Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Country Block

    Scheduled Pinned Locked Moved pfSense Packages
    691 Posts 79 Posters 765.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dlawley
      last edited by

      Country Block , blocked?

      To help us defray burgeoning costs, we have temporarily suspended automated downloads of Access Control Lists. We would like to restore these or move to a members only delivery system. Please help us by donating now:

      Does this affect your script?  If I have to download manually, what format should I grab…

      1 Reply Last reply Reply Quote 0
      • T
        tommyboy180
        last edited by

        @dlawley:

        Country Block , blocked?

        To help us defray burgeoning costs, we have temporarily suspended automated downloads of Access Control Lists. We would like to restore these or move to a members only delivery system. Please help us by donating now:

        Does this affect your script?  If I have to download manually, what format should I grab…

        There is an updated countryblock package that I released several days ago. Update and it should work.

        -Tom Schaefer
        SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

        Please support pfBlocker | File Browser | Strikeback

        1 Reply Last reply Reply Quote 0
        • D
          dlawley
          last edited by

          just updated to 0.2.0,

          /usr/local/www/packages/countryblock/lists/countries.txt is 0 bytes

          It says I have have 11 of 252 selected but 0 blocked, indicates it is running

          1 Reply Last reply Reply Quote 0
          • T
            tommyboy180
            last edited by

            @dlawley:

            just updated to 0.2.0,

            /usr/local/www/packages/countryblock/lists/countries.txt is 0 bytes

            It says I have have 11 of 252 selected but 0 blocked, indicates it is running

            What pfsense version?

            -Tom Schaefer
            SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

            Please support pfBlocker | File Browser | Strikeback

            1 Reply Last reply Reply Quote 0
            • D
              dlawley
              last edited by

              Sorry did not put that in the original message, well seasoned 1.2.3.  Just did a reboot but no joy.  countries.txt in the list folder still 0

              1 Reply Last reply Reply Quote 0
              • T
                tommyboy180
                last edited by

                That's really strange. Alright give me 5 min to check on my 1.2.3 test vm.

                -Tom Schaefer
                SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                Please support pfBlocker | File Browser | Strikeback

                1 Reply Last reply Reply Quote 0
                • D
                  dlawley
                  last edited by

                  Anything look out of order?

                  2011-02-15_121228.jpg
                  2011-02-15_121228.jpg_thumb

                  1 Reply Last reply Reply Quote 0
                  • T
                    tommyboy180
                    last edited by

                    That looks right. I just tested on my 1.2.3 VM. I uninstalled my CB package, rebooted, and then installed the package version 2.0. Make sure CIDR.tar.gz is downloaded during the install.

                    I checked Korea, committed, then checked enabled and hit Save/Update.

                    All worked fine. Try my method and let me know what happens.

                    -Tom Schaefer
                    SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                    Please support pfBlocker | File Browser | Strikeback

                    1 Reply Last reply Reply Quote 0
                    • D
                      dlawley
                      last edited by

                      Thanks, was just looking and first glance it appears that the fetch lines are commented out in countryblock.php

                      lunch time, brain food… tackle this after lunch

                      //Process each list URL, Extract, and put in DIR lists
                      exec("mkdir lists");
                      foreach ($lines as $line) {
                      //echo("fetch -o lists http://www.countryipblocks.net/e_country_data/{$line}_cidr.txt");
                      //Fetch countries from server
                      //exec("fetch -o lists/temp http://127.0.0.1//packages/countryblock/CIDR/{$line}_cidr.txt");
                      //Pull from local file since https or http on other ports may be used
                      exec("cat CIDR/{$line}_cidr.txt >> lists/countries.txt");
                      //exec("fetch -o lists/temp http://www.countryipblocks.net/e_country_data/{$line}_cidr.txt");
                      //Remove cat lists/temp since fetch is not used
                      //Thank you g4m3c4ck, 'He got a real pretty mouth ain't he', 1 Feb 2011
                      //exec("cat lists/temp >> lists/countries.txt");
                      $filename = basename($line);
                      //Extract list
                      //exec("gzip -d lists/$filename");
                      }

                      1 Reply Last reply Reply Quote 0
                      • T
                        tommyboy180
                        last edited by

                        The fetch was the old way to pull the country files directly from countryipblocks.net but that's what created the bandwidth problem for them.

                        So now the cat CIDR is the solution. It pulls the country ip blocks from a local file that it download during package install. That's why it's kind of weird it's not working for you since it's so simple.

                        -Tom Schaefer
                        SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                        Please support pfBlocker | File Browser | Strikeback

                        1 Reply Last reply Reply Quote 0
                        • D
                          dlawley
                          last edited by

                          Something must have been hanging around.  Had to remove, then reinstall.  Now have CIDR folder and have networks blocked.

