklogic82,
That helped me locate the issue.
I have found the fix for this. And will be updating the package here shortly. Thank you. -
;)
-
Update pushed.
Uninstall, and re-install please.
-
I all of a sudden keep getting the error:
/tmp/rules.debug:115: cannot load "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw": No such file or directory
Any ideas? This started, possibly coincidentally, after trying to enable both the country and the ip blocklists simultaneously.
EDIT: Well I kind of answered my own question. When I removed all the .gz links from within ip-blocklist then all of a sudden the country block loaded just fine. Is it possible to have both on at the same time, or for some reason not a good idea?
-
They are both designed to work together if both are installed. I run both packages without a problem.
I know the error you pasted. I have gotten that error many time myself. Disabling IP-blocklist and re-enabling it usually helps.
-
Done :) No errors!
-
So far seems to be working good. Also thanks for the whitelist feature. That really helps me a lot.
One other thing or request if you ever get free time to do so, I was wondering if you could make a log section that would either dump to the firewall log or maybe just within the package itself that would show the IP's that are being blocking by specificly the Country Block package?
Currently I don't believe the blocks show up in the firewall logs for either a block or whitelist pass.
Then down the road maybe the logging could generate reports on the CIDRS and pin-point a list of attacks and blocks from the countries and the IP's they belong to.
Thanks for all your hard work on this package. As far as running the IP-Block and Country Block together, all seems to work well.
Again Thanks,
Matt
-
That actually sounds like a good idea. I will start work immediately.
-
Excellent work Tom, this package is wonderfull, but sometimes when I've forbidden countries like Pakistan my access was stopped (I live in France), but it's not a problem at the moment.
The idea to see with the firewall log the country where is situated the IP is wonderfull and with this your package will be perfect :P
Thanks again Tom !
- 10 days later
-
First off, thank you for creating this package. It is very helpful to me in dealing with the worst spam offenders.
That said, I have noticed a few typos in the country names, and a few missing countries (unless I have missed something myself). This list is probably not complete, but they are the most recent examples that come to mind for me.
Typos:
Burkia Faso –> Burkina Faso
Argentia --> ArgentinaMissing countries:
Montenegro
IndiaAgain, thank you for creating this!
-
HoTWiReZ
WOW and I mean 01010111 01001111 01010111
tommyboy180, you be the man…
-
Tommyboy, this is one of the most useful packages I have installed so far. You sir, have made my life worth living again. :)
Although, I really hate the idea that someday these type of blocks will become more common where we just get sick of countries who have such a high fraud profile that we simply block the entire country, I have to admit that since I never to ANY business with about 90% of them that I don't feel bad about personally blocking them. I can, however, imagine a world of elitists where we block internet traffic from the majority of the developing world due to endless waves of spam and sniffing.
I guess the burden of this future will be more in the hands of those who prosecute the developing world's abuses rather than those who defend their equipment against it.
-
Tommyboy, this is one of the most useful packages I have installed so far. You sir, have made my life worth living again. :)
Although, I really hate the idea that someday these type of blocks will become more common where we just get sick of countries who have such a high fraud profile that we simply block the entire country, I have to admit that since I never to ANY business with about 90% of them that I don't feel bad about personally blocking them. I can, however, imagine a world of elitists where we block internet traffic from the majority of the developing world due to endless waves of spam and sniffing.
I guess the burden of this future will be more in the hands of those who prosecute the developing world's abuses rather than those who defend their equipment against it.
Thank you.
You are right. Unfortunately, I don't feel bad. A country constantly scanning me or sending SPAM needs to be blocked on my network. I don't want them looking at my website, searching for vulnerabilities, or constantly trying to brute force my SSH server. I made it easy for me and those who get frustrated with trying to minimize the damage caused by these countries. Blocking the entire country could affect them, but I don't see how. If you did business with that country then you wouldn't block them but if you have no business then no harm done.
Maybe more tools like this will cause countries to enforce laws more in the future. Who knows… -
I run my own postfix mail server. Probably 80% of the spam comes from russia, china, korea or japan. I get no legitimate mail from anyone in those countries. So, I will be installing this ASAP :)
-
Thank you.
You are right. Unfortunately, I don't feel bad. A country constantly scanning me or sending SPAM needs to be blocked on my network. I don't want them looking at my website, searching for vulnerabilities, or constantly trying to brute force my SSH server. I made it easy for me and those who get frustrated with trying to minimize the damage caused by these countries. Blocking the entire country could affect them, but I don't see how. If you did business with that country then you wouldn't block them but if you have no business then no harm done.
Maybe more tools like this will cause countries to enforce laws more in the future. Who knows…Where feasible, it's sensible security policy regardless of where you are in the world - if you don't have to allow something, don't allow it. Many companies do no business outside of their own country or a select few countries, so why allow the entire Internet? As useful as it is for those in this thread, who look to be largely in the US, it's just as useful to those in countries some US companies may want to block. Abuse isn't limited to any particular country, it comes from all over. A Russian company that does no business in the US could drop off their spam and hack attempts considerably by blocking the US, where it's sensible for some US companies to do the opposite. The same way those of us in the US see all these attacks from Russia, China, India, Nigeria, and elsewhere, people in those countries see just as much abuse from hosts in the US and see it the same way in the same circumstances - unnecessary traffic that can be blocked entirely. This isn't limited to any country, and isn't that much about enforcing sensible policies on Internet users. That's largely done in the US, but a large portion of the spam and hack attempts we see come from the US.
Keep in mind this can help a lot, but if you're being specifically targeted, may not provide the level of assurance you think it does. Every country has plenty of compromised hosts, or hosts that can be compromised, to use to launch attacks. It's a good measure to drop off things you know have no place being on your network, but still leaves plenty of exposure.
-
to th enewbie guy, country block in the 1.23 packages not installed (if you're using 1.2.3 pfsense release).