• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[pfBlockerNG] How to sync IPv4 FilterLists between CARP-Boxes

Scheduled Pinned Locked Moved pfBlockerNG
6 Posts 3 Posters 3.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    badger
    last edited by Sep 2, 2015, 7:23 AM

    Hi there, I'm trying to get two pfSense-boxes with CARP to sync pfblocker settings. The master node was configured and under the sync tabs "sync to configured system backup server" was chosen. But it does not seem to work properly. Contries I highlighted on the master box do not appear on the backup node. Also manually provided IPv4-Filter-list won't appear on the other side.

    What I actually can see on the second node are the firewall rules which pfblocker creates.
    How is this supposed to work. Should those highlighted countries and the IP-filter-lists even appear on the backup node? or do you even need to also set them up there?

    Thank you very much =)

    1 Reply Last reply Reply Quote 0
    • B
      BBcan177 Moderator
      last edited by Sep 3, 2015, 12:14 AM

      Hi badger,

      Try to use the option "Sync to host(s) defined below" instead of "sync to configured backup server".
      Then add the host at the bottom of the Sync tab.

      If you use the "Backup server option" you will need to configure the settings in Carp settings for that to function. I have never personally used this option…

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      1 Reply Last reply Reply Quote 0
      • J
        jmcentire
        last edited by Sep 9, 2015, 10:28 PM

        I'm also unable to get pfblockerng sync to work.  I have the "Sync to host(s) defined below" selected and the correct IPs and passwords setup for two different hosts.

        In the general logs of the "master" I get the following:
        "[pfBlockerNG] XMLRPC sync successfully completed with…"(host a)
        "[pfBlockerNG] XMLRPC communications error occurred while attempting sync with…"(host b)

        In Host A's general log I see:
        "[pfBlockerNG] Sync terminated during boot process."

        I can't find anything in Host B's logs relating to pfBlockerNG or blocked packets.  Sync does not work for either host, however I also have Snort setup on the master and it successfully syncs to Host a and b with no problem at all.  The master also does CARP sync to Host a and that is working without issue as well.  Any ideas on what's happening here?

        1 Reply Last reply Reply Quote 0
        • B
          BBcan177 Moderator
          last edited by Sep 9, 2015, 11:47 PM

          Are you using  "Admin" as the Sync Username?
          Do you have any "non-standard" characters in the Sync Password?

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          • J
            jmcentire
            last edited by Sep 10, 2015, 4:37 PM

            I am using the default admin username, and yes my password has special chars(as it should).  On host a I was seeing invalid login attempts so I had already removed the sanitation function from the pfblocker file, I'm not seeing the invalid login attempts anymore.  Just what I posted above.

            1 Reply Last reply Reply Quote 0
            • J
              jmcentire
              last edited by Sep 10, 2015, 4:52 PM

              Well, I'm not sure what happened, I added a 3rd host to see if I could get that one to work and immediately after doing that, all 3 hosts sync'd successfully.

              1 Reply Last reply Reply Quote 0
              5 out of 6
              • First post
                5/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received