PfBlocker
-
pfBlocker version 1.4 is out.
Main improvements:
-
Url Lists now has it's own tab and many new options, including reading local files instead of urls
-
Each continent as well top spammers has it's own alias and rule action.
-
pfBlocker now reads CIDR, ips and network rages on files/urls.
-
More intuitive way to choose action in lists.
-
More control checks to avoid pfctrl error messages
I will wait feedback about these changes and stability before coding update frequency lists.
We are almost there.
-
-
just updated to new version and there is a problem with widget
enabling it will cause other widgets (not all) not to be displayed (ex : interface statistics)
-
Congratulations guys! :)
This looks like an outstanding package. Genuinely useful.Steve
-
just updated to new version and there is a problem with widget
enabling it will cause other widgets (not all) not to be displayed (ex : interface statistics)
I will take a look.EDIT
Fixed. Reinstall package in about 15 minutes to get fixed widget file.
-
nice work!!! its working nicely on my 2.1-dev box
-
After a reboot, I did receive an error alert but the list still loaded:
There were error(s) loading the rules: /tmp/rules.debug:21: cannot load "/var/db/aliastables/pfBlockerTopSpammers.txt": No such file or directory /tmp/rules.debug:23: cannot load "/var/db/aliastablespfBlockerBadGuys.txt": No such file or directory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [21]: table <pfblockertopspammers>persist file "/var/db/aliastables/pfBlockerTopSpammers.txt"</pfblockertopspammers> -
This happens when pfBlocker is running While filter reloads. Boot is one of these cases.
This is not a big deal as pfBlocker call filter reload when finish.
-
I figured it would be normal but wanted to share just in-case
-
I would recommend you to detect that you are at boot phase and do not don anything.
I generally do not like that packages call filter_configure() but rather would like packages to go and use pfctl themselves and exploit the anchors, though it needs more familiarity with pfctl.
-
just updated to new version and there is a problem with widget
enabling it will cause other widgets (not all) not to be displayed (ex : interface statistics)
I will take a look.EDIT
Fixed. Reinstall package in about 15 minutes to get fixed widget file.
thx, I confirm that it works now !
-
@ermal:
I would recommend you to detect that you are at boot phase and do not don anything.
OK, I will find a way.
@ermal:
I generally do not like that packages call filter_configure() but rather would like packages to go and use pfctl themselves and exploit the anchors, though it needs more familiarity with pfctl.
The first generation of this package (countryblock) was editing /tmp/rules.debug. cmd asked tommyboy to change the way package apply rules.
The fist idea to improve stability was using pfsense 2.0 native options to edit rules. So current version of pfblocker create aliases, rules and then apply with filter_configure(). This was the best way I found to apply rules when users saves pfBlocker's conf. -
Great package. I have installed the latest version and I am wondering what happened to the deny inbound/outbound option? There are cases where you may block traffic to and from these countries (like countries which both do a lot of attacks, spam etc and host a lot of malware you do not want your users contacting. Is it possible to put that back in please? Thank you
-
Re-Installed 0.1.4 working fine
one detail … Package Info link still points to Country Block http://forum.pfsense.org/index.php/topic,25732.0.html -
I try to update very large blocklist and I get error:
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10106374 bytes) in /usr/local/pkg/pfblocker.inc on line 248
Same list work with IP-blocklist.
And after I put some smaller bloclist I get another error:
php: : There were error(s) loading the rules: /tmp/rules.debug:21: cannot define table pfBlockerblocklist: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [21]: table <pfblockerblocklist>persist file "/var/db/aliastables/pfBlockerblocklist.txt"</pfblockerblocklist>
-
Great package. I have installed the latest version and I am wondering what happened to the deny inbound/outbound option? There are cases where you may block traffic to and from these countries (like countries which both do a lot of attacks, spam etc and host a lot of malware you do not want your users contacting.
In special cases, you can choose alias only option and create your own rule using alias pfBlocker created.
You can also add this list into two aliases and block inbound one and block outbound other.
Is it possible to put that back in please?
Not sure but I'll take a note.
-
I try to update very large blocklist and I get error:
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10106374 bytes) in /usr/local/pkg/pfblocker.inc on line 248
Same list work with IP-blocklist.
The way pfBlocker downloads list is different then ipblocklist.
To increase php memory limit, edit php.ini:php.ini location path is:
/usr/local/lib/php.ini or
/usr/local/etc/php.iniEdit the memory_limit cvar to 256
ie. memory_limit = 256save file and reboot
And after I put some smaller bloclist I get another error:
php: : There were error(s) loading the rules: /tmp/rules.debug:21: cannot define table pfBlockerblocklist: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [21]: table <pfblockerblocklist>persist file "/var/db/aliastables/pfBlockerblocklist.txt"</pfblockerblocklist>check this:
-
Increase even more Firewall Maximum Table Entries
-
clear ipblocklist table in diagnostics-> table
-
check if the value of table-entries in /tmp/rules.debug is the same in Firewall Maximum Table Entries
-
check also if table-entries is declared twice in /tmp/rules.debug
BUT
The most important thing is: read list description you are including and see if it is realy a bad guys or nasty list.One example of not bad list is leve1 ip-blocklist file.
See its description:
Author's description:
Companies or organizations who are clearly involved with trying to stop filesharing.
Companies which anti-p2p activity has been seen from.
Companies that produce or have a strong financial interest in copyrighted material.
Government ranges or companies that have a strong financial interest in doing work for governments.
Legal industry ranges.
IPs or ranges of ISPs from which anti-p2p activity has been observed. -
-
Re-Installed 0.1.4 working fine
one detail … Package Info link still points to Country Block http://forum.pfsense.org/index.php/topic,25732.0.htmlThanks, I'll fix it.Ok, package info fixed.
Thank's for your feedback
-
In special cases, you can choose alias only option and create your own rule using alias pfBlocker created.
You can also add this list into two aliases and block inbound one and block outbound other.
Great if we use the same table inbound and outbound, we can just use one list ;o) and create a FW rule with that list aliasname ;o)
-
Nice going guys. :) Having trouble having lists work. I get this when the filter reloads.
There were error(s) loading the rules: /tmp/rules.debug:17: cannot define table pfBlockerantitorrentin: Cannot allocate memory/tmp/rules.debug:19: cannot define table pfBlockerantitorrentout: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [17]: table persist file "/var/db/aliastables/pfBlockerantitorrentin.txt" …
Going to try the fixes I see in the thread and report back. Thanks again!
-
After doing tests, don't forget to save pfBlocker config again.
