Netgate SG-1000 microFirewall

Author Topic: pfBlocker Problems  (Read 312 times)

0 Members and 1 Guest are viewing this topic.

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
pfBlocker Problems
« on: December 05, 2017, 05:47:07 pm »
Ipv4 seems to be working blocking fine but DNSBL nothing will work, Am I missing something?

DNS resolver is enabled.
is there any other settings ive missed was working before I upgraded my hardrive and clean installed.

Thanks

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #1 on: December 05, 2017, 05:56:09 pm »
What about pfblockerNG logs?
Did you do a Force Update, a Force Reload All ?
2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #2 on: December 05, 2017, 05:57:10 pm »
Yes to both and there is nothing in the log I posted a screenshot of it.

Cheers

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #3 on: December 05, 2017, 05:59:28 pm »
pfblockerng.log
Code: [Select]
**Saving configuration ...

  Removing DB Files/Folders

**Saving configuration [ 12/05/17 23:13:38 ] ...

  Removing DB Files/Folders

**Saving configuration [ 12/05/17 23:14:24 ] ...

**Saving configuration [ 12/05/17 23:16:57 ] ...

**Saving configuration [ 12/05/17 23:17:08 ] ...

Saving new DNSBL web server configuration to port [ 8081 and 8443 ]
Saving pfSense config...
VIP address configured. Widget Packet statistics reset.

New DNSBL cert createdRestarting Service DNSBL...

**Saving configuration [ 12/05/17 23:17:37 ] ...

**Saving configuration [ 12/05/17 23:18:37 ] ...

**Saving configuration [ 12/05/17 23:19:33 ] ...
 UPDATE PROCESS START [ 12/05/17 23:19:38 ]

===[  DNSBL Process  ]================================================
Missing DNSBL stats and/or Unbound DNSBL conf file - Rebuilding

[ malwaredomainlist ] Downloading update .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  1146     1146       0          0          0          1146                 
  ----------------------------------------------------------------------

[ malwaredomains ] Downloading update [ 12/05/17 23:19:41 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  14906    14906      16         0          0          14890               
  ----------------------------------------------------------------------

[ bambenek ] Downloading update [ 12/05/17 23:19:46 ] .. 200 OK..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  889400   872175     186        0          0          871989               
  ----------------------------------------------------------------------

[ Yoyo ] Downloading update [ 12/05/17 23:20:38 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  2497     2497       0          0          0          2497                 
  ----------------------------------------------------------------------

[ Adaway ] Downloading update [ 12/05/17 23:20:45 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  409      409        4          0          0          405                 
  ----------------------------------------------------------------------

[ Winhelp ] Downloading update [ 12/05/17 23:20:53 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  13017    13017      542        0          0          12475               
  ----------------------------------------------------------------------

  DNSBL: Flush DNSBL_IP
------------------------------------------
Assembling database...
Adding Unbound Server:Include line... completed
Validating database... Skipped [ 12/05/17 23:21:05 ]
Reloading Unbound.... completed
DNSBL update [ 903402 | PASSED  ]... completed [ 12/05/17 23:21:20 ]
------------------------------------------
DNSBL - Adding Unbound custom 'include' option


===[  Continent Process  ]============================================


===[  IPv4 Process  ]=================================================

[ CIArmy ] Downloading update .. 200 OK. completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  15000    15000      15000       [ Pass ]
  -----------------------------------------------------------------

[ ZeuS ] Downloading update [ 12/05/17 23:21:22 ] .. 200 OK
  Remote timestamp missing . completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  119      119        119         [ Pass ]
  -----------------------------------------------------------------

[ DShield ] Downloading update [ 12/05/17 23:21:23 ] .. 200 OK. completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  21       40         40          [ Pass ]
  -----------------------------------------------------------------

[ ETCompromised ] Downloading update [ 12/05/17 23:21:25 ] .. 200 OK. completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  1583     1512       1512        [ Pass ]
  -----------------------------------------------------------------

[ ETDshield ] Downloading update [ 12/05/17 23:21:28 ] .. 200 OK. completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  2104     1975       1975        [ Pass ]
  -----------------------------------------------------------------

[ Tor ] Downloading update [ 12/05/17 23:21:29 ] .. 403 Forbidden

 [ pfB_Blacklists - Tor ] Download FAIL
  Firewall and/or IDS are not blocking download.

