Pfblocker issue
-
I am not sure if this is the wrong forum, if it is I am sorry in advanced.
pfblocker, is setup and has some countries blocked, is also working…...... maybe.
Every Time or most times I log in, the widget shows that pfblocker is running, but there are no country block list showing up. If I force a reload, they are all back there again, so naturally I am wondering if they are actually doing anything, if they are working, if they are loaded or if it is just a bug with the widget.
Has anyone seen this? have advise?
Many thanks.
-
Hi deanot,
Its not normal at all… Does anything strange show in the pfblockerng.log? Do you only have continent/country blocking and no other block lists?
What did you select as the "List action" for these Aliases?
When this happens again, goto the Firewall Tab, and hover-over any of the pfB_ rules and it should popup a table with the IPs that are referenced in the table...
Also try to run the following command from the shell when its acting this way to see if the tables are still active in pf..
pfctl -vvsTables
-
Hi, thanks for the reply…
Nothing weird is in the log but it saving a configuration... that is it.
Continent and Country are the only blocks as of now, I blocked China, Russia and North Korea as of now.
List action for all of the above is to Deny Both.
Going into the firewall, I did not see anything under floating. When I just forced a refresh, the Widget started working and now the rules are under the floating tab within firewall. Hovering over the rules gives me all the blocked IP addresses.
I will need to wait for it to do it again, to run the command. With the rules missing from the floating tab, I am pretty sure they are not working.
It seems to run fine, at a guess it happens when CRON runs. I have not changed really anything, from install I just choose the countries and let it do it's thing.
Kinda weird don't you think?
-
I was watching the log within PFBLOCKERNG, the CRON ran at 7:00am my time with these results…
UPDATE PROCESS ENDED [ 05/24/15 6:46:50 ]
CRON PROCESS START [ 05/24/15 7:00:00 ]No Updates required.
CRON PROCESS ENDED
UPDATE PROCESS ENDEDThe rules were still in place and working at this time.
-
Resolved, turns out there was an IP conflict which was shutting it down…