Updated pfBlocker devel from 3.2.0_19 to 3.2.0_20 ..all good (on x86 qemu), GEOIP / ASN entrys etc. all working well, Thank you for the Update! 😊

@slu

Just wait on a production system. there will be more. _17 still has "show stoppers"

yes you can "get around" some of them, but not all.
production wait.
installing and package testing -devel

@flepti said in pfBlockerNG-devel v3.0.0 - No longer bound by Unbound!:

my setup too

You mean you use pfSense 2.4.5 and "007" fBlockerNG-devel ?
Easy solution : upgrade ?!

so happy to find the explanation relating the tables and lists!! thanks!

@gertjan

Just following up on this -- (Thanks for your help!)

The Python Group Policy action works for whitelisting any clients, per host address e.g. 192.168.1.100 that we do not want DNSBL to filter.

However I have another problem, sort of in the same neighborhood.

I am using GeoIP as well using a domain name white list alias (domain a/s lookup enabled) that I created called "domain_whitelist_v4"

This is the alias URL in the fw:

https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_domain_whitelist_v4

I'm trying to use the same GeoIP alias file " domain_whitelist_v4" in a DNSBL Group Feed source definition to not take action/block on.

The URL I set of the DNSBL group feed source definition is https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_domain_whitelist_v4.txt

I have the action set to "Disabled" instead of Unbound.

I figure that If I update the GeoIP alias "domain_whitelist_v4" section, that I do not have to then also update the DNSBL Whitelist section too since their (DNSBL & GeoIP) are both referencing the same domain name list (domain_whitelist_v4). Instead I have to update in 2 places for domain reachability sometimes depending if its also being blocked via GeoIP

Ideally, I don't want to remove all filtering for some clients, but instead I'd like to update one alias file that covers both DNSBL (permit) and GeoIP (permit)

I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension.
Looking forward to it.

I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard.

Great work hope it's coming along well ;)

Great job.

It would be really cool if it could automatically update the blocked TLDs based on the spamhaus statistics (https://www.spamhaus.org/statistics/tlds/) on a regular schedule. I realize that this may be more difficult than it sounds as I cant seem to find a spamhaus TLD feed, just a website. But if we dont dream then it will never happen!

@ck42 The entry is related to Firewall / pfBlockerNG/ DNSBL / DNSBL Category Blacklist.

@breeoge said in PfBlockerNG:

@belt9:

I wanted to chime in here as I just updated from a month old RC to 2.4.0-RELEASE last night and ran into this problem today.

I haven't read through all of the many pages of the many threads that seem related to this issue (show how popular pfBNG is!), so maybe this has already been covered.

But I've seen several people state that this doesn't happen on ZFS - I have a raidz2 ZFS install, and this happened to me, just throwing that out there.

That is good to know. Thank you for the report.  BBcan177 is currently updating it to use SQLlite and this should fix any issues in the future.  In the other thread there is a temp fix posted..

https://create.vista.com/colors/palettes/

Thank you
BreeOge

Hello my friend. Many thanks to Bbcan177 for keeping the report up to date. as a result of this, in principle, the given problems are corrected.