The Following list has been REMOVED [ Tor ]

===[  Aliastables / Rules  ]================================

Firewall rule changes found, applying Filter Reload

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 18827 ]

   [ Final IP Count  ]  [ 18646 ]


===[ Deny List IP Counts ]===========================

   18646 total
   15000 /var/db/pfblockerng/deny/CIArmy.txt
    1975 /var/db/pfblockerng/deny/ETDshield.txt
    1512 /var/db/pfblockerng/deny/ETCompromised.txt
     119 /var/db/pfblockerng/deny/ZeuS.txt
      40 /var/db/pfblockerng/deny/DShield.txt

===[ DNSBL Domain/IP Counts ] ===================================

  903402 total
  871989 /var/db/pfblockerng/dnsbl/bambenek.txt
   14890 /var/db/pfblockerng/dnsbl/malwaredomains.txt
   12475 /var/db/pfblockerng/dnsbl/Winhelp.txt
    2497 /var/db/pfblockerng/dnsbl/Yoyo.txt
    1146 /var/db/pfblockerng/dnsbl/malwaredomainlist.txt
     405 /var/db/pfblockerng/dnsbl/Adaway.txt

====================[ Last Updated List Summary ]==============

Dec 5 05:30 ETDshield
Dec 5 05:31 ETCompromised
Dec 5 22:25 CIArmy
Dec 5 23:15 DShield
Dec 5 23:21 ZeuS
===============================================================

Database Sanity check [  PASSED  ]
------------------------
Masterfile/Deny folder uniq check
Deny folder/Masterfile uniq check

Sync check (Pass=No IPs reported)
----------

IPv4 alias tables IP count
-----------------------------
18647

IPv6 alias tables IP count
-----------------------------
0

Alias table IP Counts
-----------------------------
   18647 total
   18646 /var/db/aliastables/pfB_Blacklists.txt
       1 /var/db/aliastables/pfB_DNSBLIP.txt

pfSense Table Stats
-------------------
table-entries hard limit  2000000
Table Usage Count         96244

 UPDATE PROCESS ENDED [ 12/05/17 23:21:30 ]

**Saving configuration [ 12/05/17 23:28:58 ] ...
Restarting Service DNSBL...

**Saving configuration [ 12/05/17 23:34:57 ] ...
 CRON  PROCESS  START [ 12/05/17 23:35:08 ]
[ CIArmy ]
  Remote timestamp: Tue, 05 Dec 2017 23:25:01 GMT
  Local  timestamp: Tue, 05 Dec 2017 22:25:01 GMT Update found
[ ZeuS ]
( No remote timestamp/md5 unchanged ) Update not required
[ DShield ]
  Remote timestamp: Tue, 05 Dec 2017 23:30:04 GMT
  Local  timestamp: Tue, 05 Dec 2017 23:15:39 GMT Update found
[ ETCompromised ]
  Remote timestamp: Tue, 05 Dec 2017 05:31:22 GMT
  Local  timestamp: Tue, 05 Dec 2017 05:31:22 GMT Update not required
[ ETDshield ]
  Remote timestamp: Tue, 05 Dec 2017 05:30:03 GMT
  Local  timestamp: Tue, 05 Dec 2017 05:30:03 GMT Update not required
[ Tor ]
Update found
[ malwaredomainlist ]
  Remote timestamp: Mon, 04 Dec 2017 19:18:42 GMT
  Local  timestamp: Mon, 04 Dec 2017 19:18:42 GMT Update not required
[ malwaredomains ]
  Remote timestamp: Fri, 01 Dec 2017 22:49:37 GMT
  Local  timestamp: Fri, 01 Dec 2017 22:49:37 GMT Update not required
[ bambenek ]
  Remote timestamp: Tue, 05 Dec 2017 00:15:16 GMT
  Local  timestamp: Tue, 05 Dec 2017 00:15:16 GMT Update not required
[ Yoyo ]
  Remote timestamp: Mon, 04 Dec 2017 16:43:31 GMT
  Local  timestamp: Mon, 04 Dec 2017 16:43:31 GMT Update not required
[ Adaway ]
  Remote timestamp: Sun, 17 Sep 2017 03:35:29 GMT
  Local  timestamp: Sun, 17 Sep 2017 03:35:29 GMT Update not required
[ Winhelp ]
  Remote timestamp: Thu, 30 Nov 2017 19:30:44 GMT
  Local  timestamp: Thu, 30 Nov 2017 19:30:44 GMT Update not required
 UPDATE PROCESS START [ 12/05/17 23:35:14 ]

===[  DNSBL Process  ]================================================

[ malwaredomainlist ] exists.
[ malwaredomains ] exists.
[ bambenek ] exists.
[ Yoyo ] exists.
[ Adaway ] exists.
[ Winhelp ] exists.
  DNSBL: Flush DNSBL_IP

===[  Continent Process  ]============================================


===[  IPv4 Process  ]=================================================

[ CIArmy ] Downloading update .. 200 OK. completed ..

