I know this thread is old but I have the same issue on two different machines. I'm using pfSense 2.4.5 stable and pfBlocker-NG devel 2.2.5_32. The IPv6 filtering works fine but I don't get any logs showing this.

If I click on the "37" for the matched IPv6 addresses it shows nothing.

Unbenannt.JPG

Unbenannt2.JPG

Hello!

I would recommend reading through all of the dropdown text under the little blue "infoicon" links for the TLD option and all of the whitelist/blacklist options on the pfb -> dnsbl page. There is some great info in there.

John

the package maintainer's suggestion (BBcan177) for a long time is to use pfBlockerNG - devel (current - 2.2.5_32)
there are plenty of fixes in it (also applies to GeoIP)

5f4c0e7a-ac4a-4c90-9039-a439269d13c7-image.png

BTW: this also applies to the pfSense version (2.4.5)

I think I have this fixed now. I had a couple of lists reporting errors on downloading and that they were using previous data. As they had been down for a few weeks I decided to remove them and the error messages have stopped. These down lists had been giving giving errors for 2 weeks or more before this issue appeared.

My steps above worked with one addition...New Step #1...this most important...Backup the pfsense configuration before doing the rest.

No issues, running -devel version now. I thought I had a problem because the exact day/time I did this was when the community wide package certificate issue was going on & I wasn't able to load packages. Works now.

I would say my step #4 above is not necessary unless you have manually entered pfBlockerNG related custom options in the DNS Resolver. If not, the one that the system automatically places there during installation will also be removed when uninstalling.

The answer on

https://forum.netgate.com/topic/153909/pfblockerng-devel-dnsbl-safesearch-exclusion-list

@viktor_g
Thank you for your help.

I works for me, otherwise I would be in trouble.
As shown, I added several domains myself.

The format is very important. One space or dot on the wrong place, and it's "BS-in-BS-out" time.

The (multiple) pfBlocker logs don"t sow any awkward warning or error messages ?

@DjAlbert said in Manual Whitelist dont work:

But when i add a Whitelist from the Reports/alert tab it works instantly.

I'm not sure, but my entries all came from me, whitelisting from the Report/Alert tab.

It always works like that : you add some feeds and the you follow the alerts for some time, whilte-listing all false-positives.

I have the same problem but also my google home is blocking, i have added some IP adresses of google but not helped me.

Anyone a suggestion about that? I think i am not the anyone that this problem have with Google services.

I actually agree with you, but if I think about it better, then not. ☺
In case, if we always let them to observe us and let's say it still fits, it will only be catastrophic this situacion.
The people you're talking about on flower language, we gave them all the technology to make them for us afterwards.
They’re just smoothly seizing the opportunity and have grown bigger ever since.
Maybe it’s basically our fault for getting here.
So I destroy down telemetry as much as possible.

@Gertjan Okay so put simply, it's just not possible ☹

Thanks anyway :)

Install the latest version pfBlockerNG-devel 2.2.5_32

This will show you what you need to know explicitly :

b0183606-b46e-4d3a-a8cd-401a9fc11ac9-image.png

Implicit :
You need to know how to access the pfSense file system.
You need to know what a file is. What a PHP file is.
Then use "dnsbl_default.php" as a starting point to write you own php file.

@NollipfSense I think I sussed it...

I had the Alexa Top1M set to 500K thinking this was a verified list.

I've changed it 10K and it seems to be blocking everything in the list now.

Anything wrong with using this list or setting it to 10K if using it?

Thanks @jazzl0ver, I found that article a couple days ago. So far error hasn't returned however previously it would come up at random times, not consistent hence fingers crossed.

On 2.4.5 that is not indicative of the size of your tables. If it was, it would have a different error that says there are too many entries. This error on 2.4.5 means that it didn't have enough memory at that moment to load the table. Generally it's non-fatal, however, as a later filter reload will likely succeed.

Check the table in question and see if it contains the values you expect. If it does, there isn't likely much to worry about.

This can happen on systems with low RAM or many packages running which consume memory (especially kernel memory).

It should be better on 2.4.5-p1, though that particular scenario is more difficult to isolate and test.

@gnichols said in pfblockerng-devel causing browsers security alert:

I've installed pfblockerng-devel but having a problem with browsers throwing an privacy/security alert on google ads and other links tied to google services. It appears that it's breaking HTTP Strict Transport Security. I want to continue using pfblockerng but is there a way to fix this? Any help is appreciated!

That's because you enabled rules that blocks those domains with ad content ... you can go to Firewall > pfBlockerNG > Alerts then scroll down to DNSBL then look for the domain you wanted to visit and click the plus symbol (+) to add to whitelist.

@RonpfS
I tried that, but I'm only able to get an entire interface to bypass DNSBL. The top post shows where they are able to get a single host to bypass DNSBL, while everything else in that /24 is sent DNSBL That part doesn't seem to work for me.

In the IPv4/6 tabs (devel version) you can change the "State" setting to "GeoIP" and use that to create your own combination of ISOCodes as required. The Source field is an autocomplete field, so after a few typed characters, it will show all available matches. Then use the TAB key to auto-populate the Label field.

@n257jy I would add to custom list than ditch the feed ... congrats on the self-learning that brought you more confidence as network administrator.