pfBlockerNG

• N

  Bypassing DNSBL for specific IPs
  • Ns8h

  8
  1
  Votes
  8
  Posts
  3804
  Views

  K

  @periko Put the settings directly into a custom field, this is the only place the ACLs are defined. Reference: https://jpmens.net/2016/12/20/unbound-supports-views-for-local-data/ My implementation using the information in this post: https://mitky.com/pfblockerng-pfsense-filter-specific-clients-computers-network/
• 

  Support pfBlockerNG development!
  • ivor

  3
  2
  Votes
  3
  Posts
  3135
  Views

  A

  I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension. Looking forward to it. I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard. Great work hope it's coming along well ;) Great job.
• K

  Thanks BBCAN177 !
  • Koent

  5
  0
  Votes
  5
  Posts
  2479
  Views

  S

  As pointed out to me in another post. https://forum.pfsense.org/index.php?topic=139634.0
• 

  PfBlockerNG v2.1 w/TLD
  • BBcan177

  122
  0
  Votes
  122
  Posts
  51351
  Views

  H

  I'm having problems with iOS 11.3 BETA. It seems that safari can't go to 0.0.0.0 and pages can't load. Solution was to reinstall package and use the VIP address, as I was using the certificate hack and 0.0.0.0.
• 

  PfBlockerNG v2.0 w/DNSBL
  • BBcan177

  1070
  0
  Votes
  1070
  Posts
  439204
  Views

  M

  @anttechs said in PfBlockerNG v2.0 w/DNSBL: Many thanks ;) You're welcome I disabled TLD because I had .com and most of the others in there Yeap, that would be it! Cheers
• W

  PfBlockerNG
  • wbennett77

  1189
  0
  Votes
  1189
  Posts
  413612
  Views

  

  @BrettC: Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands? No the quote is used in the grep command to find an exact match starting with the first quotation mark in the line…  The 502 error is being worked on...  The upcoming release doesn't seem to be affected by this and will hopefully be released shortly... Stay tuned!
• A

  How to block an ip range from any company.
  • anttechs

  8
  0
  Votes
  8
  Posts
  174
  Views

  C

  yeah, those are single addresses. You will need ranges, using CIDR notation, like 10.10.0.0/24, or simply a dash, like "1.1.1.1-2.2.2.2". Be careful with these, as it is easy to block too much if you don't know what you are doing, and really mess things up. As long as you don't block your access to the firewall, you can do a little trial and error if needed, though. Facebook has so many IPs though, it's not even funny. They also use datacenters which other companies use, so in an attempt to block Facebook, you may be killing off hundreds of other websites and services running from the same datacenter, or another similar connection. Entire governments are struggling to block services like Facebook, so it's probably not going to be all that easy. This is still something good to learn, but would you be better off just using something like pfBlockerNG's DNSBL? With that, you can just specify that "Facebook.com" should be redirected to a dummy internal server, thus preventing access. For this to work, you do need to have your own DNS server, but pfSense makes that easy.
• 

  Working Blocking with fast CLOUDFLARE DNS - incl Torguard VPN
  • ressurex

  3
  0
  Votes
  3
  Posts
  40
  Views

  

  i already done this.. Torguard has 4 DNS servers, and the fastest two i used is in france. since im from scandinavia, using cloudflare DNS servers from the same city i live in makes the response timings go from above 40ms to under 20 ms.. avarage 14 ms.. this makes my browsing much less inpatient
• J

  pfBlockerNG specific port access...
  • Jhendo6

  5
  0
  Votes
  5
  Posts
  130
  Views

  

  @jhendo6 You can always use "Alias Type" rules and then manually create the firewall rules to suit your needs... Refer to the blue infoblock icon for the "Action" icons.
• 

  Facebook blocked but don't receive the icon or message?
  • periko

  1
  0
  Votes
  1
  Posts
  29
  Views

  No one has replied

• S

  DSNBL error: connect: Can't assign requested address for 127.0.0.1 port 953
  • SnowmanUT

  29
  0
  Votes
  29
  Posts
  405
  Views

  S

  @BBcan177 fixed my issue which was unrelated to pfblocker. Somehow my Pfsense became corrupted related to the unbound_control.key and unbound_server.pem. He got it to generate new ones that fixed unbound which in turn got Pfblocker working. We are not sure why it happened but he is reporting issues to them. Owe him for sure, great guy.
• C

  DNSBL not activating
  • CyberMinion

  13
  0
  Votes
  13
  Posts
  163
  Views

  

