Pfblocker – list only contains a single IP 1.1.1.1
-
Hi,
I just started playing with pfblocker a couple of days ago. For testing I setup an alias with IPv4 and IPv6 blocks for the "Oceania" continent. After a day or two, I found that the IPv4 block had emptied out and only had one IP address in it : 1.1.1.1
This caused undesirable behaviour in the firewall.
Usually if I force a reload the Alias becomes populated with blocks and works as you'd expect it to, but seems to come back after a few hours/ day or so at the most.
Is this due to something I'm doing wrong?
Edit: Thought I'd mention that I have enabled de-duplication for IPv4 lists. I'm going to disable this now and see if it has any bearing on the error.
Any help appreciated.
-
Hi breakaway,
Are you sure that you only have the Oceania list and no other Lists configured? I have seen where someone has selected a Country from the Top20 tab and also selected the same Country in a Continent Tab and that can cause this scenario.
"1.1.1.1" is an empty place holder so that the Alias is never empty when the de-duplication process determines that there are duplicates.
-
Ok I tested this scenario in a test VM and it is a bug. After a couple updates with a single Country Alias and no other Blocklists defined and with de-duplication enabled the outcome is as you have described.
Please leave de-duplication disabled until you add other Lists. Typically de-duplication is only needed for other types of Blocklists. MaxMind is the source of the Country lists and there will not be any duplication in those lists (except if you duplicate a Country in Top20). Thanks for pointing this out and I will push a fix as time permits.
Thanks!
-
Hi BBCan177 – thanks for that, I did have two lists enabled, Top20 and Oceania but as far as I can remember Oceania is not part of Top20.
I'll leave dedupe switched off for now, doesn't look like there is any benefit for having it enabled in my environment.