PfBlocker local files [solved]

gerry · Mar 23, 2015, 8:39 PM

I have an IPV4 alias setup named MyBlackList
it includes 1 local txt file

problem #1
After any changes to the txt file I do a Force Update &/or a Force Reload - but neither of these seems to have any effect, I have to delete all files from
/var/db/aliastables
/var/db/pfblockerng/deny
/var/db/pfblockerng/permit
/var/db/pfblockerng/original
before Force Update or Force Reload actually do anything.

problem #2
blocked ips are still getting through and I noticed that when I look at the files under /var/db/… that correspond to MyBlackList, some changes have been made to the ip lists, specifically :
ALL /8s have been completely removed
ie. 2.0.0.0/8
all ranges have been removed - or at least the start ips are removed leaving just the end ip
ie. 2.0.0.0-2.255.255.255 becomes 2.255.255.255

Any input on these issues would be greatly appreciated.

BBcan177 · Mar 22, 2015, 1:56 AM

Hi gerry,

"Force update" will only download files that have not been previously downloaded.

"Force Cron" will re-download the file if it's within the "Frequency" setting.

If you want to re-download a file prior to the scheduled Frequency setting, goto the Log Browser Tab and select "deny" (if this file is set as "deny") and select this particular list. Select the "Delete" icon. Follow that with a "Force update" to get the new file changes.

I believe that you are entering "Range" format in your local file. You can only use IP CIDR format. The details are indicated in the Alias Tab outlining the correct format.

gerry · Mar 22, 2015, 2:21 AM

Thanks for the reply,

So then Force really doesn't force much of anything
The log delete seems to do the trick - very unintuitive - basically the same thing I was doing manually

Straight from the alias tab :

'Note' - Downloaded or pfsense local file must have only one network per line and follows the syntax below:
Network ranges: 172.16.1.0-172.16.1.255
IP Address: 172.16.1.10
CIDR: 172.16.1.0/24

So I should be able to use all 3 formats correct ?
Really stumped as to why 3.0.0.0/24 is ok but 3.0.0.0/8 is not.

BBcan177 · Mar 22, 2015, 2:35 AM

Read the notes in the "Update Tab" for the Button definitions.

The text you indicated is for the "custom box" section.

For a localfile, you selected "txt" format and that has to be formatted as CIDR format. If you wish to use Range format make the localfile a "GZ" archive and select "GZ". The details are indicated below the URL section in the Alias Tabs.

BBcan177 · Mar 22, 2015, 4:31 AM

@gerry:

'Note' - Downloaded or pfsense local file must have only one network per line and follows the syntax below:
Network ranges: 172.16.1.0-172.16.1.255
IP Address: 172.16.1.10
CIDR: 172.16.1.0/24

Hi gerry,

I just got back to my desk and yes you should be able to use those three formats, but I see why it didn't pickup the /8 cidr…

Please edit your /usr/local/pkg/pfblockerng/pfblockerng.inc file and edit line 1199: ( ~~Changed {2} to {1-2} at the end of the line~~)

$pfb['cidr']	= '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)?\/[0-9]{2}/';

to


$pfb['cidr']	= '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)?\/([0-9]{2}|[0-9]{1})/';

I will put this fix into the next PR.

EDIT - I made a change to Regex - Changed [0-9]{2} to ([0-9]{2}|[0-9]{1})
Please let me know if this solves your issue. Thanks!

gerry · Mar 23, 2015, 1:32 PM

Many thanks

the change resolved the /8 issue

however ranges are still being mangled
5.2.0.0-5.3.255.255
gets transformed into
5.3.255.255

BBcan177 · Mar 23, 2015, 7:41 PM

Hi Gerry, I sent you a fix via PM, please let me know if that solves your issues and if so, I will submit that in my next Pull Request.

gerry · Mar 23, 2015, 8:34 PM

Hi BB

I replied to your pm - not sure if it was actually sent though as I can't find any trace of it.

the patch looks good - I will have to check through the generated cidrs to verify that they cover the range - will let you know if any don't

thanks again for all your help

iyad · May 14, 2018, 11:04 AM

First thanks a lot for this package

Please i got this message and i can't find the issue

===[ IPv4 Process ]=================================================

[ forbid ] Downloading update .. completed ..
Empty file, Adding '1.1.1.1' to avoid download failure.
grep: /var/db/pfblockerng/original/forbid.orig: No such file or directory
–----------------------------
Original Master Final
------------------------------
1 1 [ Pass ]
–---------------------------------------------------------------

[ Badsites_custom ] Downloading update [ 05/14/18 12:52:00 ]connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
connect: No route to host
. completed ..
[ pfB_Badsites Badsites_custom ] Custom List Error ]

Any sollution for that please

BBcan177 · May 15, 2018, 3:09 AM

@iyad:

Please i got this message and i can't find the issue

===[ IPv4 Process ]=================================================

[ forbid ] Downloading update .. completed ..
Empty file, Adding '1.1.1.1' to avoid download failure.

[ Badsites_custom ] Downloading update [ 05/14/18 12:52:00 ]connect: No route to host
connect: No route to host
connect: No route to host

. completed ..
[ pfB_Badsites Badsites_custom ] Custom List Error ]

In the IPv4/6 tab, click on the blue infoblock icons and you will see the correct format for adding URLs. It looks like the pfSense box can't connect to the URL you entered:

Local file:    http(s)://127.0.0.1/filename  or  /var/db/pfblockerng/filename

For the customlist, you need to enter one IP per line (also click on blue infoblock icon for details)