PfBlockerNG
-
I see it in the pkgconfig on github. So I guess be in here soon? or is it already?
Been there for a month. Not really useful with
<required_version>3.0</required_version>
-
Seems to take quite some time to implement into pfsense package repository… not good!
-
Seems to take quite some time to implement into pfsense package repository… not good!
It's already there, but it's being tested by ESF before it's released for the public. doktornotor's post above shows the reason why it's not showing up on 2.1.5 or 2.2 :)
-
why it's not showing up on 2.1.5 or 2.2 :)
Maybe it could with a bit of unsupported fiddling with /etc/version :P
-
why it's not showing up on 2.1.5 or 2.2 :)
Maybe it could with a bit of unsupported fiddling with /etc/version :P
I knew there's a way to fool the system, but didn't know the right place :)
-
Note: If someone does this, I'd suggest revert the change immediately after the package is installed.
-
Seems to take quite some time to implement into pfsense package repository… not good!
I think I will wipe the dirt from my other diploma, that from law school, and speak in defense of ( ;D ):
The Pfsense team has worked hard on 2.2; I'm sure that took, and still takes, almost all of their time.
't Makes (pf)sense to me that other work gets delayed with relatively limited resources.
-
why it's not showing up on 2.1.5 or 2.2 :)
Maybe it could with a bit of unsupported fiddling with /etc/version :P
Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance :) ?
I appreciate that procedure, and I'm sure BB does too, as perhaps the pfSense team notices things BB overlooked (that happens: when you look too much at something, you develop a sort of 'blindness' for things. I'm sure BB looked alot at the code ;D . I suffer from the same: in the end, after looking at Excel sheets for 10 hours, you don't see anything anymore.)
-
@Mr.:
Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance :) ?
Pretty confident the package is working a whole LOT better compared to the old pfBlocker thing (which, ATM, is not really usable with 2.2 any more depending on which blocklists you happen to use, plus the rest of features - the country etc. blocklists - being desperately outdated and useless.)
-
I'm really looking forward to this new release! I love pfBlocker and these upgrades are exactly what are needed. I can hardly wait!
-
If you want to test pfBlockerNG on 2.2,
create this patch using systempatches package.
--- pkg-utils.orig.inc 2015-01-27 14:27:38.000000000 +0000 +++ pkg-utils.inc 2015-01-27 14:27:50.000000000 +0000 @@ -624,6 +624,7 @@ if (isset($pkg_info['maximum_version'])) $compatible = $compatible && (pfs_version_compare("", $version, $pkg_info['maximum_version']) <= 0); + $compatible = true; if (!$compatible) { log_error(sprintf(gettext('Package %s is not supported on this version.'), $pkg_info['name'])); $static_output .= sprintf(gettext("Package %s is not supported on this version."), $pkg_info['name']);
Note: Do not forget to click test and apply the patch after creating/saving it. ;)
then install package with your pfsense url
https://YOUR_PFSENSE_ADDRESS_HERE/pkg_mgr_install.php?id=pfBlockerNG
And of cource, DO AT YOUR OWN RISK :)
-
Your instructions are great, they're for dummies like me.
It's greatly appreciated! I'm going to try and hit the datacenter this weekend. I'm doing a fresh install and moving from 2.1.5 (32bit) to 2.2 (64bit). I'll try installing pfBlockerNG then.
Thank you!
-
is it compatible with 32bit version?
-
The package? Sure. The pkg-utils.inc patch? No idea, never tried.
-
i try install pfblockerng on 32bit pfsense with this patch and it failed.
-
Edit: They aren't built for 2.1.5. Only for 2.2
http://files.pfsense.org/packages/10/All/
pfblockerng-1.6.3_1-amd64.pbi 27-Nov-2014 13:15 2743546 pfblockerng-1.6.3_1-amd64.pbi.sha256 27-Nov-2014 13:15 65 pfblockerng-1.6.3_1-i386.pbi 27-Nov-2014 13:23 2909780 pfblockerng-1.6.3_1-i386.pbi.sha256 27-Nov-2014 13:23 65
i dont see anything in http://files.pfsense.org/packages/8/All/ for 2.1.5
-
ok, thx. this make sense to me.
-
I dont believe the pbi's are built for 32bit yet
They certainly are, see https://files.pfsense.org/packages/10/All/
Looking at the pkg-utils.inc file, you'd rather need $force_install = true; at proper place instead.
-
I dont believe the pbi's are built for 32bit yet
They certainly are, see https://files.pfsense.org/packages/10/All/
Looking at the pkg-utils.inc file, you'd rather need $force_install = true; at proper place instead.
I corrected my post… They are not created for 2.1.5
-
About time to upgrade. :P
-
than if is 32bit ready and i install on pfsense 2.2. release 32 bit i dont know why i cant install with posted patch.
-
Already posted a hint above. As said, never tested the patch, edit the version temporarily and move on.
-
i try install pfblockerng on 32bit pfsense with this patch and it failed.
Did you tested and applied the patch under systempatches? the screen I've sent show how to create the patch but you need to apply after saving.
Or edit file manually if you know how to handle with it.
-
aaa ,stupig me. i forgot apply patch…...... sorry. Now installed....
-
Uhm… censored
-
ye, ******* :)
-
I've updated the install steps to make it easier :)
-
Output of full patch apply test:
/usr/bin/patch –directory=/ -t -p1 -i /var/patches/54c7f4a39c5e8.patch --check --forward --ignore-whitespaceHmm... Looks like a unified diff to me...
The text leading up to this was:-- pkg-utils.orig.inc 2015-01-27 14:27:38.000000000 +0000
+++ pkg-utils.inc 2015-01-27 14:27:50.000000000 +0000 No file to patch. Skipping... Hunk #1 ignored at 624. 1 out of 1 hunks ignored while patching pkg-utils.inc done Close Is the patch info I got when I tried to use your patch. I am running 64 bit release 2.2
-
-p1 is obviously wrong with –directory=/
Kindly use the System Patches package and see the screenshot above. If you cannot handle that, you probably should avoid doing similar changes in the first place.
-
I did use SYSTEM patches and pasted that in the code window and hit Test patch and this is the result I got
-
Go back to the screenshot. Really.
-
I found the problem it was the screenshot I did I typo in my directory area
Thank you and sorry for the posts regarding this
-
Is there a suggested base directory for the patch mentioned earlier?
I'm pretty new and trying my best, but I can't figure this part out. I looked at the screen shots and it shows /etc/inc, yet I cannot progress to the next step of the instructions (install…).
Thank you in advance for your time, I appreciate your comments.
-
It's /etc/inc/ dir just like the screenshot shows.
Save the patch then click on test (see what it returns) then apply it.
-
Thank you for your reply, Marc :) With some help, it is now up and going.
I'm going to go into the corner now and hang my head in shame lol.
-
This is working great great!
Thank you BBcan!
Thanks marcelloc and doktornotor for showing how to get this downloaded and installed.
-
Someone should make a page on how to use this on
https://doc.pfsense.org/index.php/PfblockerNG
I got it running just trying to get the lists I put in to block like the old did. Still more testing on it.
-
I think the first steps is for this package to become an Official pfSense package.. before anything else
Its use at your own risk. I'll help out with support/tips once its official but until then, I can't. I don't want to be responsible if my advice breaks your box. It is pretty easy to use, just read the pages ;-) Everything you need to know if there
-
@marcelloc - Thanks a million for the steps to install pfBlockerNG. I was just a tad disappointed to see that the installed version doesn't have the DNSBL tabs. Is there any way to get the version that's referenced in this post?
Thanks,
MediocreFred. -
It's not merged yet and still in the testing phase