[ ZeuS ] exists. [ 12/05/17 23:35:17 ]
[ DShield ] Downloading update .. 200 OK. completed ..

[ ETCompromised ] exists. [ 12/05/17 23:35:18 ]
[ ETDshield ] exists.
[ Tor ] Downloading update .. 200 OK
  Remote timestamp missing . completed ..


===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload

 Updating: pfB_Blacklists
12900 addresses added.6488 addresses deleted.

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 25273 ]

===[ Deny List IP Counts ]===========================

   25093 total
   15000 /var/db/pfblockerng/deny/CIArmy.txt
    6447 /var/db/pfblockerng/deny/Tor.txt
    1975 /var/db/pfblockerng/deny/ETDshield.txt
    1512 /var/db/pfblockerng/deny/ETCompromised.txt
     119 /var/db/pfblockerng/deny/ZeuS.txt
      40 /var/db/pfblockerng/deny/DShield.txt

===[ DNSBL Domain/IP Counts ] ===================================

  903402 total
  871989 /var/db/pfblockerng/dnsbl/bambenek.txt
   14890 /var/db/pfblockerng/dnsbl/malwaredomains.txt
   12475 /var/db/pfblockerng/dnsbl/Winhelp.txt
    2497 /var/db/pfblockerng/dnsbl/Yoyo.txt
    1146 /var/db/pfblockerng/dnsbl/malwaredomainlist.txt
     405 /var/db/pfblockerng/dnsbl/Adaway.txt

====================[ Last Updated List Summary ]==============

Dec 5 05:30 ETDshield
Dec 5 05:31 ETCompromised
Dec 5 23:21 ZeuS
Dec 5 23:25 CIArmy
Dec 5 23:30 DShield
Dec 5 23:35 Tor

IPv4 alias tables IP count
-----------------------------
25094

IPv6 alias tables IP count
-----------------------------
0

Alias table IP Counts
-----------------------------
   25094 total
   25093 /var/db/aliastables/pfB_Blacklists.txt
       1 /var/db/aliastables/pfB_DNSBLIP.txt

pfSense Table Stats
-------------------
table-entries hard limit  2000000
Table Usage Count         121303

 UPDATE PROCESS ENDED [ 12/05/17 23:35:19 ]

**Saving configuration [ 12/05/17 23:49:42 ] ...
 UPDATE PROCESS START [ 12/05/17 23:49:49 ]

===[  DNSBL Process  ]================================================

[ malwaredomainlist ] Reload . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  1146     1146       0          0          0          1146                 
  ----------------------------------------------------------------------

[ malwaredomains ] Reload . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  14906    14906      16         0          0          14890               
  ----------------------------------------------------------------------

[ bambenek ] Reload [ 12/05/17 23:49:50 ] . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  889400   872175     186        0          0          871989               
  ----------------------------------------------------------------------

[ Yoyo ] Reload [ 12/05/17 23:50:38 ] . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  2497     2497       0          0          0          2497                 
  ----------------------------------------------------------------------

[ Adaway ] Reload [ 12/05/17 23:50:40 ] . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  409      409        4          0          0          405                 
  ----------------------------------------------------------------------

[ Winhelp ] Reload [ 12/05/17 23:50:43 ] . completed ..
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  13017    13017      542        0          0          12475               
  ----------------------------------------------------------------------

[ Youtube ] Downloading update [ 12/05/17 23:50:45 ] .. 200 OK.
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # Alexa    Final               
  ----------------------------------------------------------------------
  1754     1549       19         0          0          1530                 
  ----------------------------------------------------------------------

  DNSBL: Flush DNSBL_IP
------------------------------------------
Assembling database... completed
Validating database... Skipped [ 12/05/17 23:51:06 ]
Reloading Unbound.... completed
DNSBL update [ 904932 | PASSED  ]... completed [ 12/05/17 23:51:21 ]
------------------------------------------

===[  Continent Process  ]============================================


===[  IPv4 Process  ]=================================================

[ CIArmy ] Reload . completed ..

[ ZeuS ] Reload [ 12/05/17 23:51:22 ] . completed ..

