Project

General

Profile

Actions
Copy link

Bug #15938

open

It's possible to add DNSBL Virtual IP with subnet mask if to use Restore Configuration option in Diagnostics -> Backup&Restore

Added by Azamat Khakimyanov 3 days ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

Tested on 24.11 (pfBlockerNG 3.2.0_16)

If to use incorrect DNSBL Virtual IP in config.xml file ('DNSBL VIP with subnet mask.png'), it's possible to restore this config on pfSense without getting any errors/alerts ('restored DNSBL VIP with mask.png').

DNSBL doesn't work with this wrong VIP but it's then hard to troubleshoot why it happends without any logs.

when I tried to just open DNSBL menu (with wrong VIP) and press Save, I got correct error message: "DNSBL Virtual IP: A valid IPv4 address must be specified."

But if just try to restart DNSBL via /Status/Services, DNSBL doesn't start and System log only has

Dec 16 13:18:39    lighttpd_pfb    48053    [pfBlockerNG] DNSBL Webserver stopped
Dec 16 13:18:39    lighttpd_pfb    50135    [pfBlockerNG] DNSBL Webserver started

One more check function should be added which wipes the subnet mask while booting or applying pfBlockerNG settings.

It's not urgent to fix but we already had one customer who restored such config with DNSBL VIP which had subnet mask.

Files

Download all files
DNSBL VIP with subnet mask.png (59.2 KB) DNSBL VIP with subnet mask.png Azamat Khakimyanov, 12/18/2024 05:39 AM
restored DNSBL VIP with mask.png (47.7 KB) restored DNSBL VIP with mask.png Azamat Khakimyanov, 12/18/2024 05:39 AM

No data to display

Actions
Copy link

Also available in: Atom PDF