Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Locked

Pages: [1]
Firstly pfBlockerNG is very powerful and I wish to commend the developer for his work. I don't see how one person is able to manage development and maintenance of such a package for free ...

I just had an issue where I added North America IPv4 selections from GeoIP and the update process completed successfully.  Moments later a screen notification flashed on the WEBGui indicating bad characters in the NAmerica filter set. Then I looked at the rules tables for all interfaces and they had vanished.

Unfortunately I did not pay enough attention at the time to message, and can't find the log file it would reside in under /var/log on pfSense

So my questions are how are we validating downloaded data sets for integrity ?  Would a form of sand boxing be beneficial ? 

Does MaxMind provide a checksum file for downloads so a developer could easily run hashes on the downloads as an initial integrity check. 

Is there a undiscovered bug in the update filter command ?  Is it possible to turn on verbose logging for the filter update and log it somewhere ?

Is there a command available to the filter update utility which globally deletes all rules ?

Thanks in Advance

Installation and Upgrades / All pass rules appear disabled
« on: March 03, 2018, 12:53:37 pm »
I am running into a situation where pass rules on every LAN interface become invisible to traffic and the only effective rule is the final one, which is a block. I am several weeks into this issue and have run out of ideas ....

Initially I could resolve this by removing PFBlockerNG. Eventually I stopped using PFBlocker .... But today with PFBlockerNG being not installed it happened again while I was reading my email (

Until today I could resolve the problem by performing a factory reset and then restoring my previous configuration, except for today. That has not worked. And WAN traffic is not passing either for unbound, for the first time as well

I have a Netgate SG2440 and now also a Netgate C2758 - same problem doesn't matter what machine.

I have been using PFSense on Netgate hardware since January of 2016 - Never needed to ask for help till now.

Posting this without firewall protection - which I desperately need.

One wrinkle I am concerned about is this - I sent in a USB stick of mine to Sentinel One and they documented a significant threat on it. So I don't think it's unreasonable to believe this is not a failure of PFSense or Netgate but a real exploit in the software.

How do I reload from the command line, all the operating system files on the device ?

Pages: [1]