pfBlockerNG

• 

  pfBlockerNG-devel v2.2.5_20 PR #610
  • BBcan177

  9
  5
  Votes
  9
  Posts
  624
  Views

  

  @grimson said in pfBlockerNG-devel v2.2.5_20 PR #610: Another question, is it intentional that version 2.2.5_20 no longer uses a lot of the domains listed under ---------------------------Third-party advertisers---------------------------! ! *** easylist:easylist/easylist_adservers.txt *** in the Easylist feeds. Basicly all domains ending with "$third-party" are no longer filtered. The previous DNSBL parser was a bit aggressive in the domains that it would parse from the EasyList feeds. I intentionally reduced the parser to lines that start with "||" and end with "^"... The other variations can lead to FPs... other DNSBL Feeds will most likely add any missing domains. If I am missing something, please let me know...
• 

  pfBlockerNG v2.1.4_15 PR #609
  • BBcan177

  1
  0
  Votes
  1
  Posts
  208
  Views

  No one has replied

• N

  Bypassing DNSBL for specific IPs
  • Ns8h

  6
  0
  Votes
  6
  Posts
  3078
  Views

  R

  One topic I keep not seeing is what if you want to block X for all. But by pass Y for a few and still block X.
• 

  Support pfBlockerNG development!
  • ivor

  3
  2
  Votes
  3
  Posts
  3021
  Views

  A

  I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension. Looking forward to it. I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard. Great work hope it's coming along well ;) Great job.
• K

  Thanks BBCAN177 !
  • Koent

  5
  0
  Votes
  5
  Posts
  2379
  Views

  S

  As pointed out to me in another post. https://forum.pfsense.org/index.php?topic=139634.0
• 

  PfBlockerNG v2.1 w/TLD
  • BBcan177

  122
  0
  Votes
  122
  Posts
  50527
  Views

  H

  I'm having problems with iOS 11.3 BETA. It seems that safari can't go to 0.0.0.0 and pages can't load. Solution was to reinstall package and use the VIP address, as I was using the certificate hack and 0.0.0.0.
• 

  PfBlockerNG v2.0 w/DNSBL
  • BBcan177

  1066
  0
  Votes
  1066
  Posts
  429522
  Views

  I

  @bbcan177 said in PfBlockerNG v2.0 w/DNSBL: @ibbetsion said in PfBlockerNG v2.0 w/DNSBL: I'm looking to get started with PfBlockerNG but am confused as to which version I should get started with, the "dev" version or the stable one? Any pointers on differences between the two will be immensely helpful. https://forum.netgate.com/topic/135708/is-pfblockerng-devel-stable Thank you.
• W

  PfBlockerNG
  • wbennett77

  1189
  0
  Votes
  1189
  Posts
  408940
  Views

  

  @BrettC: Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands? No the quote is used in the grep command to find an exact match starting with the first quotation mark in the line…  The 502 error is being worked on...  The upcoming release doesn't seem to be affected by this and will hopefully be released shortly... Stay tuned!
• J

  Install of -devel failed
  • JonH

  2
  0
  Votes
  2
  Posts
  76
  Views

  J

  Attaching the /conf pkg-log text file which appears that the install is in good order. 0_1547868374225_pkg_log_pfSense-pkg-pfBlockerNG-devel-2.txt.zip
• Y

  PfblockerNG to block porn
  • yeleek

  3
  0
  Votes
  3
  Posts
  163
  Views

  A

  Blocking porn is really difficult with DNSBL. There are millions of domains. This is what you can do: Enable the TLD option, and add "xxx" to the TLD Blacklist customlist. Then it will block any domain in the "xxx" TLD. In EasyList, there are Adult Popups that are blocked, but that just removes the Adult AD popups, and not the Adult sites themselves. A Proxy will be the best option to filter that type of content. SquidBlacklist/UT1 have some Adult categories which list quite a few Adult domains. It’s not foolproof either. Just be careful about MITM SSL issues.
• G

  Is there any way to load this list?
  • guardian

  16
  0
  Votes
  16
  Posts
  336
  Views

  

  Install Cron package and then you could run a cron shell job 15 min before PfblockerNG Cron Update that download and process the list to a local file to be ready for processing.
• N

  Protect open ports with PFBlockerNG
  • NasKar

  3
  0
  Votes
  3
  Posts
  141
  Views

  N

  So I should edit my port forward rules in NAT to add the a network alias for pfBlocker_NA IPv4 and IPv6. Like this Alias Port Forward rule
• Z

  Why is so difficult to block this specific website when using mobilephone's Chrome App?
  • Zist

  19
  0
  Votes
  19
  Posts
  627
  Views

  N

  @bbcan177 said in Why is so difficult to block this specific website when using mobilephone's Chrome App?: d its not possible to block that easily since its not on port 53. so gettin you right for optimal filter (pfB / DNSBL) experience it will be wise to not redirect to port 53 (as i mentioned in the work around) thanks for input ... makes totally sense br from snowLand
• O

