Regression #14189
open
pfBlocker-NG: HA-Sync is not working
0%
Description
I'm not the only one with this problem.
See https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working .
This is causing serious issues, as I made changes to the pfBlockerNG configuration after upgrading to pfSense+ 23.01 and now the firewall rules are synchronized, but not the tables generated by pfBlockerNG, leading to firewall errors on the backup pfSense installation.
Please create a System -> Patches patch to fix this as soon as possible.
Related issues
Updated by Jim Pingle 2 months ago
- Project changed from pfSense Plus to pfSense Packages
- Category changed from XMLRPC to pfBlockerNG
- Priority changed from Urgent to Normal
- Release Notes deleted (
Default)
Packages get updated directly, they don't get patches.
Also there is almost no detail here or on the linked forum post about what is happening. "It doesn't work" isn't helpful.
Updated by name name 2 months ago
I understand, but I don't know what is "not" happening.
There are two choices when configuring Sync for pfBlockerNG:
- Sync to configured system backup server
- Sync to host(s) defined below
For the second option I have the same credentials as I used for the main HA Sync of pfSense, which is working.
Enabled: yes
Protocol: https
Target: 10.0.97.2
Username: admin
Password: ...
Both options, even though they get accepted by the UI when pressing "Save ...", lead to the same problem:
No replication of pfBlockerNG settings takes place, which is why both the one in the forum post and me said "It's not working", like at all. I don't get error messages, nothing in the Logs that I can see. Either the sync function is not even called or something isn't working right.
You change anything on the master pfSense and nothing changes on the backup pfSense.
I tried all available update options:
- Update
- Cron
- Reload -> All
Nothing works.
So I can't really tell you why the xmlsync part of pfBlockerNG isn't working.
Updated by Jim Pingle about 2 months ago
- Has duplicate Bug #14220: pfBlockerNG does not sync to HA secondary added
Updated by Marcos M about 2 months ago
- Status changed from New to Duplicate
This issue has existed for some time unfortunately. It's covered by the following reports:
https://redmine.pfsense.org/issues/12916
https://redmine.pfsense.org/issues/12918
Edit: re-opened as it seems to be a related but separate issue.
Updated by Marcos M about 2 months ago
- Is duplicate of Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync added
Updated by Marcos M about 2 months ago
- Is duplicate of Feature #12918: pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately added
Updated by Marcos M about 2 months ago
- Is duplicate of deleted (Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync)
Updated by Marcos M about 2 months ago
- Related to Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync added
Updated by Marcos M about 2 months ago
- Is duplicate of deleted (Feature #12918: pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately)
Updated by Marcos M about 2 months ago
- Related to Feature #12918: pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately added