PfBlocker local files [solved]



  • I have an IPV4 alias setup named MyBlackList
    it includes 1 local txt file

    problem #1
    After any changes to the txt file I do a Force Update &/or a Force Reload - but neither of these seems to have any effect, I have to delete all files from
      /var/db/aliastables
      /var/db/pfblockerng/deny
      /var/db/pfblockerng/permit
      /var/db/pfblockerng/original
    before Force Update or Force Reload actually do anything.

    problem #2
    blocked ips are still getting through and I noticed that when I look at the files under /var/db/… that correspond to MyBlackList, some changes have been made to the ip lists, specifically :
      ALL /8s have been completely removed
          ie. 2.0.0.0/8
      all ranges have been removed - or at least the start ips are removed leaving just the end ip
          ie. 2.0.0.0-2.255.255.255 becomes 2.255.255.255

    Any input on these issues would be greatly appreciated.


  • Moderator

    Hi gerry,

    "Force update" will only download files that have not been previously downloaded.

    "Force Cron" will re-download the file if it's within the "Frequency" setting.

    If you want to re-download a file prior to the scheduled Frequency setting, goto the Log Browser Tab and select "deny" (if this file is set as "deny") and select this particular list. Select the "Delete" icon. Follow that with a "Force update" to get the new file changes.

    I believe that you are entering "Range" format in your local file. You can only use IP CIDR format. The details are indicated in the Alias Tab outlining the correct format.



  • Thanks for the reply,

    So then Force really doesn't force much of anything
    The log delete seems to do the trick - very unintuitive - basically the same thing I was doing manually

    Straight from the alias tab :

    'Note' - Downloaded or pfsense local file must have only one network per line and follows the syntax below:
    Network ranges: 172.16.1.0-172.16.1.255
    IP Address: 172.16.1.10
    CIDR: 172.16.1.0/24

    So I should be able to use all 3 formats correct ?
    Really stumped as to why 3.0.0.0/24 is ok but 3.0.0.0/8 is not.


  • Moderator

    Read the notes in the "Update Tab" for the Button definitions.

    The text you indicated is for the "custom box" section.

    For a localfile, you selected "txt" format and that has to be formatted as CIDR format. If you wish to use Range format make the localfile a "GZ" archive and select "GZ". The details are indicated below the URL section in the Alias Tabs.


  • Moderator

    @gerry:

    'Note' - Downloaded or pfsense local file must have only one network per line and follows the syntax below:
    Network ranges: 172.16.1.0-172.16.1.255
    IP Address: 172.16.1.10
    CIDR: 172.16.1.0/24

    Hi gerry,

    I just got back to my desk and yes you should be able to use those three formats, but I see why it didn't pickup the /8 cidr…

    Please edit your  /usr/local/pkg/pfblockerng/pfblockerng.inc   file and edit line 1199:  ( Changed {2} to {1-2} at the end of the line)

    $pfb['cidr']	= '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)?\/[0-9]{2}/';
    

    to

    
    $pfb['cidr']	= '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)?\/([0-9]{2}|[0-9]{1})/';
    

    I will put this fix into the next PR.

    EDIT - I made a change to Regex  -  Changed  [0-9]{2}    to  ([0-9]{2}|[0-9]{1})
              Please let me know if this solves your issue.  Thanks!



  • Many thanks

    the change resolved the /8 issue

    however ranges are still being mangled
    5.2.0.0-5.3.255.255
    gets transformed into
    5.3.255.255


  • Moderator

    Hi Gerry, I sent you a fix via PM, please let me know if that solves your issues and if so, I will submit that in my next Pull Request.



  • Hi BB

    I replied to your pm - not sure if it was actually sent though as I can't find any trace of it.

    the patch looks good - I will have to check through the generated cidrs to verify that they cover the range - will let you know if any don't

    thanks again for all your help



  • First thanks a lot for this package

    Please i got this message and i can't find the issue

    ===[  IPv4 Process  ]=================================================

    [ forbid ] Downloading update  .. completed ..
      Empty file, Adding '1.1.1.1' to avoid download failure.
    grep: /var/db/pfblockerng/original/forbid.orig: No such file or directory
      –----------------------------
      Original Master    Final   
      ------------------------------
              1          1          [ Pass ]
      –---------------------------------------------------------------

    [ Badsites_custom ] Downloading update [ 05/14/18 12:52:00 ]connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    connect: No route to host
    . completed ..
    [ pfB_Badsites Badsites_custom ] Custom List Error ]

    Any sollution for that please


  • Moderator

    @iyad:

    Please i got this message and i can't find the issue

    ===[  IPv4 Process  ]=================================================

    [ forbid ] Downloading update  .. completed ..
      Empty file, Adding '1.1.1.1' to avoid download failure.

    [ Badsites_custom ] Downloading update [ 05/14/18 12:52:00 ]connect: No route to host
    connect: No route to host
    connect: No route to host

    . completed ..
    [ pfB_Badsites Badsites_custom ] Custom List Error ]

    In the IPv4/6 tab, click on the blue infoblock icons and you will see the correct format for adding URLs. It looks like the pfSense box can't connect to the URL you entered:

    Local file:    http(s)://127.0.0.1/filename  or  /var/db/pfblockerng/filename
    

    For the customlist, you need to enter one IP per line (also click on blue infoblock icon for details)