[ DShield ] Reload . completed ..

[ ETCompromised ] Reload . completed ..

[ ETDshield ] Reload . completed ..

[ Tor ] Reload . completed ..


===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload

 Updating: pfB_Blacklists
28 addresses added.

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 25273 ]

===[ Deny List IP Counts ]===========================

   25293 total
   15000 /var/db/pfblockerng/deny/CIArmy.txt
    6447 /var/db/pfblockerng/deny/Tor.txt
    2104 /var/db/pfblockerng/deny/ETDshield.txt
    1583 /var/db/pfblockerng/deny/ETCompromised.txt
     119 /var/db/pfblockerng/deny/ZeuS.txt
      40 /var/db/pfblockerng/deny/DShield.txt

===[ DNSBL Domain/IP Counts ] ===================================

  904932 total
  871989 /var/db/pfblockerng/dnsbl/bambenek.txt
   14890 /var/db/pfblockerng/dnsbl/malwaredomains.txt
   12475 /var/db/pfblockerng/dnsbl/Winhelp.txt
    2497 /var/db/pfblockerng/dnsbl/Yoyo.txt
    1530 /var/db/pfblockerng/dnsbl/Youtube.txt
    1146 /var/db/pfblockerng/dnsbl/malwaredomainlist.txt
     405 /var/db/pfblockerng/dnsbl/Adaway.txt

====================[ Last Updated List Summary ]==============

Dec 5 05:30 ETDshield
Dec 5 05:31 ETCompromised
Dec 5 23:21 ZeuS
Dec 5 23:25 CIArmy
Dec 5 23:30 DShield
Dec 5 23:35 Tor

IPv4 alias tables IP count
-----------------------------
25294

IPv6 alias tables IP count
-----------------------------
0

Alias table IP Counts
-----------------------------
   25294 total
   25293 /var/db/aliastables/pfB_Blacklists.txt
       1 /var/db/aliastables/pfB_DNSBLIP.txt

pfSense Table Stats
-------------------
table-entries hard limit  2000000
Table Usage Count         121331

 UPDATE PROCESS ENDED [ 12/05/17 23:51:23 ]

**Saving configuration [ 12/05/17 23:56:10 ] ...

**Saving configuration [ 12/05/17 23:57:47 ] ...

extras.log
Code: [Select]
Country code update Start [ 12/05/17 23:12:49 ]
 Converting MaxMind Country databases for pfBlockerNG.
 Processing ISO IPv4 Continent/Country Data [ 12/05/17 23:12:50 ]
 Processing ISO IPv6 Continent/Country Data [ 12/05/17 23:13:07 ]
 Creating pfBlockerNG Continent XML files
 IPv4 Africa [ 12/05/17 23:13:11 ]
 IPv6 Africa
 IPv4 Antarctica
 IPv6 Antarctica
 IPv4 Asia
 IPv6 Asia [ 12/05/17 23:13:13 ]
 IPv4 Europe
 IPv6 Europe [ 12/05/17 23:13:19 ]
 IPv4 North America [ 12/05/17 23:13:22 ]
 IPv6 North America [ 12/05/17 23:13:26 ]
 IPv4 Oceania
 IPv6 Oceania [ 12/05/17 23:13:27 ]
 IPv4 South America
 IPv6 South America
 IPv4 Proxy and Satellite
 IPv6 Proxy and Satellite
 IPv4 TOP 20
 IPv6 TOP 20 [ 12/05/17 23:13:28 ]
 pfBlockerNG Reputation Tab
Country Code Update Ended


maxmind_ver
Code: [Select]
MaxMind GeoLite2 Date/Time Stamp
Last-Modified: Mon, 06 Nov 2017 19:15:47 GMT
Duplicate Represented IP4 Networks: 31851
Duplicate Represented IP6 Networks: 3052

All other logs are blank or missing.

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #4 on: December 05, 2017, 06:09:20 pm »
Did you try to access any Domain that are blocked by dnsbl (Logs / DNSBL Files),
One domain from Adaway: http://mobiledl.adobe.com/
2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #5 on: December 05, 2017, 06:11:20 pm »
Did you try to access any Domain that are blocked by dnsbl (Logs / DNSBL Files),
One domain from Adaway: http://mobiledl.adobe.com/

When I go to yahoo its covered in Ads, The Ipv4 black list is working but DNSBL ads and malware lists are not.

