Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfBlockerNG

    pfBlockerNG
    210
    1196
    492657
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wbennett77 last edited by

      pfBlockerNG v1.0 – Official Release

      This is a new package based upon the previous pfBlocker package. pfBlockerNG is basically an IP Download manager. It can collect IPs from a multitude of sources. The auto-creation of Firewall rules in Deny, Permit and Match. Firewall rules can also be created on any Interface including the 'Floating' interface. Custom setup can be achieved utilizing the Alias Format.

      Improved Features

      [ [color=red]Country Blocking ]
      Country Blocking utilizes Maxmind Inc. Free GeoLite2 IP geolocation databases (IPv4/6). The data is 99.8% accurate for Country Codes and is updated the first Tuesday of each Month. The download hour is randomized (0-23) to reduce a surge in downloads to any specific hour.

      [ [color=red]Cron ] 
      1. Min Start time (00, 15, 30, 45)
      2. Base Hour Start Time (0-23)
      3. Update hours of (1,2,3,4,6,8,12,24, and weekly)
      4. Time/Date file check to skip downloads where remote file remains unchanged.
      5. On any download fail, a Query is now performed to see if a BlockList or IDS  (Snort/Suricata) has blocked the Lists download.  ( see error.log )
      6. Multiple list formats available – txt, gz (Iblock), gz (all other), zip, xlsx, block and html based lists.
      7. Individual lists can be enabled/disabled in an 'Alias'. Lists can also be put on “Hold”
      8. If Firewall Rule changes are made a 'Filter Reload' is performed, otherwise a pfctl command updates the Alias Tables as required. This will minimize Log spamming and will not clear the Widget packet counts.

      [ [color=red]Logging ]  With the real-time viewer, all pfBlockerNG functions are easily managed.
      1. Selecting any of the “Force” buttons in the Update Tab will run a Live Log viewer.
      2. Logging for Each Alias can be individually controlled.
      3. Global Logging can be selected for all Aliases

      [ [color=red]Firewall Rules Ordering ] Four rule ordering options are now available to re-order Firewall Rules based upon user specific network requirements.

      [ [color=red]XML RPC Sync ] Improvements to http/https and Username. The 'General Tab settings' can also be excluded from the sync to allow for Site specific customizations.

      [ [color=red]Widget ] Enabled status, Links to Alerts/Log page, IP Counts and failed download alerting.

      [ [color=red]IPv4/6 ] Improved Regex Parsers to validate IP address.

      New Features

      [ [color=red]De-Duplication ] Utilizing a tool called Grepcidr by Jem Berkes (Partially funded by Spamhaus).
      “grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications. “

      [ [color=red]Suppression ] IP address(es) may be suppressed from the Lists. The new Alerts Tab, allows for an immediate clear of the Blocked IP and prevents the re-occurrence of the IP thereafter. Country Blocking Suppression will require a new “Permit Outbound” Alias.

      [ [color=red]Reputation ] An advanced process to analyze for Repeat Offenders in each IP Range.

      [ [color=red]Emerging Threats IQRisk ] A professional IP list accessible via Subscription only. This list can be used for Blocking or Match Rules.

      [ [color=red]IPv6 ] As lists become available, IPv6 is now supported. User Custom Lists can also be used.

      [ [color=red]Log Browser ] All files are easily managed via the Log Browser management Tab. Lists can also be downloaded to your local machine.

      [ [color=red]Alerts Tab ] Deny, Permit and Match alerts are visible all in one Tab. IPs can be resolved by clicked the “!” icon. IPs can also be suppressed. The List that contains the IP is also referenced.

      Thanks,
      BBCan177

      [ Thanks to wbennett77 for allowing me to commandeer this first post in the thread! ]

      Dell Optiplex 390 Pfsense 2.2 / Asus AC56U Wireless AP / Asus Switch

      P 1 Reply Last reply Reply Quote 1
      • S
        Supermule Banned last edited by

        Via the private repository but it will be available soon as a pfsense package.

