3. [SOLVED] pfBlockerNG alerts don't display

[SOLVED] pfBlockerNG alerts don't display

  • F

    Hi there,
    first, as newbee in this forum, let me say thank you and bravo for PFSense.
    New here but not with Pfsense, I use it since about 2 years. I post here for a strange behavior with pfBlockerNG. In fact, I'm not sure that it's really this package the problem, but it occurs with it.
    On a 2.2.1 amd64 PFSense, installed as cluster, I've yesterday installed pfBlockerNG. No problem to make it work, but when I wanted to see the alerts, the GUI display a blank page, then on home page warned for a crash : PHP fatal error caused by memory_limit in /etc/inc/util.inc.
    I increased the memory with the ini_set command, but it always complained about memory, even with 512M RAM ! So I started to debug.
    I found that the problem came from this function in util.inc : function subnetv4_expand($subnet)
    and especially this loop :
            for ($i = 0; $i < $size; $i += 1) {
                  $result[] = long2ip($net | $i);
            }

    Strangelly, it fills memory, but (I'm not developper stop me if I'm wrong) the $result variable should be overwritted at each loop and return only the last result, isn't it ?
    So I simply commented the loop and replace it just by :
      $result[] = long2ip($net);

    and all begun to work !

    The IPs are CARP VIP, one on LAN at 10.0.0.254/8, and others WAN on /32 public adresses. 1G RAM actually used at 40%.
    I've also installed the package on another PFsense, same version, a cluster master too, with CARP VIPs, 1G RAM, but can't reproduced the problem. I don't see what is different on this PFSense.

    So finally my question :)
    I'm pretty sure that this util.inc isn't part of the package pfBockerNG. During my tests, I found that it is used by others parts of PFSense. And I don't understand what the hell this loop is doing ??? And, if the modification can break something else ?

    Thanks !

    0
  • Moderator

    Hi fsoyer,

    I have an update the Alerts tab that doesn't call this function and instead uses the following function below as its more practical then trying to expand such a large cidr. I have just been busy working on v2.0 of pfBlockerNG with DNSBL that I haven't pushed some of these changes into the release. Hope to get a pull request submitted soon.

    ip_in_subnet($subnet, $line)

    0
  • F

    Fine ! Hope that this update will be release soon, but for the moment it seems to works like that. Happy to hear about DNSBL too ! Thanks.
    Just fo my understanding, if you have time to describe what this loop should do ?

    0
  • F

    Well. The patch you sent to me works fine.
    Thank a lot.

    0
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy