The pfSense Store

Author Topic: pfBlocker  (Read 182413 times)

0 Members and 1 Guest are viewing this topic.

Offline kilthro

  • Full Member
  • ***
  • Posts: 174
    • View Profile
Re: pfBlocker
« Reply #240 on: December 11, 2011, 07:35:32 pm »
Oh i c. That makes sense. Right now seems to be ok but if I see performance issues, I will take that in mind and change it up.

Offline trafficking

  • Newbie
  • *
  • Posts: 5
    • View Profile
Re: pfBlocker
« Reply #241 on: December 16, 2011, 05:13:35 pm »
Firstly, thank you for the excellent package.  I greatly enjoy using 3rd party lists to do IP blocking and have pfblocker configured and running the way I like it.  That said, I do have a couple questions.

1) I prefer to block inbound and outbound connections on all interfaces and use pfblocker aliases with 2 floating rules to do this.  Is this the preferred method or is there another way I am missing?

2) Not directly a pfblocker question, but in what order are floating rules applied?  Do they come before or after the individual interface rules?

Thank you very much for all your hard work!
« Last Edit: December 16, 2011, 05:19:49 pm by trafficking »

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: pfBlocker
« Reply #242 on: December 16, 2011, 05:46:46 pm »
Quote
1) I prefer to block inbound and outbound connections on all interfaces and use pfblocker aliases with 2 floating rules to do this.  Is this the preferred method or is there another way I am missing?

Define action as alias only and create your rules. That's the best way.
« Last Edit: December 16, 2011, 05:49:25 pm by marcelloc »

Offline justsomeguy6575

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
Re: pfBlocker
« Reply #243 on: December 17, 2011, 11:15:22 pm »
This seems like a very good package. However I'm having trouble getting lists to work properly.

I can make a list with this url in gz format and it works fine and creates an alias:
http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gz

For some reason no matter what I try I can't get this list to load in either txt or gz format. No alias is created and nothing is blocked.
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist

Any ideas? Thanks

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: pfBlocker
« Reply #244 on: December 18, 2011, 10:36:27 pm »
Quote
For some reason no matter what I try I can't get this list to load in either txt or gz format. No alias is created and nothing is blocked.
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist

This list is in txt format and returns only ips, not CIDR or ip ranges.

so,

 :)

version 1.0.1 is out with:
  • fixed pfBlocker to check lists with single ips
  • updated country ip files
  • Return of Deny Both action(Inbound and Outbound)
  • Improved some GUI info
« Last Edit: December 18, 2011, 11:47:21 pm by marcelloc »

Offline justsomeguy6575

  • Jr. Member
  • **
  • Posts: 47
    • View Profile
Re: pfBlocker
« Reply #245 on: December 19, 2011, 01:06:30 am »
Wow.. thanks marcello! New version seems to work great.

Nice work, thanks again

Offline vg8open

  • Newbie
  • *
  • Posts: 16
    • View Profile
Re: pfBlocker
« Reply #246 on: December 19, 2011, 10:22:47 am »
Thank you for a great package!  I just have one minor request for this package.  Can you add more granular options for the list update frequency?  Something like the attached image?

Thanks,

-Brian

Offline KongGulerod

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: pfBlocker
« Reply #247 on: December 20, 2011, 11:56:04 am »
Thanx for a great package - I like how it integrates and uses pfSense 2.0 firewall aliases and WAN/LAN rules :-)

A small observation and fix request (latest pfSense 2.0 release + latest pfBlocker):

After placing the pfBlocker widget on the bottom part of my long pfSense 2.0 dashboard page with vertical scrollbar, I observed that the dashboard page/scrollbar automatically reverted back to the top of the page at a fixed interval (every 5-10 secs).

This is a bit annoying if I am looking at data from a widget in the bottom part of the dashboard page - and every 5-10 seconds the page jumps to the top (internal pfBlocker refresh?) and I have to manually use the scrollbar/mouse/arrow-keys to navigate back down to the bottom of the page.

If I temp. removed the pfBlocker widget from dashboard the mis-behaviour went away also.

Hope you can reproduce this scenario and look forward to next release :-)

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: pfBlocker
« Reply #248 on: December 20, 2011, 12:12:22 pm »
Quote
I observed that the dashboard page/scrollbar automatically

Thanks for the feedback.

I`ve removed scroll call in widget.

reinstall package in about 15 minutes.


If you have many widgets, consider testing widescreen package. It may help you.

Offline AhnHEL

  • Sr. Member
  • ****
  • Posts: 572
    • View Profile
Re: pfBlocker
« Reply #249 on: December 20, 2011, 12:44:29 pm »
Reinstalled and now I'm not getting any CIDRs or Packets in the widget.
AhnHEL (Angel)
NYC

3 pfSense sites: 2.1 RELEASE (amd64)
Dell 745 SFF E4400 @ 2.0Ghz, 2GB RAM, 20/5 Mbps
Dell 755 SFF E6550 @ 2.3Ghz, 2GB RAM, 20/5 Mbps
White Box i5 3570k @ 4.4Ghz, 16GB RAM, 114/6 Mbps, SSD
OpenVPN (Site to Site, Road Warrior), IPSec Mobile, UPnP Gaming, Traffic Shaping, Snort, Suricata

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: pfBlocker
« Reply #250 on: December 20, 2011, 01:18:14 pm »
fixed javascript again, try reinstall in 15 minutes.

Offline LEPM

  • Full Member
  • ***
  • Posts: 178
    • View Profile
Re: pfBlocker
« Reply #251 on: December 20, 2011, 03:35:00 pm »
pf 2.0 i386 + squid+squidguard+pfblocker 1.0 and 1.0.1 works very well (deny inbound)

pfblocker 1.0.1+ deny both, crash pfsense!!
reboot and crash,crash...
changing to deny inbound,works well again

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: pfBlocker
« Reply #252 on: December 20, 2011, 04:22:52 pm »
Can you be more specific on what kind of crash you have?

I'm using deny both with no issues or crashes.
Boot process is fine too.

Offline KongGulerod

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: pfBlocker
« Reply #253 on: December 20, 2011, 04:27:56 pm »
I`ve removed scroll call in widget.
reinstall package in about 15 minutes.

Seems to work fine now... no forced scrolling to the top when refreshing numbers.

Thanx !!

Offline AhnHEL

  • Sr. Member
  • ****
  • Posts: 572
    • View Profile
Re: pfBlocker
« Reply #254 on: December 20, 2011, 11:18:32 pm »
Getting this error now trying to enable pfBlocker, and the widget still looks like the pic i posted above.

Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10499768 bytes) in /usr/local/pkg/pfblocker.inc on line 281
AhnHEL (Angel)
NYC

3 pfSense sites: 2.1 RELEASE (amd64)
Dell 745 SFF E4400 @ 2.0Ghz, 2GB RAM, 20/5 Mbps
Dell 755 SFF E6550 @ 2.3Ghz, 2GB RAM, 20/5 Mbps
White Box i5 3570k @ 4.4Ghz, 16GB RAM, 114/6 Mbps, SSD
OpenVPN (Site to Site, Road Warrior), IPSec Mobile, UPnP Gaming, Traffic Shaping, Snort, Suricata