        Be patient :)

        1 Reply Last reply Reply Quote 0
        • J
          justsomeguy6575 last edited by

          Can us mortals access this private repository? I'm guessing private probably means no which is ok. I've just got the upgrade itch. I've been holding off updating to the latest nightly as it sounds like there are issues with it and the current pfblocker.

          1 Reply Last reply Reply Quote 0
          • S
            Supermule Banned last edited by

            Its very close to release afaik so keep the itch under control for a short while.

            :)

            1 Reply Last reply Reply Quote 0
            • M
              Mr. Jingles last edited by

              I'm eagerly awaiting it in the Repo too  :P

              BB is very skilled (and kind  ;) ), as are the current beta-testers I know off. BB tried to help me set it up in a virtual machine, but I couldn't get it to work. So I'll simply have to wait until it's in the repository. I think I'll drewl if I see what this Master has made  ;D

              6 and a half billion people know that they are stupid, agressive, lower life forms.

              1 Reply Last reply Reply Quote 0
              • W
                wcrowder last edited by

                Wait till you see what he's done for Unbound (DNS Resolver) on 2.2  :D

                1 Reply Last reply Reply Quote 0
                • S
                  simby last edited by

                  Any picture?

                  1 Reply Last reply Reply Quote 0
                  • C
                    Cino last edited by

                    @simby:

                    Any picture?

                    thats like watching porn, why would you want to be teased?

                    1 Reply Last reply Reply Quote 0
                    • KOM
                      KOM last edited by

                      why would you want to be teased?

                      He paid extra for that

                      1 Reply Last reply Reply Quote 0
                      • M
                        Mr. Jingles last edited by

                        @simby:

                        Any picture?

                        If rumors are true, it should be looking a lot like this ( ;D ;D ;D )


                        6 and a half billion people know that they are stupid, agressive, lower life forms.

                        1 Reply Last reply Reply Quote 0
                        • W
                          wcrowder last edited by

                          Hmm… Probably going to get slapped via email... :)






                          1 Reply Last reply Reply Quote 0
                          • BBcan177
                            BBcan177 Moderator last edited by

                            I think you can't do better than Mr Jingles pic  ;D

                            "Experience is something you don't get until just after you need it."

                            Website: http://pfBlockerNG.com
                            Twitter: @BBcan177  #pfBlockerNG
                            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                            1 Reply Last reply Reply Quote 0
                            • D
                              dancwilliams last edited by

                              @BBcan177:

                              I think you can't do better than Mr Jingles pic  ;D

                              I would have to agree!  ::)

                              1 Reply Last reply Reply Quote 0
                              • T
                                Topper727 last edited by

                                I wait for it.. nice

                                Dell 2950 g3 server
                                Intel(R) Xeon(R) CPU E5430 @ 2.66GHz
                                Current: 2000 MHz, Max: 2667 MHz
                                8 CPUs: 2 package(s) x 4 core(s)
                                8152 MiB and 600meg 10k drive
                                Pfsense 2.4 .. Hoping to get the phpvirtualbox going again.

                                1 Reply Last reply Reply Quote 0
                                • G
                                  GoldServe last edited by

                                  I have a request to make. Is it possible to put a port in the whitelist so I can always permit VPN port regardless of country I am traveling in?

                                  1 Reply Last reply Reply Quote 0
                                  • D
                                    doktornotor Banned last edited by

                                    @GoldServe:

                                    I have a request to make. Is it possible to put a port in the whitelist so I can always permit VPN port regardless of country I am traveling in?

                                    Sure. Change the Rule Order.

                                    1 Reply Last reply Reply Quote 0
                                    • C
                                      Cino last edited by

                                      create a floating rule which includes your whitelisted ports

                                      1 Reply Last reply Reply Quote 0
                                      • H
                                        HeatmiserNYC last edited by

                                        I would love for this package to come out….or at least be able to use it....

                                        1 Reply Last reply Reply Quote 0
                                        • J
                                          justsomeguy6575 last edited by

                                          Seems like they may be waiting for 2.2 final before releasing it.

