Firewall->Diagnostics->pfTables is empty

Started by gonzo, February 13, 2018, 08:46:11 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
February 13, 2018, 11:21:28 PM #15
Running out of ideas for this evening :) ...
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
February 13, 2018, 11:27:13 PM #16
Maybe just this one:

-If you WinSCP to this path: /root/var/db/aliastables
-Delete everything related to that alias
-Delete the alias from the GUI

.. and recreate... will this populate the table?
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
February 14, 2018, 06:42:31 AM #17
Strange results for me. I tried the URL in OP's first post and it didn't work.

Doesn't work: http://ip.jchost03.pl/ip_zablokowane_ataki.txt
Doesn't work: ip.jchost03.pl/ip_zablokowane_ataki.txt
WORKS: http://www.ip.jchost03.pl/ip_zablokowane_ataki.txt (screenshot1)

Notice the "www" that allowed the pfTables to populate (screenshot2). OP, try what I did, hopefully it works for you too.
February 14, 2018, 08:09:34 AM #18
It could be forcing a redirect that is not followed properly by the fetch library?
February 14, 2018, 10:20:01 AM #19

I removed the ralias and the firewall rule, I made a new alias and rule, but it is still empty.

I also see the names of removed alaises (IP_ataki, ip_ataki, ip_blocked_ataki) how to remove them ?
February 14, 2018, 02:20:53 PM #20
Franco, good point I didn't think of but Fiddler doesn't show redirect.

gonzo, you might have to remove manually if a reboot doesn't work; /var/db/aliastables. Might as well reboot with all the work that you did anyway.
February 14, 2018, 03:23:01 PM #21

FireWall already works in a production environment. Deleting this file will affect the operation of FW ?
February 15, 2018, 02:32:05 AM #22
No, it shouldn't affect production. It merely removes the alias from showing in the pfTables selection. If everything is working fine. I'd say leave it alone.
February 18, 2018, 07:57:03 PM #23 Last Edit: February 18, 2018, 08:01:42 PM by gonzo
I removed the contents of the catalog ( text files ) : /var/db/aliastables .
I have removed all aliases and all rules except one "Allow all" . This is the default rule that is installed with the system.

Before I start creating new aliases and new rules, I want to delete entries that I see : Firewall: Diagnostics: pfTables.

1) Why do I still see these entries? If all aliases and rules are removed ?
2) How can I delete these entries ?
February 20, 2018, 08:07:30 AM #24

My question is too difficult or too simple ? . No one knows the answer ?
February 20, 2018, 08:55:31 AM #25 Last Edit: February 20, 2018, 08:57:23 AM by elektroinside
Firewall: Aliases: View -> you should not have any aliases here.
You should not have any files here: /var/db/aliastables

And maybe you should apply this patch from here (read the entire conversation):
https://github.com/opnsense/core/issues/2162

And then reboot, then recreate the aliases.

OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
February 21, 2018, 07:42:59 AM #26
Works?
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
Print
Go Up Pages 1 2
User actions