The pfSense Store

Author Topic: pfBlockerNG  (Read 297663 times)

0 Members and 3 Guests are viewing this topic.

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfBlockerNG
« Reply #30 on: January 27, 2015, 04:17:42 am »
I see it in the pkgconfig on github. So I guess be in here soon? or is it already?

Been there for a month. Not really useful with

Code: [Select]
<required_version>3.0</required_version>
Do NOT PM for help!

Offline Supermule

  • Hero Member
  • *****
  • Posts: 2530
  • Karma: +77/-102
    • View Profile
Re: pfBlockerNG
« Reply #31 on: January 27, 2015, 04:25:29 am »
Seems to take quite some time to implement into pfsense package repository... not good!
Kind regards Brian


Offline fragged

  • Sr. Member
  • ****
  • Posts: 402
  • Karma: +27/-1
    • View Profile
Re: pfBlockerNG
« Reply #32 on: January 27, 2015, 05:56:22 am »
Seems to take quite some time to implement into pfsense package repository... not good!

It's already there, but it's being tested by ESF before it's released for the public. doktornotor's post above shows the reason why it's not showing up on 2.1.5 or 2.2 :)

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfBlockerNG
« Reply #33 on: January 27, 2015, 06:04:05 am »
why it's not showing up on 2.1.5 or 2.2 :)

Maybe it could with a bit of unsupported fiddling with /etc/version :P
Do NOT PM for help!

Offline fragged

  • Sr. Member
  • ****
  • Posts: 402
  • Karma: +27/-1
    • View Profile
Re: pfBlockerNG
« Reply #34 on: January 27, 2015, 06:22:53 am »
why it's not showing up on 2.1.5 or 2.2 :)

Maybe it could with a bit of unsupported fiddling with /etc/version :P

I knew there's a way to fool the system, but didn't know the right place :)

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfBlockerNG
« Reply #35 on: January 27, 2015, 06:26:56 am »
Note: If someone does this, I'd suggest revert the change immediately after the package is installed.
Do NOT PM for help!

Offline Mr. Jingles

  • Hero Member
  • *****
  • Posts: 1136
  • Karma: +92/-724
    • View Profile
    • The FreeBSD Foundation
Re: pfBlockerNG
« Reply #36 on: January 27, 2015, 06:42:41 am »
Seems to take quite some time to implement into pfsense package repository... not good!

I think I will wipe the dirt from my other diploma, that from law school, and speak in defense of ( ;D ):

The Pfsense team has worked hard on 2.2; I'm sure that took, and still takes, almost all of their time.

't Makes (pf)sense to me that other work gets delayed with relatively limited resources.

Offline Mr. Jingles

  • Hero Member
  • *****
  • Posts: 1136
  • Karma: +92/-724
    • View Profile
    • The FreeBSD Foundation
Re: pfBlockerNG
« Reply #37 on: January 27, 2015, 06:46:25 am »
why it's not showing up on 2.1.5 or 2.2 :)

Maybe it could with a bit of unsupported fiddling with /etc/version :P

Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

I appreciate that procedure, and I'm sure BB does too, as perhaps the pfSense team notices things BB overlooked (that happens: when you look too much at something, you develop a sort of 'blindness' for things. I'm sure BB looked alot at the code  ;D . I suffer from the same: in the end, after looking at Excel sheets for 10 hours, you don't see anything anymore.)

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfBlockerNG
« Reply #38 on: January 27, 2015, 06:57:01 am »
Don't you all appreciate that multiple sets of eyes look at code before it gets released for your perimeter security appliance  :) ?

Pretty confident the package is working a whole LOT better compared to the old pfBlocker thing (which, ATM, is not really usable with 2.2 any more depending on which blocklists you happen to use, plus the rest of features - the country etc. blocklists - being desperately outdated and useless.)
« Last Edit: January 27, 2015, 07:00:52 am by doktornotor »
Do NOT PM for help!

Offline Bummer

  • Full Member
  • ***
  • Posts: 108
  • Karma: +4/-0
  • Use nothing but the best!
    • View Profile
Re: pfBlockerNG
« Reply #39 on: January 27, 2015, 07:25:03 am »
I'm really looking forward to this new release! I love pfBlocker and these upgrades are exactly what are needed. I can hardly wait!

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 13398
  • Karma: +589/-7
    • View Profile
Re: pfBlockerNG
« Reply #40 on: January 27, 2015, 08:27:32 am »
If you want to test pfBlockerNG on 2.2,

create this patch using systempatches package.
Code: [Select]
--- pkg-utils.orig.inc       2015-01-27 14:27:38.000000000 +0000
+++ pkg-utils.inc      2015-01-27 14:27:50.000000000 +0000
@@ -624,6 +624,7 @@
                if (isset($pkg_info['maximum_version']))
                        $compatible = $compatible && (pfs_version_compare("", $version, $pkg_info['maximum_version']) <= 0);

+               $compatible = true;
                if (!$compatible) {
                        log_error(sprintf(gettext('Package %s is not supported on this version.'), $pkg_info['name']));
                        $static_output .= sprintf(gettext("Package %s is not supported on this version."), $pkg_info['name']);


Note: Do not forget to click test and apply the patch after creating/saving  it.  ;)


then install package with your pfsense url

Code: [Select]
https://YOUR_PFSENSE_ADDRESS_HERE/pkg_mgr_install.php?id=pfBlockerNG
And of cource, DO AT YOUR OWN RISK  :)
« Last Edit: January 27, 2015, 09:35:43 pm by marcelloc »

Offline Bummer

  • Full Member
  • ***
  • Posts: 108
  • Karma: +4/-0
  • Use nothing but the best!
    • View Profile
Re: pfBlockerNG
« Reply #41 on: January 27, 2015, 08:41:00 am »
Your instructions are great, they're for dummies like me.

It's greatly appreciated! I'm going to try and hit the datacenter this weekend. I'm doing a fresh install and moving from 2.1.5 (32bit) to 2.2 (64bit). I'll try installing pfBlockerNG then.

Thank you!

Offline marian78

  • Jr. Member
  • **
  • Posts: 77
  • Karma: +0/-0
    • View Profile
Re: pfBlockerNG
« Reply #42 on: January 27, 2015, 10:16:04 am »
is it  compatible with 32bit version?
pfsense runing in virtual, on HP N54L microserver, 2G RAM, 60G disk, WAN, LAN, DMZ, Wifi, OpenVPN server + client, suricata, pfblocker

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfBlockerNG
« Reply #43 on: January 27, 2015, 10:17:23 am »
The package? Sure. The pkg-utils.inc patch? No idea, never tried.
Do NOT PM for help!

Offline marian78

  • Jr. Member
  • **
  • Posts: 77
  • Karma: +0/-0
    • View Profile
Re: pfBlockerNG
« Reply #44 on: January 27, 2015, 10:20:37 am »
i try install pfblockerng on 32bit pfsense with this patch and it failed.
pfsense runing in virtual, on HP N54L microserver, 2G RAM, 60G disk, WAN, LAN, DMZ, Wifi, OpenVPN server + client, suricata, pfblocker