Project

General

Profile

Actions

Bug #13558

open

PFBlockerNG Incorrect planning of GeoIP updates

Added by Juan V. Rodríguez Rodríguez over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
All
Affected Plus Version:
Affected Architecture:
All

Description

PFBlockerNG incorrectly only downloads GeoIP updates on the first Thursday of the month.

1. Maxmind indicates on its website that updates are weekly and on Tuesdays and Fridays.
https://dev.maxmind.com/geoip/release-notes/2022?lang=en#geolite-databases-will-now-receive-twice-weekly-updates

2. PFSense in file /usr/local/www/pfblockerng/pfblockerng.php line 90 to 93 only allows this update on Thursdays

// Only update on first Tuesday of each month (Delay till Thurs to allow for MaxMind late releases)
if (date('D') != 'Thu') {
exit;
}
$pfb['extras_update'] = TRUE;

3. PFSense in file /usr/local/pkg/pfblockerng/pfblockerng.inc configure cron job in line 5417 to 5426 , set the cron to run from the 4th to the 10th of each month.

if ($pfb['enable'] == 'on') {
// Define pfBlockerNG MaxMind CRON job
$pfb_gcmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dcc >> {$pfb['extraslog']} 2>&1";
// MaxMind GeoIP CRON hour is randomized between 0-23 Hour to minimize effect on MaxMind website
$pfb_gmin = '0';
$pfb_ghour = rand(0,23);
$pfb_gmday = '4-10';
$pfb_gmonth = '*';
$pfb_gwday = '*';
$pfb_gwho = 'root';

As a result, PFSense only updates the GeoIP databases on the first Thursday of each month while maxmind updates them weekly on Tuesdays and Fridays. This means that when there are important changes in the databases, they can remain out of date for up to a month with the problems this can cause.

No data to display

Actions

Also available in: Atom PDF