pfBlockerNG

• N

  Bypassing DNSBL for specific IPs
  • Ns8h

  6
  1
  Votes
  6
  Posts
  3707
  Views

  R

  One topic I keep not seeing is what if you want to block X for all. But by pass Y for a few and still block X.
• 

  Support pfBlockerNG development!
  • ivor

  3
  2
  Votes
  3
  Posts
  3122
  Views

  A

  I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension. Looking forward to it. I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard. Great work hope it's coming along well ;) Great job.
• K

  Thanks BBCAN177 !
  • Koent

  5
  0
  Votes
  5
  Posts
  2470
  Views

  S

  As pointed out to me in another post. https://forum.pfsense.org/index.php?topic=139634.0
• 

  PfBlockerNG v2.1 w/TLD
  • BBcan177

  122
  0
  Votes
  122
  Posts
  51265
  Views

  H

  I'm having problems with iOS 11.3 BETA. It seems that safari can't go to 0.0.0.0 and pages can't load. Solution was to reinstall package and use the VIP address, as I was using the certificate hack and 0.0.0.0.
• 

  PfBlockerNG v2.0 w/DNSBL
  • BBcan177

  1070
  0
  Votes
  1070
  Posts
  438202
  Views

  M

  @anttechs said in PfBlockerNG v2.0 w/DNSBL: Many thanks ;) You're welcome I disabled TLD because I had .com and most of the others in there Yeap, that would be it! Cheers
• W

  PfBlockerNG
  • wbennett77

  1189
  0
  Votes
  1189
  Posts
  413159
  Views

  

  @BrettC: Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands? No the quote is used in the grep command to find an exact match starting with the first quotation mark in the line…  The 502 error is being worked on...  The upcoming release doesn't seem to be affected by this and will hopefully be released shortly... Stay tuned!
• A

  How to block an ip range from any company.
  • anttechs

  6
  0
  Votes
  6
  Posts
  108
  Views

  

  facebook.com is not only Your image indicates that facebook uss one (1) IPv6. The own entire AS's with huge IPv6 ranges. IPv4 : same thing.
• C

  DNSBL not activating
  • CyberMinion

  13
  0
  Votes
  13
  Posts
  139
  Views

  

  If you inspect the pfblockerng.log it has been saying that for every Cron update or Force Reload DNSBL since you enable TLD. To track memory usage, use Status Monitoring , System Memory
• A

  pfBlockerNG-devel 2.2.5_21 / Ad Blocking advice
  • adamdbuk

  3
  0
  Votes
  3
  Posts
  138
  Views

  C

  I've been using some Pi_Hole blacklists too, which you could try: http://sysctl.org/cameleon/hosts (Cameleon ads) https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist (Zeustracker Ads) https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt (Disconnect Me Trackers) https://hosts-file.net/ad_servers.txt (Hosts File Ads) https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts (Steven Blacklist) You could also try adding the (slightly outdated?) BlueTack ad server IP list to your firewall. Just make an alias, clean up the list, and import it. https://www.iblocklist.com/list?list=dgxtneitpuvgqqcpfulq&fileformat=p2p&archiveformat=7z Note that it is a pretty big list, so one you import it, expect it to take a little while if you ever want to go back in and view/edit it. For me, it takes almost 5 minutes to load that alias edit page. I hope this helps!
• P

  pfBlockerNG v2.1.4_16 pfB_Top_v4 block count = 0?
  • penicheiro

  2
  0
  Votes
  2
  Posts
  42
  Views

  P

  OK Fixed the error on block count =0 It turns out table usage counts were greater than Table Entries Hard Limit. Hard limit was defaulted to 400000, and lists were slightly greater than that. Increased to 600000, and seems we are ok now.
• 

  Difference between blocked answer?
  • periko

  2
  0
  Votes
  2
  Posts
  58
  Views

  

  DNSBL http server return different response to the browser depending on what is in the URL : 1x1gif for picture, Javascript or the Blocked page when there is only the domain name in the URL : http://example.com/
• 

  (solved)dnsbl feeds position matters?
  • periko

  5
  0
  Votes
  5
  Posts
  93
  Views

  

  @ronpfs, thanks for pointing this detail.
• 

  Whitelist domain not working
  • periko

  3
  0
  Votes
  3
  Posts
  87
  Views

  

  I had check this, I understand part of how it works. Thanks RonpfS.
• T

  pfBlockerNG Feeds - How many is too many?
  • talaverde

  6
  0
  Votes
  6
  Posts
  161
  Views

  T

  Okay, it sounds like there is a clear wall. That's good to know. Thanks.
• 

  pfb_dnsbl, pfb_filter and Unbound error at reboot
  • Qinn

  7
  0
  Votes
  7
  Posts
  104
  Views

  