                          Thanks for the help, its better help than we get around here for paid support…

                          1 Reply Last reply Reply Quote 0
                          • S
                            Supermule Banned
                            last edited by

                            HAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAHA

                            :)

                            @dlawley:

                            Something must have been hanging around.  Had to remove, then reinstall.  Now have CIDR folder and have networks blocked.

                            Thanks for the help, its better help than we get around here for paid support…

                            1 Reply Last reply Reply Quote 0
                            • T
                              tommyboy180
                              last edited by

                              @dlawley:

                              Something must have been hanging around.  Had to remove, then reinstall.  Now have CIDR folder and have networks blocked.

                              Thanks for the help, its better help than we get around here for paid support…

                              Well thank you for the compliment. I try to provide half decent support. Check out tomschaefer.org/pfsense
                              I created it to try to help more people that needed a way to directly contact me.

                              -Tom Schaefer
                              SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                              Please support pfBlocker | File Browser | Strikeback

                              1 Reply Last reply Reply Quote 0
                              • X
                                XIII
                                last edited by

                                um..the forum is free support, no paid support is offered "here" on the forum. If you want paid support see here:
                                https://portal.pfsense.org/index.php/support-subscription

                                The support here is really great, one of the top ones compared to other forums. tommyboy180 is excellent at providing support for his packages, he is really fast at getting back to you.

                                -Chris Stutzman
                                Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
                                Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
                                freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
                                Check out the pfSense Wiki

                                1 Reply Last reply Reply Quote 0
                                • T
                                  tommyboy180
                                  last edited by

                                  @XIII:

                                  um..the forum is free support, no paid support is offered "here" on the forum. If you want paid support see here:
                                  https://portal.pfsense.org/index.php/support-subscription

                                  The support here is really great, one of the top ones compared to other forums. tommyboy180 is excellent at providing support for his packages, he is really fast at getting back to you.

                                  Thank you. I appreciate the kind words. I'm sure many other package managers are just the same.

                                  -Tom Schaefer
                                  SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                                  Please support pfBlocker | File Browser | Strikeback

                                  1 Reply Last reply Reply Quote 0
                                  • G
                                    ghm
                                    last edited by

                                    Hi,

                                    I use 1.2.3 embedded. Country Block apparently installed ok and I could commit countries + enable but sadly Country Block drops into disabled pretty often (stays on for maybe an hour or so).

                                    One thing I have seen: Under the "Whitelist" tab (where I have not added any IPs), there is this message:

                                    Warning: fopen(countries-white.txt): failed to open stream: Read-only file system in /usr/local/www/packages/countryblock/whitelist.php on line 134 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/packages/countryblock/whitelist.php on line 135 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/packages/countryblock/whitelist.php on line 140 
                                    

                                    Any chance to get this going on embedded? I really like the package…

                                    Thanks1

                                    1 Reply Last reply Reply Quote 0
                                    • T
                                      tommyboy180
                                      last edited by

                                      @ghm:

                                      Hi,

                                      I use 1.2.3 embedded. Country Block apparently installed ok and I could commit countries + enable but sadly Country Block drops into disabled pretty often (stays on for maybe an hour or so).

                                      One thing I have seen: Under the "Whitelist" tab (where I have not added any IPs), there is this message:

                                      Warning: fopen(countries-white.txt): failed to open stream: Read-only file system in /usr/local/www/packages/countryblock/whitelist.php on line 134 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/packages/countryblock/whitelist.php on line 135 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/packages/countryblock/whitelist.php on line 140 
                                      

                                      Any chance to get this going on embedded? I really like the package…

                                      Thanks1

                                      That's strange. I added embedded support in version 1.5 a long time ago. What package version do you have?

                                      -Tom Schaefer
                                      SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

                                      Please support pfBlocker | File Browser | Strikeback

                                      1 Reply Last reply Reply Quote 0
                                      • G
                                        ghm
                                        last edited by

                                        @tommyboy180:

                                        That's strange. I added embedded support in version 1.5 a long time ago. What package version do you have?

                                        0.2.0 - I attach a list of my installed packages below. CB is my newest.

                                        packages.png
                                        packages.png_thumb

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          dlawley
                                          last edited by

                                          @dlawley:

                                          Something must have been hanging around.  Had to remove, then reinstall.  Now have CIDR folder and have networks blocked.

                                          Thanks for the help, its better help than we get around here for paid support…

                                          Sorry sorry for the misunderstanding…. I meant paid support here at our shop  ::)

                                          1 Reply Last reply Reply Quote 0
                                          • M
                                            mst
                                            last edited by

                                            I am sorry for confusion …..

                                            recently had this:

                                            Current Status = Restarting
                                            no IP address found for __csrf_magic
                                            You are blocking 0 Networks

                                            Pfsence 2.0 Beta 5 ......

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.