PfBlockerNG



  • I wait for it.. nice



  • I have a request to make. Is it possible to put a port in the whitelist so I can always permit VPN port regardless of country I am traveling in?


  • Banned

    @GoldServe:

    I have a request to make. Is it possible to put a port in the whitelist so I can always permit VPN port regardless of country I am traveling in?

    Sure. Change the Rule Order.



  • create a floating rule which includes your whitelisted ports



  • I would love for this package to come out….or at least be able to use it....



  • Seems like they may be waiting for 2.2 final before releasing it.



  • @justsomeguy6575:

    Seems like they may be waiting for 2.2 final before releasing it.

    I'm thinking more inline that they are utilizing their resources to get 2.2 final before they can assign a resource to review the code. Compare to other packages, there is a ton of code in this baby.. It does run on 2.1.5 and 2.2. I can see it taking time for them to QA it before it's release to the public.
    Then wait for the next release, so far I'm blocking 64772 domains as of today..



  • Easily my most favourite package on pfsense. Just wish I could help BBcan177 with the coding, rather than pointing out things that don't work. It's a tonne of code that he's put into it.



  • @raab:

    Easily my most favourite package on pfsense. Just wish I could help BBcan177 with the coding, rather than pointing out things that don't work. It's a tonne of code that he's put into it.

    I'm sure once we mere mortals may admire this package too, I will offer BB a nice cup of coffee  ;D



  • I know it's the wrong thread but had to ask… ;D  any news on updates for Dans or e2guardian in the private repository?



  • @Asterix:

    I know it's the wrong thread but had to ask… ;D  any news on updates for Dans or e2guardian in the private repository?

    I dont know of any private repo for dansguardian or e2guardian… Maybe ask on the numerous duplicate squid threads out there?



  • @Asterix:

    any news on updates for Dans or e2guardian in the private repository?

    Not yet…



  • This whole thing with people posting how they have PfblockerNG while telling everybody else to be patient is…offputting.



  • I want to get that soon as it comes out.. 2.2 is in release now..


  • Moderator

    ;) Thanks for the patience.. I will try my best to get it released asap. But unfortunately it's not in my control.



  • I love this package, it helps me sleep at night!  ;D



  • I see it in the pkgconfig on github. So I guess be in here soon? or is it already?

    https://github.com/pfsense/pfsense-packages/blob/master/pkg_config.10.xml


  • Banned

    @Topper727:

    I see it in the pkgconfig on github. So I guess be in here soon? or is it already?

    Been there for a month. Not really useful with

    <required_version>3.0</required_version>
    

  • Banned

    Seems to take quite some time to implement into pfsense package repository… not good!



  • @Supermule:

    Seems to take quite some time to implement into pfsense package repository… not good!

    It's already there, but it's being tested by ESF before it's released for the public. doktornotor's post above shows the reason why it's not showing up on 2.1.5 or 2.2 :)


  • Banned

    @fragged:

    why it's not showing up on 2.1.5 or 2.2 :)

    Maybe it could with a bit of unsupported fiddling with /etc/version :P



  • @doktornotor:

    @fragged:

    why it's not showing up on 2.1.5 or 2.2 :)

    Maybe it could with a bit of unsupported fiddling with /etc/version :P

    I knew there's a way to fool the system, but didn't know the right place :)


  • Banned

    Note: If someone does this, I'd suggest revert the change immediately after the package is installed.



  • @Supermule:

    Seems to take quite some time to implement into pfsense package repository… not good!

    I think I will wipe the dirt from my other diploma, that from law school, and speak in defense of ( ;D ):

    The Pfsense team has worked hard on 2.2; I'm sure that took, and still takes, almost all of their time.

    't Makes (pf)sense to me that other work gets delayed with relatively limited resources.