  If you inspect the pfblockerng.log it has been saying that for every Cron update or Force Reload DNSBL since you enable TLD. To track memory usage, use Status Monitoring , System Memory
• A

  pfBlockerNG-devel 2.2.5_21 / Ad Blocking advice
  • adamdbuk

  3
  0
  Votes
  3
  Posts
  179
  Views

  C

  I've been using some Pi_Hole blacklists too, which you could try: http://sysctl.org/cameleon/hosts (Cameleon ads) https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist (Zeustracker Ads) https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt (Disconnect Me Trackers) https://hosts-file.net/ad_servers.txt (Hosts File Ads) https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts (Steven Blacklist) You could also try adding the (slightly outdated?) BlueTack ad server IP list to your firewall. Just make an alias, clean up the list, and import it. https://www.iblocklist.com/list?list=dgxtneitpuvgqqcpfulq&fileformat=p2p&archiveformat=7z Note that it is a pretty big list, so one you import it, expect it to take a little while if you ever want to go back in and view/edit it. For me, it takes almost 5 minutes to load that alias edit page. I hope this helps!
• P

  pfBlockerNG v2.1.4_16 pfB_Top_v4 block count = 0?
  • penicheiro

  2
  0
  Votes
  2
  Posts
  65
  Views

  P

  OK Fixed the error on block count =0 It turns out table usage counts were greater than Table Entries Hard Limit. Hard limit was defaulted to 400000, and lists were slightly greater than that. Increased to 600000, and seems we are ok now.
• 

  (Solved)Difference between blocked answer?
  • periko

  2
  0
  Votes
  2
  Posts
  77
  Views

  

  DNSBL http server return different response to the browser depending on what is in the URL : 1x1gif for picture, Javascript or the Blocked page when there is only the domain name in the URL : http://example.com/
• 

  (solved)dnsbl feeds position matters?
  • periko

  5
  0
  Votes
  5
  Posts
  107
  Views

  

  @ronpfs, thanks for pointing this detail.
• 

  Whitelist domain not working
  • periko

  3
  0
  Votes
  3
  Posts
  98
  Views

  

  I had check this, I understand part of how it works. Thanks RonpfS.
• T

  pfBlockerNG Feeds - How many is too many?
  • talaverde

  6
  0
  Votes
  6
  Posts
  184
  Views

  T

  Okay, it sounds like there is a clear wall. That's good to know. Thanks.
• 

  pfb_dnsbl, pfb_filter and Unbound error at reboot
  • Qinn

  7
  0
  Votes
  7
  Posts
  117
  Views

  

  @ronpfs said in pfb_dnsbl, pfb_filter and Unbound error at reboot: TLD will slow down Cron update but will shrink the size of the DNSBL db Live Reload seems to fail without TLD @BBcan177 logged in here (Teamviewer) yesterday, maybe he can come up with something.
• 

  No DNSBL Blocking after scheduled update
  • m0urs

  11
  0
  Votes
  11
  Posts
  272
  Views

  T

  Just wanted to report back that its been a few days and I can confirm that disabling Live Sync does indeed solve this issue for myself. Since disabling, DNSBL has been blocking as it should after the cron runs. Thanks for the tip on disabling the "Resolver Live Sync" @RonpfS
• J

  Constant unbound reloading with DNSBL
  • j.koopmann

  7
  0
  Votes
  7
  Posts
  102
  Views

  

  @j-koopmann said in Constant unbound reloading with DNSBL: Any ETA or version? We are in the debugging phase now. No ETA is planned yet.
• G

  Updated lists
  • gnordli

  3
  0
  Votes
  3
  Posts
  158
  Views

  G

  thanks again, I will give the -devel version a look.
• G

  Blueliv.com api
  • gnordli

  3
  0
  Votes
  3
  Posts
  111
  Views

  G

  Thanks, but from what I can see they don't a URL auth mechanism.
• N

  Constant update errors...
  • nafeasonto

  6
  0
  Votes
  6
  Posts
  108
  Views

  

  Well from pfB_PRI1_v4 - Abuse_DYRE_v4 you could decode that : It IPv4 Table PR1, the Header/Label is PRI1_Abuse_DYRE Go to Firewall / pfBlockerNG / IP / IPv4 select PRI1 Table, then change the State of PRI1_Abuse_DYRE to off
• C

  pfBlockerNG not blocking URLs from feed list
  • chicagoukes

  3
  0
  Votes
  3
  Posts
  120
  Views

  C

  Thank you so much for the link. This worked. I've enabled the ad/malware lists from the tutorial and added Steve's Black Lists for adult content. I was also able to add the easy lists. Unfortunately I quickly found that some common URL's are note on these lists. I am going to open a new thread trying to get OpenDNS working as another layer. Unfortunately I've found that if I follow a setup for open DNS it breaks the platform.
• 

  pfBlockerNG Sneak peak! Event Timeline charting
  • BBcan177

  1
  0
  Votes
  1
  Posts
  95
  Views

  No one has replied

• S

  PBLCOKER and Invalid Certificate
  • Simbad

  2
  0
  Votes
  2
  Posts
  91
  Views

  

  See this thread: https://www.reddit.com/r/pfBlockerNG/comments/ao98u1/dnsbl_certificate_error/
• P

  shortened URLs are blocked with https error
  • paulnlynda

  4
  0
  Votes
  4
  Posts
  76
  Views

  

  Then find and disable that specific pfB block. I can't be more specific because I don't use it myself. Maybe this will help? https://forum.netgate.com/topic/101452/url-shortener-blocked/3
• C

  need help with pfblocker
  • catalinn.stanciu

  15
  0
  Votes
  15
  Posts
  303
  Views

  C

  @emammadov thank you!
• C

  pfBlockerNG-devel
  • cdls

  6
  0
  Votes
  6
  Posts
  189
  Views

  

