Bug #10983
closed
pfBlockerNG not cleaning everything behind it
0%
Description
I moved from PI-Hole to pfBlockerNG for a while. I chose to move back to PI-Hole and stopped using pfBlockerNG. After a little while, I uninstalled the package.
The symptom I then experienced was that DHCPD refused to serve both of my lab segments at once. It would do one or the other but not both. Error message was about VMX4 matching multiple shared networks.
A long search about ip ranges, networks and pools did not revealed anything.
I re-addressed one of the lab network and then DHCPD accepted to serve both.
I expended the other lab segment to cover the newly freed segment and received a much better error message. It said that the DHCP range could not include an existing interface's IP address.
Went to CLI and indeed, VMX4 had 2 IP addresses despite the dashboard or interface configuration showed just one.
I searched in /conf/config.xml and found a leftover from pfBlockerNG. It was <virtualip> ... configs .... </virtualip>.
I deleted that virtual IP section and Bingo! Everything worked fine and I was able to bring back the modified lab segment to its original address.
Updated by Viktor Gurov over 3 years ago
- Status changed from New to Feedback
Unable to reproduce it on the latest pfBlockerNG-devel-2.2.5_37 - virtualip is successfully removed during uninstall
Updated by Max Leighton over 3 years ago
I agree with Viktor. I have tried to replicate this in the latest devel and stable versions of pfBlockerNG and cannot. The DNSBL virtual IP is removed at uninstall every time. I tried in 2.5 as well as 2.4.4_3. This should be marked as Not A Bug.
Updated by Jacques Bourdeau over 3 years ago
Hi guys,
I understand that you tried to reproduce the bug without success. FYI, I am pretty sure this guy had the same problem :
https://www.reddit.com/r/PFSENSE/comments/7047xp/dhcpd_claims_that_networks_are_overlapping_and/
Actually, it is his post saying that a complete reset fixed his case. That made me think some corruption or conflict was somewhere beyond the WebUI and that I had to fix it. I have way too many things configured in my pfSense for a reset - manual reconfig, so I searched manually.
It looks like there are more steps involved to reproduce the bug, but I am pretty sure there is a series of events that will lead to this situation. As such, I invite you to keep that for the record until next case surfaces.
Thanks for looking at this,
Updated by Marcos M over 3 years ago
Given this seems to be VM and sounds similar to issues that can happen when interfaces disappear or otherwise change without the firewall knowing, I'd say it's doubtful to be a bug in the package.
Updated by Bug Reporter about 3 years ago
Just stumbled upon this error message from dhcpd, took a while to figure out I had a virtual IP set on that IP that I hadn't used for years. The only problem is that it lets me submit settings, when it will not work and also never says what exactly is the issue. Can we have the web interface check for this upon pressing save? Would be helpful.
Updated by Kris Phillips almost 3 years ago
- Status changed from Feedback to Rejected
Updating as Rejected as the bug can not be reproduced.