                                          1 Reply Last reply Reply Quote 0
                                          • C
                                            Cino last edited by

                                            @justsomeguy6575:

                                            Seems like they may be waiting for 2.2 final before releasing it.

                                            I'm thinking more inline that they are utilizing their resources to get 2.2 final before they can assign a resource to review the code. Compare to other packages, there is a ton of code in this baby.. It does run on 2.1.5 and 2.2. I can see it taking time for them to QA it before it's release to the public.
                                            Then wait for the next release, so far I'm blocking 64772 domains as of today..

                                            1 Reply Last reply Reply Quote 0
                                            • R
                                              raab last edited by

                                              Easily my most favourite package on pfsense. Just wish I could help BBcan177 with the coding, rather than pointing out things that don't work. It's a tonne of code that he's put into it.

                                              1 Reply Last reply Reply Quote 0
                                              • M
                                                Mr. Jingles last edited by

                                                @raab:

                                                Easily my most favourite package on pfsense. Just wish I could help BBcan177 with the coding, rather than pointing out things that don't work. It's a tonne of code that he's put into it.

                                                I'm sure once we mere mortals may admire this package too, I will offer BB a nice cup of coffee  ;D

                                                6 and a half billion people know that they are stupid, agressive, lower life forms.

                                                1 Reply Last reply Reply Quote 0
                                                • A
                                                  asterix last edited by

                                                  I know it's the wrong thread but had to ask… ;D  any news on updates for Dans or e2guardian in the private repository?

                                                  1 Reply Last reply Reply Quote 0
                                                  • C
                                                    Cino last edited by

                                                    @Asterix:

                                                    I know it's the wrong thread but had to ask… ;D  any news on updates for Dans or e2guardian in the private repository?

                                                    I dont know of any private repo for dansguardian or e2guardian… Maybe ask on the numerous duplicate squid threads out there?

                                                    1 Reply Last reply Reply Quote 0
                                                    • marcelloc
                                                      marcelloc last edited by

                                                      @Asterix:

                                                      any news on updates for Dans or e2guardian in the private repository?

                                                      Not yet…

                                                      Treinamentos de Elite: http://sys-squad.com

                                                      Help a community developer! ;D

                                                      1 Reply Last reply Reply Quote 0
                                                      • H
                                                        HeatmiserNYC last edited by

                                                        This whole thing with people posting how they have PfblockerNG while telling everybody else to be patient is…offputting.

                                                        1 Reply Last reply Reply Quote 0
                                                        • T
                                                          Topper727 last edited by

                                                          I want to get that soon as it comes out.. 2.2 is in release now..

                                                          Dell 2950 g3 server
                                                          Intel(R) Xeon(R) CPU E5430 @ 2.66GHz
                                                          Current: 2000 MHz, Max: 2667 MHz
                                                          8 CPUs: 2 package(s) x 4 core(s)
                                                          8152 MiB and 600meg 10k drive
                                                          Pfsense 2.4 .. Hoping to get the phpvirtualbox going again.

                                                          1 Reply Last reply Reply Quote 0
                                                          • BBcan177
                                                            BBcan177 Moderator last edited by

                                                            ;) Thanks for the patience.. I will try my best to get it released asap. But unfortunately it's not in my control.

                                                            "Experience is something you don't get until just after you need it."

                                                            Website: http://pfBlockerNG.com
                                                            Twitter: @BBcan177  #pfBlockerNG
                                                            Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                                                            1 Reply Last reply Reply Quote 0
                                                            • J
                                                              justsomeone last edited by

                                                              I love this package, it helps me sleep at night!  ;D

                                                              "Bad shit happens to drunk people."

                                                              1 Reply Last reply Reply Quote 0
                                                              • T
                                                                Topper727 last edited by

                                                                I see it in the pkgconfig on github. So I guess be in here soon? or is it already?

                                                                https://github.com/pfsense/pfsense-packages/blob/master/pkg_config.10.xml

                                                                Dell 2950 g3 server
                                                                Intel(R) Xeon(R) CPU E5430 @ 2.66GHz
                                                                Current: 2000 MHz, Max: 2667 MHz
                                                                8 CPUs: 2 package(s) x 4 core(s)
                                                                8152 MiB and 600meg 10k drive
                                                                Pfsense 2.4 .. Hoping to get the phpvirtualbox going again.

                                                                1 Reply Last reply Reply Quote 0
                                                                • D
                                                                  doktornotor Banned last edited by

                                                                  @Topper727:

                                                                  I see it in the pkgconfig on github. So I guess be in here soon? or is it already?

                                                                  Been there for a month. Not really useful with

                                                                  <required_version>3.0</required_version>
                                                                  
                                                                  1 Reply Last reply Reply Quote 0
                                                                  • S
                                                                    Supermule Banned last edited by

                                                                    Seems to take quite some time to implement into pfsense package repository… not good!

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • F
                                                                      fragged last edited by

                                                                      @Supermule:

                                                                      Seems to take quite some time to implement into pfsense package repository… not good!

                                                                      It's already there, but it's being tested by ESF before it's released for the public. doktornotor's post above shows the reason why it's not showing up on 2.1.5 or 2.2 :)

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • D
                                                                        doktornotor Banned last edited by

                                                                        @fragged:

                                                                        why it's not showing up on 2.1.5 or 2.2 :)

                                                                        Maybe it could with a bit of unsupported fiddling with /etc/version :P

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • F
                                                                          fragged last edited by

                                                                          @doktornotor:

                                                                          @fragged:

                                                                          why it's not showing up on 2.1.5 or 2.2 :)

                                                                          Maybe it could with a bit of unsupported fiddling with /etc/version :P

                                                                          I knew there's a way to fool the system, but didn't know the right place :)

                                                                          1 Reply Last reply Reply Quote 0
                                                                          • D
                                                                            doktornotor Banned last edited by

                                                                            Note: If someone does this, I'd suggest revert the change immediately after the package is installed.

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • M
                                                                              Mr. Jingles last edited by

                                                                              @Supermule:

                                                                              Seems to take quite some time to implement into pfsense package repository… not good!

                                                                              I think I will wipe the dirt from my other diploma, that from law school, and speak in defense of ( ;D ):

                                                                              The Pfsense team has worked hard on 2.2; I'm sure that took, and still takes, almost all of their time.

                                                                              't Makes (pf)sense to me that other work gets delayed with relatively limited resources.

                                                                              6 and a half billion people know that they are stupid, agressive, lower life forms.

                                                                              1 Reply Last reply Reply Quote 0
                                                                              • M
                                                                                Mr. Jingles last edited by

                                                                                @doktornotor:

                                                                                @fragged:

                                                                                why it's not showing up on 2.1.5 or 2.2 :)

                                                                                Maybe it could with a bit of unsupported fiddling with /etc/version :P

                                                                                Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

                                                                                I appreciate that procedure, and I'm sure BB does too, as perhaps the pfSense team notices things BB overlooked (that happens: when you look too much at something, you develop a sort of 'blindness' for things. I'm sure BB looked alot at the code  ;D . I suffer from the same: in the end, after looking at Excel sheets for 10 hours, you don't see anything anymore.)

                                                                                6 and a half billion people know that they are stupid, agressive, lower life forms.

                                                                                1 Reply Last reply Reply Quote 0
                                                                                • D
                                                                                  doktornotor Banned last edited by

                                                                                  @Mr.:

                                                                                  Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

                                                                                  Pretty confident the package is working a whole LOT better compared to the old pfBlocker thing (which, ATM, is not really usable with 2.2 any more depending on which blocklists you happen to use, plus the rest of features - the country etc. blocklists - being desperately outdated and useless.)

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  • B
                                                                                    Bummer last edited by

                                                                                    I'm really looking forward to this new release! I love pfBlocker and these upgrades are exactly what are needed. I can hardly wait!

                                                                                    1 Reply Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post