PfBlocker
-
Firstly, thank you for the excellent package. I greatly enjoy using 3rd party lists to do IP blocking and have pfblocker configured and running the way I like it. That said, I do have a couple questions.
-
I prefer to block inbound and outbound connections on all interfaces and use pfblocker aliases with 2 floating rules to do this. Is this the preferred method or is there another way I am missing?
-
Not directly a pfblocker question, but in what order are floating rules applied? Do they come before or after the individual interface rules?
Thank you very much for all your hard work!
-
-
- I prefer to block inbound and outbound connections on all interfaces and use pfblocker aliases with 2 floating rules to do this. Is this the preferred method or is there another way I am missing?
Define action as alias only and create your rules. That's the best way.
-
This seems like a very good package. However I'm having trouble getting lists to work properly.
I can make a list with this url in gz format and it works fine and creates an alias:
http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gzFor some reason no matter what I try I can't get this list to load in either txt or gz format. No alias is created and nothing is blocked.
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklistAny ideas? Thanks
-
For some reason no matter what I try I can't get this list to load in either txt or gz format. No alias is created and nothing is blocked.
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklistThis list is in txt format and returns only ips, not CIDR or ip ranges.
so,
:)
version 1.0.1 is out with:
-
fixed pfBlocker to check lists with single ips
-
updated country ip files
-
Return of Deny Both action(Inbound and Outbound)
-
Improved some GUI info
-
-
Wow.. thanks marcello! New version seems to work great.
Nice work, thanks again
-
Thank you for a great package! I just have one minor request for this package. Can you add more granular options for the list update frequency? Something like the attached image?
Thanks,
-Brian
-
Thanx for a great package - I like how it integrates and uses pfSense 2.0 firewall aliases and WAN/LAN rules :-)
A small observation and fix request (latest pfSense 2.0 release + latest pfBlocker):
After placing the pfBlocker widget on the bottom part of my long pfSense 2.0 dashboard page with vertical scrollbar, I observed that the dashboard page/scrollbar automatically reverted back to the top of the page at a fixed interval (every 5-10 secs).
This is a bit annoying if I am looking at data from a widget in the bottom part of the dashboard page - and every 5-10 seconds the page jumps to the top (internal pfBlocker refresh?) and I have to manually use the scrollbar/mouse/arrow-keys to navigate back down to the bottom of the page.
If I temp. removed the pfBlocker widget from dashboard the mis-behaviour went away also.
Hope you can reproduce this scenario and look forward to next release :-)
-
I observed that the dashboard page/scrollbar automatically
Thanks for the feedback.
I`ve removed scroll call in widget.
reinstall package in about 15 minutes.
If you have many widgets, consider testing widescreen package. It may help you.
-
Reinstalled and now I'm not getting any CIDRs or Packets in the widget.
 -
fixed javascript again, try reinstall in 15 minutes.
-
pf 2.0 i386 + squid+squidguard+pfblocker 1.0 and 1.0.1 works very well (deny inbound)
pfblocker 1.0.1+ deny both, crash pfsense!!
reboot and crash,crash…
changing to deny inbound,works well again -
Can you be more specific on what kind of crash you have?
I'm using deny both with no issues or crashes.
Boot process is fine too. -
I`ve removed scroll call in widget.
reinstall package in about 15 minutes.Seems to work fine now… no forced scrolling to the top when refreshing numbers.
Thanx !!
-
Getting this error now trying to enable pfBlocker, and the widget still looks like the pic i posted above.
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10499768 bytes) in /usr/local/pkg/pfblocker.inc on line 281
-
Increase Firewall Maximum Table Entries under System: Advanced: Firewall and NAT
you may have to increase Firewall Maximum States at some point -
fixed javascript again, try reinstall in 15 minutes.
Reinstalled and now the Dashboard doesn't scroll anymoire ;D
Being at it 8) is-it possible to have the option to Enable pfBlocker by default on reinstall? -
Increase Firewall Maximum Table Entries under System: Advanced: Firewall and NAT
you may have to increase Firewall Maximum States at some pointI'm already up to 2 million entries, even increasing to 200 million doesnt resolve issue. Been using pfBlocker since it was first introduced and havent had an issue until now.
Edit:
Using the Top Spammers works fine, it has something to do with the iBlocks lists. Using the same bunch of lists that I PM'd you back during this post.
http://forum.pfsense.org/index.php/topic,42543.msg219723.html#msg219723
-
I ran into that kind of issue when I played with the Level 1 at some point. I was using alias only.
It looked like the table were locked by Firewall Rules, when I disabled pfblocker, the table would still showed up.
I removed pfBlocker and the table were still there under Diagnostics: Tables!!!
I install pfblocker and at some point I recovered. But I am not using Level 1 at this time. -
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10499768 bytes) in /usr/local/pkg/pfblocker.inc on line 281
It looks like very large lists.
Try to remove some lists and enable pfBlocker.
-
@onhel:
Getting this error now trying to enable pfBlocker, and the widget still looks like the pic i posted above.
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10499768 bytes) in /usr/local/pkg/pfblocker.inc on line 281
do you have 128GB harddisk? meaning 134217728 bytes divided with 1024 twice is exactly 128GB