  • @doktornotor:

    @fragged:

    why it's not showing up on 2.1.5 or 2.2 :)

    Maybe it could with a bit of unsupported fiddling with /etc/version :P

    Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

    I appreciate that procedure, and I'm sure BB does too, as perhaps the pfSense team notices things BB overlooked (that happens: when you look too much at something, you develop a sort of 'blindness' for things. I'm sure BB looked alot at the code  ;D . I suffer from the same: in the end, after looking at Excel sheets for 10 hours, you don't see anything anymore.)


  • Banned

    @Mr.:

    Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

    Pretty confident the package is working a whole LOT better compared to the old pfBlocker thing (which, ATM, is not really usable with 2.2 any more depending on which blocklists you happen to use, plus the rest of features - the country etc. blocklists - being desperately outdated and useless.)



  • I'm really looking forward to this new release! I love pfBlocker and these upgrades are exactly what are needed. I can hardly wait!



  • If you want to test pfBlockerNG on 2.2,

    create this patch using systempatches package.

    
    --- pkg-utils.orig.inc       2015-01-27 14:27:38.000000000 +0000
    +++ pkg-utils.inc      2015-01-27 14:27:50.000000000 +0000
    @@ -624,6 +624,7 @@
                    if (isset($pkg_info['maximum_version']))
                            $compatible = $compatible && (pfs_version_compare("", $version, $pkg_info['maximum_version']) <= 0);
    
    +               $compatible = true;
                    if (!$compatible) {
                            log_error(sprintf(gettext('Package %s is not supported on this version.'), $pkg_info['name']));
                            $static_output .= sprintf(gettext("Package %s is not supported on this version."), $pkg_info['name']);
    
    

    Note: Do not forget to click test and apply the patch after creating/saving  it.  ;)

    then install package with your pfsense url

    https://YOUR_PFSENSE_ADDRESS_HERE/pkg_mgr_install.php?id=pfBlockerNG
    

    And of cource, DO AT YOUR OWN RISK  :)






  • Your instructions are great, they're for dummies like me.

    It's greatly appreciated! I'm going to try and hit the datacenter this weekend. I'm doing a fresh install and moving from 2.1.5 (32bit) to 2.2 (64bit). I'll try installing pfBlockerNG then.

    Thank you!



  • is it  compatible with 32bit version?



  • Banned

    The package? Sure. The pkg-utils.inc patch? No idea, never tried.



  • i try install pfblockerng on 32bit pfsense with this patch and it failed.



  • Edit: They aren't built for 2.1.5. Only for 2.2

    http://files.pfsense.org/packages/10/All/

    
    pfblockerng-1.6.3_1-amd64.pbi                      27-Nov-2014 13:15             2743546
    pfblockerng-1.6.3_1-amd64.pbi.sha256               27-Nov-2014 13:15                  65
    pfblockerng-1.6.3_1-i386.pbi                       27-Nov-2014 13:23             2909780
    pfblockerng-1.6.3_1-i386.pbi.sha256                27-Nov-2014 13:23                  65
    
    

    i dont see anything in http://files.pfsense.org/packages/8/All/ for 2.1.5



  • ok, thx. this make sense to me.


  • Banned

    @Cino:

    I dont believe the pbi's are built for 32bit yet

    They certainly are, see https://files.pfsense.org/packages/10/All/

    Looking at the pkg-utils.inc file, you'd rather need $force_install = true; at proper place instead.



  • @doktornotor:

    @Cino:

    I dont believe the pbi's are built for 32bit yet

    They certainly are, see https://files.pfsense.org/packages/10/All/

    Looking at the pkg-utils.inc file, you'd rather need $force_install = true; at proper place instead.

    I corrected my post… They are not created for 2.1.5


  • Banned

    About time to upgrade. :P



  • than if is 32bit ready and i install on pfsense 2.2. release 32 bit i dont know why i cant install with posted patch.


  • Banned

    Already posted a hint above. As said, never tested the patch, edit the version temporarily and move on.



  • @marian78:

    i try install pfblockerng on 32bit pfsense with this patch and it failed.

    Did you tested and applied the patch under systempatches? the screen I've sent show how to create the patch but you need to apply after saving.

    Or edit file manually if you know how to handle with it.


Log in to reply