Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] pfBlockerNG alerts don't display

    pfSense Packages
    2
    4
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fsoyer
      last edited by

      Hi there,
      first, as newbee in this forum, let me say thank you and bravo for PFSense.
      New here but not with Pfsense, I use it since about 2 years. I post here for a strange behavior with pfBlockerNG. In fact, I'm not sure that it's really this package the problem, but it occurs with it.
      On a 2.2.1 amd64 PFSense, installed as cluster, I've yesterday installed pfBlockerNG. No problem to make it work, but when I wanted to see the alerts, the GUI display a blank page, then on home page warned for a crash : PHP fatal error caused by memory_limit in /etc/inc/util.inc.
      I increased the memory with the ini_set command, but it always complained about memory, even with 512M RAM ! So I started to debug.
      I found that the problem came from this function in util.inc : function subnetv4_expand($subnet)
      and especially this loop :
              for ($i = 0; $i < $size; $i += 1) {
                    $result[] = long2ip($net | $i);
              }

      Strangelly, it fills memory, but (I'm not developper stop me if I'm wrong) the $result variable should be overwritted at each loop and return only the last result, isn't it ?
      So I simply commented the loop and replace it just by :
        $result[] = long2ip($net);

      and all begun to work !

      The IPs are CARP VIP, one on LAN at 10.0.0.254/8, and others WAN on /32 public adresses. 1G RAM actually used at 40%.
      I've also installed the package on another PFsense, same version, a cluster master too, with CARP VIPs, 1G RAM, but can't reproduced the problem. I don't see what is different on this PFSense.

      So finally my question :)
      I'm pretty sure that this util.inc isn't part of the package pfBockerNG. During my tests, I found that it is used by others parts of PFSense. And I don't understand what the hell this loop is doing ??? And, if the modification can break something else ?

      Thanks !

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Hi fsoyer,

        I have an update the Alerts tab that doesn't call this function and instead uses the following function below as its more practical then trying to expand such a large cidr. I have just been busy working on v2.0 of pfBlockerNG with DNSBL that I haven't pushed some of these changes into the release. Hope to get a pull request submitted soon.

        ip_in_subnet($subnet, $line)

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • F
          fsoyer
          last edited by

          Fine ! Hope that this update will be release soon, but for the moment it seems to works like that. Happy to hear about DNSBL too ! Thanks.
          Just fo my understanding, if you have time to describe what this loop should do ?

          1 Reply Last reply Reply Quote 0
          • F
            fsoyer
            last edited by

            Well. The patch you sent to me works fine.
            Thank a lot.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.