Bug #10983


pfBlockerNG not cleaning everything behind it

Added by Jacques Bourdeau 9 months ago. Updated 7 days ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Affected Version:
Affected Architecture:


I moved from PI-Hole to pfBlockerNG for a while. I chose to move back to PI-Hole and stopped using pfBlockerNG. After a little while, I uninstalled the package.
The symptom I then experienced was that DHCPD refused to serve both of my lab segments at once. It would do one or the other but not both. Error message was about VMX4 matching multiple shared networks.
A long search about ip ranges, networks and pools did not revealed anything.
I re-addressed one of the lab network and then DHCPD accepted to serve both.
I expended the other lab segment to cover the newly freed segment and received a much better error message. It said that the DHCP range could not include an existing interface's IP address.
Went to CLI and indeed, VMX4 had 2 IP addresses despite the dashboard or interface configuration showed just one.
I searched in /conf/config.xml and found a leftover from pfBlockerNG. It was <virtualip> ... configs .... </virtualip>.
I deleted that virtual IP section and Bingo! Everything worked fine and I was able to bring back the modified lab segment to its original address.

Actions #1

Updated by Viktor Gurov 9 months ago

  • Status changed from New to Feedback

Unable to reproduce it on the latest pfBlockerNG-devel-2.2.5_37 - virtualip is successfully removed during uninstall

Actions #2

Updated by Max Leighton 9 months ago

I agree with Viktor. I have tried to replicate this in the latest devel and stable versions of pfBlockerNG and cannot. The DNSBL virtual IP is removed at uninstall every time. I tried in 2.5 as well as 2.4.4_3. This should be marked as Not A Bug.

Actions #3

Updated by Jacques Bourdeau 9 months ago

Hi guys,

I understand that you tried to reproduce the bug without success. FYI, I am pretty sure this guy had the same problem :

Actually, it is his post saying that a complete reset fixed his case. That made me think some corruption or conflict was somewhere beyond the WebUI and that I had to fix it. I have way too many things configured in my pfSense for a reset - manual reconfig, so I searched manually.

It looks like there are more steps involved to reproduce the bug, but I am pretty sure there is a series of events that will lead to this situation. As such, I invite you to keep that for the record until next case surfaces.

Thanks for looking at this,

Actions #4

Updated by Marcos Mendoza 9 months ago

Given this seems to be VM and sounds similar to issues that can happen when interfaces disappear or otherwise change without the firewall knowing, I'd say it's doubtful to be a bug in the package.

Actions #5

Updated by Bug Reporter 5 months ago

Just stumbled upon this error message from dhcpd, took a while to figure out I had a virtual IP set on that IP that I hadn't used for years. The only problem is that it lets me submit settings, when it will not work and also never says what exactly is the issue. Can we have the web interface check for this upon pressing save? Would be helpful.

Actions #6

Updated by Kris Phillips 7 days ago

  • Status changed from Feedback to Rejected

Updating as Rejected as the bug can not be reproduced.


Also available in: Atom PDF