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #6 on: December 05, 2017, 06:15:06 pm »
On pfsense what does this look like

Code: [Select]
dig mobiledl.adobe.com

; <<>> DiG 9.11.2 <<>> mobiledl.adobe.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40091
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mobiledl.adobe.com. IN A

;; ANSWER SECTION:
mobiledl.adobe.com. 60 IN A 10.10.10.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 05 19:13:56 EST 2017
;; MSG SIZE  rcvd: 63

2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #7 on: December 05, 2017, 06:15:49 pm »
On pfsense what does this look like

Code: [Select]
dig mobiledl.adobe.com

; <<>> DiG 9.11.2 <<>> mobiledl.adobe.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40091
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mobiledl.adobe.com. IN A

;; ANSWER SECTION:
mobiledl.adobe.com. 60 IN A 10.10.10.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 05 19:13:56 EST 2017
;; MSG SIZE  rcvd: 63

on that page on chrome I get this

Invalid URL

The requested URL "[no URL]", is invalid.
Reference #9.1f7469d5.1512519331.2d2d26a0

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #8 on: December 05, 2017, 06:16:52 pm »
But that is in my
 
pfB_Blacklists IPv4 not DNSBL

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #9 on: December 05, 2017, 06:22:54 pm »
You can also Diagnostics / Command prompt to run the dig command

For DNSBL to function, your devices have to use the pfsense DNS Resolver. On on those device you need to check the DNS service resolution config.
On a Windows system, open a command prompt and to a nslookup of one FQDN from you DSNBL Files.
Devices also have to be able to reach the VIP (10.10.10.1), try to ping the VIP ip from that device. Try to open your VIP on a browser.


2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #10 on: December 05, 2017, 06:25:16 pm »
I know its not working as ont he widget the packets don't update just stays on 0 used to go up etc...

It used to just work on everything in the house I never did anything to each device.

it just worked haha.

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #11 on: December 05, 2017, 06:26:02 pm »
Check the Services page and restart pfblockerNG services
Check the System Logs General and Resolver
2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #12 on: December 05, 2017, 06:33:15 pm »
Check the Services page and restart pfblockerNG services
Check the System Logs General and Resolver

Silly question where are the "Check the System Logs General and Resolver" I can't find them.

Offline RonpfS

  • Hero Member
  • *****
  • Posts: 684
  • Karma: +96/-2
    • View Profile
Re: pfBlocker Problems
« Reply #13 on: December 05, 2017, 06:34:50 pm »
Status / System Logs / System / General
Status / System Logs / System / DNS Resolver
2.3.5-RELEASE (amd64)
Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
pfBlockerNG 2.1.2_1/Dev, suricata 4.0.1

Offline Riftcore34

  • Newbie
  • *
  • Posts: 17
  • Karma: +0/-0
    • View Profile
Re: pfBlocker Problems
« Reply #14 on: December 05, 2017, 06:39:15 pm »
Status / System Logs / System / General
Status / System Logs / System / DNS Resolver

Thanks

Code: [Select]
Last 2 General Log Entries. (Maximum 50)
Time Process PID Message
Dec 6 00:37:03 syslogd kernel boot file is /boot/kernel/kernel
Dec 6 00:37:09 pfsense.localdomain nginx: 2017/12/06 00:37:09 [error] 35192#100148: send() failed (54: Connection reset by peer)

Code: [Select]
Last 11 DNS Resolver Log Entries. (Maximum 50)
Time Process PID Message
Dec 6 00:37:28 unbound 78841:0 notice: init module 0: validator
Dec 6 00:37:28 unbound 78841:0 notice: init module 1: iterator
Dec 6 00:37:28 unbound 78841:0 info: start of service (unbound 1.6.6).
Dec 6 00:37:28 unbound 78841:0 info: service stopped (unbound 1.6.6).
Dec 6 00:37:28 unbound 78841:0 info: server stats for thread 0: 1 queries, 0 answers from cache, 1 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Dec 6 00:37:28 unbound 78841:0 info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0
Dec 6 00:37:28 unbound 78841:0 info: server stats for thread 1: 1 queries, 0 answers from cache, 1 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Dec 6 00:37:28 unbound 78841:0 info: server stats for thread 1: requestlist max 0 avg 0 exceeded 0 jostled 0
Dec 6 00:37:43 unbound 41622:0 notice: init module 0: validator
Dec 6 00:37:43 unbound 41622:0 notice: init module 1: iterator
Dec 6 00:37:43 unbound 41622:0 info: start of service (unbound 1.6.6).

Nothing bad really. (I think)
Thanks again for the help. I hate ads can't wait to get this going again.