  @ronpfs said in pfb_dnsbl, pfb_filter and Unbound error at reboot: TLD will slow down Cron update but will shrink the size of the DNSBL db Live Reload seems to fail without TLD @BBcan177 logged in here (Teamviewer) yesterday, maybe he can come up with something.
• S

  DSNBL error: connect: Can't assign requested address for 127.0.0.1 port 953
  • SnowmanUT

  28
  0
  Votes
  28
  Posts
  362
  Views

  

  https://forum.netgate.com/topic/104772/unbound-restarting https://forum.netgate.com/topic/138449/unbound-restarting-more-frequently Also if you use the Service Watchdog package make sure it does not monitor unbound.
• 

  No DNSBL Blocking after scheduled update
  • m0urs

  11
  0
  Votes
  11
  Posts
  264
  Views

  T

  Just wanted to report back that its been a few days and I can confirm that disabling Live Sync does indeed solve this issue for myself. Since disabling, DNSBL has been blocking as it should after the cron runs. Thanks for the tip on disabling the "Resolver Live Sync" @RonpfS
• J

  Constant unbound reloading with DNSBL
  • j.koopmann

  7
  0
  Votes
  7
  Posts
  95
  Views

  

  @j-koopmann said in Constant unbound reloading with DNSBL: Any ETA or version? We are in the debugging phase now. No ETA is planned yet.
• G

  Updated lists
  • gnordli

  3
  0
  Votes
  3
  Posts
  150
  Views

  G

  thanks again, I will give the -devel version a look.
• G

  Blueliv.com api
  • gnordli

  3
  0
  Votes
  3
  Posts
  104
  Views

  G

  Thanks, but from what I can see they don't a URL auth mechanism.
• N

  Constant update errors...
  • nafeasonto

  6
  0
  Votes
  6
  Posts
  92
  Views

  

  Well from pfB_PRI1_v4 - Abuse_DYRE_v4 you could decode that : It IPv4 Table PR1, the Header/Label is PRI1_Abuse_DYRE Go to Firewall / pfBlockerNG / IP / IPv4 select PRI1 Table, then change the State of PRI1_Abuse_DYRE to off
• C

  pfBlockerNG not blocking URLs from feed list
  • chicagoukes

  3
  0
  Votes
  3
  Posts
  108
  Views

  C

  Thank you so much for the link. This worked. I've enabled the ad/malware lists from the tutorial and added Steve's Black Lists for adult content. I was also able to add the easy lists. Unfortunately I quickly found that some common URL's are note on these lists. I am going to open a new thread trying to get OpenDNS working as another layer. Unfortunately I've found that if I follow a setup for open DNS it breaks the platform.
• 

  pfBlockerNG Sneak peak! Event Timeline charting
  • BBcan177

  1
  0
  Votes
  1
  Posts
  85
  Views

  No one has replied

• J

  pfBlockerNG specific port access...
  • Jhendo6

  3
  0
  Votes
  3
  Posts
  87
  Views

  J

  Thanks BBcan177, I will check out the rule ordering option. For now I have disabled cron jobs to keep my 53/25 rules at the top but realize that is a temporary work around. I my logic correct in that by selecting all countries, setting list action to Deny Inbound, and using Customer DST Port with an alias with the following ports ranges: 1:24, 26:52, 54:586, 588:65535 w/custom protocol to TCP/UDP that I would be essentially blocking all TCP/UDP traffic from the countries selected accept for 25,53, and 587? Thanks again for you help.
• S

  PBLCOKER and Invalid Certificate
  • Simbad

  2
  0
  Votes
  2
  Posts
  78
  Views

  

  See this thread: https://www.reddit.com/r/pfBlockerNG/comments/ao98u1/dnsbl_certificate_error/
• P

  shortened URLs are blocked with https error
  • paulnlynda

  4
  0
  Votes
  4
  Posts
  72
  Views

  

  Then find and disable that specific pfB block. I can't be more specific because I don't use it myself. Maybe this will help? https://forum.netgate.com/topic/101452/url-shortener-blocked/3
• C

  need help with pfblocker
  • catalinn.stanciu

  15
  0
  Votes
  15
  Posts
  295
  Views

  C

  @emammadov thank you!
• C

  pfBlockerNG-devel
  • cdls

  6
  0
  Votes
  6
  Posts
  179
  Views

  

  @cdls make sure that you are on version 2.2.5_21 as there was a fix for Category Blacklists.
• J

  PHP Error Help
  • jpvonhemel

  3
  0
  Votes
  3
  Posts
  68
  Views

  

  @jpvonhemel Install pfblockerNG-devel, as it's much improved
• T

  Blocking Youtube Ads
  • thezfunk

  27
  0
  Votes
  27
  Posts
  6432
  Views

  L

  @motific Any specific settings I should use under "Diagnostics: Packet Capture"? I'm not sure what I'll be looking for but I sure can try. Also to clarify, the ads do not show up using desktop browsers. I only see youtube ads when using the youtube app with iPads and iPhones. Don't have an android to test with.
• L