  Python integration will let you use bigger list
  python • • oddussiben-3161

  2
  1
  Votes
  2
  Posts
  93
  Views

  O

  and unbound reloads instantaneously
• 

  pfBlockerNG-devel - Category Feed patch
  • BBcan177

  1
  0
  Votes
  1
  Posts
  155
  Views

  No one has replied

• R

  pfBlockerNG update error
  • reza.mnp

  2
  0
  Votes
  2
  Posts
  135
  Views

  

  CoinBlocker feed is on gitlab.io, so maybe that is being blocked? Can you get to that domain? The Dyre feed is down. Not sure when it will return. The other Abuse feeds came back online tho: https://www.reddit.com/r/pfBlockerNG/comments/a6zs1u/abuse_sslbl_is_back_online/
• Y

  Custom blacklist for a hostname?
  • yyz

  6
  0
  Votes
  6
  Posts
  203
  Views

  

  @bbcan177 Thank you. I did that and it works!
• N

  Why is DNSBL Category Blacklist Category UT1 unblocking working blocks [SOLVED]
  • noplan

  4
  0
  Votes
  4
  Posts
  115
  Views

  N

  WORKED LIKE A CHARM ! thx !
• V

  Getting a list of .bid IP's
  • veldthui

  20
  0
  Votes
  20
  Posts
  397
  Views

  

  @veldthui said in Getting a list of .bid IP's: and have not had any spam for the last two days. Music to my ears :)
• J

  PfBlockerNG Error
  • jlee18

  15
  0
  Votes
  15
  Posts
  382
  Views

  

  @tippet5x said in PfBlockerNG Error: pfSense-pkg-pfBlockerNG: 2.1.4_14 [pfSense] Update to pfBlockerNG v2.1.4_16 which has this issue fixed... You can also move to pfBlockerNG-devel which is much improved.
• S

  pfBlockerNG-devel | Resolver settings | pfSense crashing / Not resolvable
  • StyleNZ

  12
  0
  Votes
  12
  Posts
  211
  Views

  S

  Sorry, after further testing, unbound is needing to be manually stopped if pfblocker is enabled in order to make setting changes to DNS resolver. Not the pfblocker services. Do DNS resolver config changes work fine for you both without needing to manually interfere with stopping unbound? I just find it odd cause ive done 3-4 reinstalls lately and it’s presented this problem to me in all instances. The only thing that I guess has changed as of recently is using the devel release. I don’t recall having to manually stop unbound previously. Anyway, this can be marked as resolved as I don’t know if this is how it’s intended to be but I’ve managed a workaround. Cheers for the awesome package BBcan! It’s some great stuff. I’ll flick you a donation to show my appreciation.
• G

  Alerts not showing properly
  • guardian

  11
  0
  Votes
  11
  Posts
  273
  Views

  S

  Hi, I believe I had run into this exact issue myself and this happened upon across multiple installs of it too. I narrowed it down to the fact that some of the log files were not being created for any odd reason. For each of the log files, make sure they exist, and if they don't, manually create them using touch.
• B

  pfBlockerNG Permit Inbound Wildcard Domain
  • Brailyn

  3
  0
  Votes
  3
  Posts
  132
  Views

  

  More info here.... I'd like to add a page for this in the GUI, but too much to do with so little time.... https://www.reddit.com/r/pfBlockerNG/comments/9vwkmm/ip_ranges_for_amazon_aws/ ps - Come and subscribe to the reddit page :)
• C

  Support IP2Location LITE?
  • christopa1999

  1
  0
  Votes
  1
  Posts
  78
  Views

  No one has replied

• K

  DNSBL Listner IP casing serious Firewall issues
  • keyser

  7
  0
  Votes
  7
  Posts
  255
  Views

  K

  Hmm, I see. edit: Or at least I think I see. In the above example it’s only timing out when actually trying to talk (ping) to the resolved address. The lookup works fine. I don’t really see why that is a big issue since talking to a blocked domainname from PFsense itself should not be necessary anyhow. I mean, that doesn’t work now with the VIP adress either. You are only talking with an “empty” replacement Weebservice that has no data. Is there any situation where you are depending on the firewall itself needs to be able to ping the address? Anyhow Two things: 1: Could this issue be solved by making a VIEW in UNBOUND so the PFsense box itself is in another VIEW Zone with no PFblock.conf attached? 2: Alternatively, could “disabling VIP Alias” also entail that the PFsense box itself then is setup to NOT use the build in UNBOUND resolver?
• S

  Geolite database discontinued - any plans on updating pfBlockerNG.
  • StaticDragon

  8
  0
  Votes
  8
  Posts
  438
  Views

  