  @cdls make sure that you are on version 2.2.5_21 as there was a fix for Category Blacklists.
• J

  PHP Error Help
  • jpvonhemel

  3
  0
  Votes
  3
  Posts
  81
  Views

  

  @jpvonhemel Install pfblockerNG-devel, as it's much improved
• T

  Blocking Youtube Ads
  • thezfunk

  27
  0
  Votes
  27
  Posts
  6587
  Views

  L

  @motific Any specific settings I should use under "Diagnostics: Packet Capture"? I'm not sure what I'll be looking for but I sure can try. Also to clarify, the ads do not show up using desktop browsers. I only see youtube ads when using the youtube app with iPads and iPhones. Don't have an android to test with.
• L

  YouTube ads coming thru on AppleTV for some time now.
  • lmannyr

  2
  0
  Votes
  2
  Posts
  114
  Views

  

  @lmannyr said in YouTube ads coming thru on AppleTV for some time now.: How do I add the ip to "manifest.googlevideo.com" to pfblocker? DNSBL doesn't operate in the IP space, it operates in the Domain Name space. You can add the domain name to a DNSBL Custom_List in any DNSBL Group. You could also create a new DNSBL group and put it in the group DNSBL Custom_List. You need to do a Force Reload DNSBL after.
• L

  PfblockerNG breaks host override
  • l0rdraiden

  10
  0
  Votes
  10
  Posts
  220
  Views

  

  @l0rdraiden said in PfblockerNG breaks host override: But is a bug that will be fixed or I can not enable that setting if I want to use host override? Let's see if it fix the failure mode after next Cron update. Resolver Live Sync make dynamic change to Unbound db on the fly. When you disable it, Unbound will reload the pfb_dnsbl.conf file instead. Depending on your host override settings, it may break the Resolver Live Sync. If you send me your host override settings by MP, I may find what's wrong. Well there is no MP on this forum. Let's try a chat instead. Host Override are in /var/unbound/host_entries.conf Domain Override are in /var/unbound/domainoverrides.conf
• W

  Advice - Allowing client to bypass pfblocker-ng
  • wesfox

  6
  0
  Votes
  6
  Posts
  458
  Views

  

  I'd change the allow rules to "LAN net" (or in case of the .10.3 an alias) and the block rule to source any? So you block out unwanted clients, that may have been connected to the network and setup with an alternative IP range? And wouldn't "This Firewall" be good instead of "LAN address" in case you upgrade that to a CARP setup? Just a thought
• N

  For some reason this isn't working for me
  • nafeasonto

  3
  0
  Votes
  3
  Posts
  84
  Views

  

  Did you run a Force Update or a Force Reload after making the change?
• G

  DNS fails when DNSBL (pfBlockerNG-devel 2.2.5_21) is enabled
  • gogglespisano

  10
  0
  Votes
  10
  Posts
  286
  Views

  G

  I found the problem. I had a rule that needed the 10.0.0.0 subnet added. When the DNSBL VIP was added, some traffic to pfSense got blocked.
• S

  Pfblocker (DNSBL) and android amazon app (android web viewer) issue "SOLVED"
  • scorpious

  13
  0
  Votes
  13
  Posts
  7159
  Views

  B

  I was just running into a similar issue (Amazon Android App not working) My shortly added Domain Whitelists are the following: .c.amazon-adsystem.com # Amazon Advertisements .d1ykf07e75w7ss.cloudfront.net # CNAME for (c.amazon-adsystem.com) .fls-eu.amazon.de .fls-eu.amazon.com # CNAME for (fls-eu.amazon.de) .gateway.prod.eu-west-1.forester.a2z.com # CNAME for (fls-eu.amazon.de) .endpoint.prod.eu-west-1.forester.a2z.com # CNAME for (fls-eu.amazon.de) .mads.amazon-adsystem.com # Amazon Adsystem Mads .amazon-adsystem.com # Amazon Adsystem MADS As you see it is a little bit unsorted what I track back to my whitelisting flow... You should not just copy & paste it as in your region and on your phone / setup / yet added Domains on the Whitelist it may work or even not work. The process is easy. run your apps and keep about 5-10 secs after reload the DNSBL Alert Tab check for potentially corresponding Domains whitelist them** ** First I added them manually to the Domain Whitelist which did not work (I guess the CNAMEs might have been missing...) It is uncomfortable to whitelist them automatically by the + Sign as every Alert Tab Reload takes Ages to reload... But anyway, at least it was necessary for me to get the CNAMEs, too, as it did not seem to work without them. BTW this is also the reason why the List seems to be so unsorted, I added several before the automatic initiated Alert Tab Reload (and maybe the hidden but initiated Reload-DNSBL for adding the new Entries) accomplished.
• 

  devel v2.2.5_19 - Feeds not added to 'DNSBL Feeds'
  • RyanM

  12
  1
  Votes
  12
  Posts
  458
  Views

  G

  This also happened for me with a clean install of 2.2.5_21.
• L

  Package Manager info link
  • lohphat

  1
  0
  Votes
  1
  Posts
  64
  Views

  No one has replied