  YouTube ads coming thru on AppleTV for some time now.
  • lmannyr

  2
  0
  Votes
  2
  Posts
  109
  Views

  

  @lmannyr said in YouTube ads coming thru on AppleTV for some time now.: How do I add the ip to "manifest.googlevideo.com" to pfblocker? DNSBL doesn't operate in the IP space, it operates in the Domain Name space. You can add the domain name to a DNSBL Custom_List in any DNSBL Group. You could also create a new DNSBL group and put it in the group DNSBL Custom_List. You need to do a Force Reload DNSBL after.
• L

  PfblockerNG breaks host override
  • l0rdraiden

  10
  0
  Votes
  10
  Posts
  216
  Views

  

  @l0rdraiden said in PfblockerNG breaks host override: But is a bug that will be fixed or I can not enable that setting if I want to use host override? Let's see if it fix the failure mode after next Cron update. Resolver Live Sync make dynamic change to Unbound db on the fly. When you disable it, Unbound will reload the pfb_dnsbl.conf file instead. Depending on your host override settings, it may break the Resolver Live Sync. If you send me your host override settings by MP, I may find what's wrong. Well there is no MP on this forum. Let's try a chat instead. Host Override are in /var/unbound/host_entries.conf Domain Override are in /var/unbound/domainoverrides.conf
• W

  Advice - Allowing client to bypass pfblocker-ng
  • wesfox

  6
  0
  Votes
  6
  Posts
  443
  Views

  

  I'd change the allow rules to "LAN net" (or in case of the .10.3 an alias) and the block rule to source any? So you block out unwanted clients, that may have been connected to the network and setup with an alternative IP range? And wouldn't "This Firewall" be good instead of "LAN address" in case you upgrade that to a CARP setup? Just a thought
• N

  For some reason this isn't working for me
  • nafeasonto

  3
  0
  Votes
  3
  Posts
  81
  Views

  

  Did you run a Force Update or a Force Reload after making the change?
• G

  DNS fails when DNSBL (pfBlockerNG-devel 2.2.5_21) is enabled
  • gogglespisano

  10
  0
  Votes
  10
  Posts
  278
  Views

  G

  I found the problem. I had a rule that needed the 10.0.0.0 subnet added. When the DNSBL VIP was added, some traffic to pfSense got blocked.
• S

  Pfblocker (DNSBL) and android amazon app (android web viewer) issue "SOLVED"
  • scorpious

  13
  0
  Votes
  13
  Posts
  7117
  Views

  B

  I was just running into a similar issue (Amazon Android App not working) My shortly added Domain Whitelists are the following: .c.amazon-adsystem.com # Amazon Advertisements .d1ykf07e75w7ss.cloudfront.net # CNAME for (c.amazon-adsystem.com) .fls-eu.amazon.de .fls-eu.amazon.com # CNAME for (fls-eu.amazon.de) .gateway.prod.eu-west-1.forester.a2z.com # CNAME for (fls-eu.amazon.de) .endpoint.prod.eu-west-1.forester.a2z.com # CNAME for (fls-eu.amazon.de) .mads.amazon-adsystem.com # Amazon Adsystem Mads .amazon-adsystem.com # Amazon Adsystem MADS As you see it is a little bit unsorted what I track back to my whitelisting flow... You should not just copy & paste it as in your region and on your phone / setup / yet added Domains on the Whitelist it may work or even not work. The process is easy. run your apps and keep about 5-10 secs after reload the DNSBL Alert Tab check for potentially corresponding Domains whitelist them** ** First I added them manually to the Domain Whitelist which did not work (I guess the CNAMEs might have been missing...) It is uncomfortable to whitelist them automatically by the + Sign as every Alert Tab Reload takes Ages to reload... But anyway, at least it was necessary for me to get the CNAMEs, too, as it did not seem to work without them. BTW this is also the reason why the List seems to be so unsorted, I added several before the automatic initiated Alert Tab Reload (and maybe the hidden but initiated Reload-DNSBL for adding the new Entries) accomplished.
• 

  devel v2.2.5_19 - Feeds not added to 'DNSBL Feeds'
  • RyanM

  12
  1
  Votes
  12
  Posts
  450
  Views

  G

  This also happened for me with a clean install of 2.2.5_21.
• L

  Package Manager info link
  • lohphat

  1
  0
  Votes
  1
  Posts
  60
  Views

  No one has replied

• C

  How good is it working for you?
  • Copesd

  1
  0
  Votes
  1
  Posts
  106
  Views

  No one has replied

• P

  Completely remove pfBlockerNG-Devel (manually)
  • peehoo

  3
  0
  Votes
  3
  Posts
  147
  Views

  

  Did you disable pfblockerNG before removing the package? You could try to uncheck both, save, then remove the package.