  Posted two PR to fix this issue. See my recent posts in this forum.
• G

  When is pfblockerNG-devel going to be pfblockerNG?
  • guardian

  2
  0
  Votes
  2
  Posts
  175
  Views

  

  @guardian said in When is pfblockerNG-devel going to be pfblockerNG?: Any idea when pfblockerNG-devel going to be the production version? Likely Feb 2019
• 

  "DNSBL out of sync" warning fixing
  • chudak

  4
  0
  Votes
  4
  Posts
  119
  Views

  

  @ronpfs That was it!.. thx
• M

  Unbound crashing
  • mloiterman

  12
  0
  Votes
  12
  Posts
  1098
  Views

  B

  @bbcan177 said in Unbound crashing: @bouke said in Unbound crashing: pfBlockerNG-devel 2.2.5_19 You can try the new "Live Sync" feature, which will update the changes on the fly without an Unbound Reload. But that is only when the package updates DNSBL/Unbound and not any DHCP updates to Unbound from the pfSense side. Happy new year and thanks. Just enabled this feature on 01-01-2019 08:05 am (local time) ;-)
• F

  [SOLVED] pfBlockerNG - Reloading unbound fails
  • fpv

  12
  0
  Votes
  12
  Posts
  3248
  Views

  N

  same here, after deleting unbound_control.key unbound_control.pem unbound_server.key unbound_server.pem reboot everything worked no error in unbound-control -c /var/unbound/unbound.conf status
• S

  A couple of thoughts on the CARP VIP setting in pfBlockerNG-devel 2.2.5_19.
  • silentnomad

  3
  0
  Votes
  3
  Posts
  130
  Views

  S

  @bbcan177 Thank you, sir! pfBlockerNG-devel is a great upgrade. I really like the IP and domain block feeds list :)
• P

  pfblocker-dev, DNSBL not working at all.
  • pfblocking

  2
  0
  Votes
  2
  Posts
  108
  Views

  P

  I have already determined the cause of my problem. The lab workstation i was using to test this out with still had static DNS server entries configured on one of the network adapters I was using. Once I pointed them all to my pfsense box, everything was working fine. I feel stupid for having overlooked something so simple.
• V

  Getting Hammered
  • veldthui

  6
  0
  Votes
  6
  Posts
  243
  Views

  V

  @gertjan said in Getting Hammered: I you liked the port-knocking on "22", have a look at what happens on your port "25" and "443", you'll be amazed. Seeing a few on 443 and a couple on 25. Normally, your mail server already has something like fail2ban and a rather huge setup to filter out fake connection, like temptation to relay, temptations to load your inbox with spams, etc. A (internal, on a LAN) web server (port 443) : same thing : a real hail storm. Not filtering these servers can put a real load on your servers. It is a Exchange server and not set up for routing mails and any attempt to route through it just gets rejected. I also have a large set of rules to reject spam but wanted to use pfBlockerNG to block out spamming IP's. YEs exchange can do it but requires the Edge Server to do it. Dont want another VM running to to do IP filtering. I realise they are scripts trying as well on the ports rather than real humans.
• 

  pfBlockerNG enabling sync option
  • safarad

  1
  0
  Votes
  1
  Posts
  261
  Views

  No one has replied

• P

  PiHole URl
  • patrick0525

  6
  0
  Votes
  6
  Posts
  222
  Views

  P

  Thanks
• 

  pfBlocker without dnsbl configuration
  • safarad

  2
  0
  Votes
  2
  Posts
  113
  Views

  

  Yes, you don't have to enable DNSBL.
• T

  CARP / Virtual IP / Backup Skew
  • talaverde

  3
  1
  Votes
  3
  Posts
  145
  Views

  T

  Yea, it's been auto-changing back to often. I've finally given up on the 'CARP' feature and just switched it back to the old 'IP alias'. Not sure what features I'll lose but it can't be worse than a misconfigured virtual IP.
• P

  PfBlockerNG w/ DNSBL > Squid(+Guard) for Content Filtering?
  • pfBasic

  16
  0
  Votes
  16
  Posts
  6818
  Views

  M

  @mrglasspoole hi; I had to turn off ipv6 which i don't use(ignored in linux) and this is on a dual core AMD APU with 4 gigs. I also have issues with abuse list at first before killing ipv6 in pf latest and running out of ram issue. but at least it tells you and shuts down. but would like the caching squid had and av.
• B

  could not update pfBlockerTopSpammers
  • bplein

  4
  0
  Votes
  4
  Posts
  106
  Views

  

  @bplein said in could not update pfBlockerTopSpammers: @ronpfs Thanks. It was in the Aliases/URLs section! Wow that was the old pfblocker version from over 4 years ago :)
• M

  Understand alert
  • MOdesty

  3
  0
  Votes
  3
  Posts
  117
  Views

  M

  @teamits said in Understand alert: yes Thanks for your thorough answer It clarified my question perfect!