Blarg. I noticed there was a patch file being applied to this stuff and thought I would poke around a little. Turns out if I modify /etc/inc/dyndns.class a little I can get the "googledomains" working again. I already have the "patchfile" package added from Package Manager, so I'm going to add my own custom patchfile, and keep using googledomains.. until the update breaks it. existing patchfile /usr/local/pkg/patches/b5360f49fb3c1fdc36ebf13c20b68d4ff1e15fe6.patch My patchfile https://gist.github.com/therevoman/cc986a390bb08255d4119903f734f22d : diff -u /home/backup/etc/inc/dyndns.class /etc/inc/dyndns.class --- a/src/etc/inc/dyndns.class 2022-10-21 22:11:05.836183000 +0000 +++ b/src/etc/inc/dyndns.class 2022-10-26 19:13:32.756072000 +0000 @@ -1209,11 +1209,11 @@ $post_data['hostname'] = $this->_dnsHost; $post_data['myip'] = $this->_dnsIP; $post_data['offline'] = 'no'; $server = "https://domains.google.com/nic/update"; $server = "https://domains.google.com/nic/update?hostname=" . $this->_dnsHost; $port = ""; curl_setopt($ch, CURLOPT_URL, 'https://domains.google.com/nic/update'); curl_setopt($ch, CURLOPT_URL, 'https://domains.google.com/nic/update?hostname=' . $this->_dnsHost); curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser . ':' . $this->_dnsPass); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); #curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); break; case 'dnsmadeeasy': $needsIP = TRUE;

@paulg-79 If your running the VPN on your computer it has probably nothing to do with pfSense. I assume, the VPN server is providing a DNS server, but investigate it to get sure. If it's a Windows OS run "ipconfig /all", while the VPN is up, and check if there is a DNS server shown for the virtual VPN network adapter.

@thierry-1 Wait .... Because snort has nothing to do on the 'hot' side (WAN) as all traffic is already blocked in the first place, it decided to focus on your side (LAN) and makes your live miserable by blocking traffic from the firewall itself ?? What was the reason you installed snort in the first place ? To do what ? But ok, you made a good choice : remove (snort) as much non essential stuff on your firewall : things work way better, less maintenance, less can go wrong. Use only what you can manage

@viragomann said in External router not assigned IP, but connected devices are: @skikibobski I don't know this router. I said, maybe there is an option to allow outside access. If not, you can NAT the access on pfSense. To do so, you have to add an outbound NAT rule for the router. Firewall > NAT > Outbound Switch to hybrid mode and save this first. Then add a rule: interface: that one the router is connected to source: any (or a specific subnet) destination: select "Network" and enter the routers IP and /32 mask You may also state the WebGUI port to limit the rule just for this purpose translation: interface address That did it! NAT rule on pfSense fixed it, I now have access to both webui via ethernet. Thanks so much for your very quick help!

@johnpoz said in iPhone: Privacy Warning: @cloudified here is the warning the OP was talking about. https://developer.apple.com/forums/thread/661116 I just read the release notes, so I didn't see this forum post until now, so thanks for sharing it.

@luckman212 infra cache is only going to be there for so long. Defaults to 15 minutes I believe. So yeah if you haven't asked a specific NS your forwarding to anything in a while, it would most likely fall out of the cache.

@sdm900 I can confirm that this bug still exists with version 2.6.0-RELEASE (amd64). The supplied fix appears to allow DHCP to continue running after entering in denied clients with the "ignore" option selected.

@johnpoz true, it works perfectly fine with IPv4. I just want to learn about IPv6 and I experiment with IPv6 only networks.

@aaronouthier you can setup vlans and work with different subnets "device discovery" will probably have the same issues. personally i tend to avoid using/buying stuff that depends on automagic discovery bs ...

@enesas [image: 1666107398986-dns-redirect2.png] it's actually doing DNS redirection. but pfblockerng's ad-blocking features do not work. I wonder why?

@steveits @rcoleman-netgate I recently had a DNS resolver that restarts in 1-2 hours. Many people were victims until we solved it. Latest pflockerng > dnsbl > Resolver Live Sync Checking the feature fixed the problem. Of course it took time to find it. These and similar problems can happen from time to time. that's why I asked.

@rcoleman-netgate Thanks ... I changed user/passwd ... now it works

@johnpoz arpwatch, thanks!

@samitguy On your Windows DNS server(s) forward all queries to your pfSense. You may need to empty the DNS cache on the server(s) and any devices. ipconfig /flushdns on the PCs, or dnscmd /clearcache for the DNS Server cache.

@viragomann Hello Sir, is hybrid mode on outbound , and seems the traffic is nated , just like WAN interface. Thanks.

Update I stop pfsense in hyppervisor, than run in single mode. I mount zfs. mount -t zfs pfSense/var /mnt In folder /mnt/etc/named/etc/namedb/master/default are two files 192.168.192.DB.jnl and example.com.DB.jnl. Why BIND do not load the files on start pfsense?

@bingo600 that's a good question. Think it came with my tivo which might explain why my tivo was trying to talk to 192.168.2.x. Might have been how my tivo communicated with my tivo mini. Main tivo works fine without it as it networked properly now.