Project

General

Profile

Actions
Copy link

Feature #12882

closed

Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists

Added by Charles Hamilton over 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

Sometimes it is desirable to tell cURL to use a specific interface when downloading IPv4/IPv6 pass/block lists. For example, I run an internal list repository. The server hosting the repository is on a network that is only accessible via IPSec VTI. This can be problematic if the VTI's transit network is a link-local/APIPA subnet, which is the case when using Google Cloud's high-availability VPN. Allowing this option to be specified is basically the "pfBlockerNG version" of the service binding workaround discussed here: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/access-firewall-over-ipsec.html#ipsec-fwtraffic-vti.

Files

CURLOPT_INTERFACE Example.png (72.9 KB) CURLOPT_INTERFACE Example.png Charles Hamilton, 02/28/2022 01:47 PM
Actions
Copy link
 #1

Updated by BBcan177 . over 2 years ago

Thanks for the PR!

There isn't much development in "pfBlockerNG" as everything is taking place in "pfBlockerNG-devel". Devel will soon replace "pfBlockerNG".

Would you mind applying this to "pfBlockerNG-devel"?

Devel doesn't use XML (pkg_edit) to build the web pages. It would also be more practical to add this option to the "Advanced Tuneables" Section so that the Interface would apply to all Feeds in this Alias.

The file to edit is here:

https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-pfBlockerNG-devel/files/usr/local/www/pfblockerng/pfblockerng_category_edit.php#L1197

Actions
Copy link
 #2

Updated by Charles Hamilton over 2 years ago

Sure thing! I'll close the other pull request, thanks!

Actions
Copy link
 #4

Updated by BBcan177 . over 2 years ago

Great Thanks.

I have done some limited testing and it seems to be ok.

I made some minor formatting changes in a Gist, would you mind reviewing those and if ok, merge into your PR?

https://gist.github.com/BBcan177/7d7e9187dbd23fd8b3c2a5b958d08bb1/revisions

I also changed the blank Interface selection from "any" to "Default"

Thanks for the contribution! Its appreciated!

Actions
Copy link
 #5

Updated by Charles Hamilton over 2 years ago

Thanks for the contribution! Its appreciated!

Sure thing! This solves a big problem for me :-)

Your revisions look good. I've merged them into the PR. Thanks again!

Actions
Copy link
 #7

Updated by Charles Hamilton over 2 years ago

Sure thing, happy to contribute!

Actions
Copy link
 #8

Updated by Marcos M over 1 year ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF