Well, i guess this is the answer. The second router DNS has to be pointed to Pfsense DNS resolver address.

@durianbusuk

Thanks for this! Didn’t know about it and am trying it out now.

@lordofpc734 Oh nvm. i just had to rename the rules (changed pfB_ to pfb_) this was in some infoblock in the IPv4 page

@provels When you enable these you have the option of doing so. You can allow or block or use them as aliases.

@FMRC_Cheeky No worries. Don't be afraid to ask questions. You'll get up to speed faster than you may think!

I had to "recreate" my geo-IP alias for that, because I was not able to combine the existing one with the custom IP. But it works!
👍

@Gertjan Thanks.

Maybe one core isn't that bad. We'll see.

Looking good so far.

Is there a way to keep the list contents and disable future updates in pfBlockerNG? I selected Never for Update Frequency but I'm still getting download errors. Under DNSBL Source Definitions there is an option to place lists on HOLD, would this allow them to continue working without updating any more?

I don't see any harm in keeping the list active at least until another similar replacement can be found.

@Artes Yup just checked that out. Thanks again.

@T-Monster This is really weird. When I started to go through the setup again with the use of a website describing the process, I saw that what I was seeing for my pfBlockerNG was different from what was on the website. I went back to the package manager, searched on pfBlockerNG and found a much newer version, which I installed. Everything seems fine now. I have no idea where the older version of pfBlockerNG came from.

@BBcan177 Well that is definitely an answer! I had no idea that MaxMind thought it was also in Brazil. IDK if this is right or wrong or if I should even be blocking so much in my firewall as there are datacenters all over the world (these are outbound rules) but I dont use Bing and that IP seems to be a Microsoft "bingbot" according to Google. If the next release shows this better in the logs then I am happy. Thanks so much!

Output from those commands on my box.

mmdblookup -f /usr/local/share/GeoIP/GeoLite2-Country.mmdb -i 191.232.139.2 country iso_code "IE" <utf8_string> grep "191.128.0.0" /usr/local/share/GeoIP/* /usr/local/share/GeoIP/GeoLite2-Country-Blocks-IPv4.csv:191.128.0.0/12,3469034,3469034,,0,0 grep "3469034" /usr/local/share/GeoIP/GeoLite2-Country-Locations-en.csv 3469034,en,SA,"South America",BR,Brazil,0 mmdblookup -f /usr/local/share/GeoIP/GeoLite2-Country.mmdb -i 191.232.139.2 { "continent": { "code": "EU" <utf8_string> "geoname_id": 6255148 <uint32> "names": { "de": "Europa" <utf8_string> "en": "Europe" <utf8_string> "es": "Europa" <utf8_string> "fr": "Europe" <utf8_string> "ja": "ヨーロッパ" <utf8_string> "pt-BR": "Europa" <utf8_string> "ru": "Европа" <utf8_string> "zh-CN": "欧洲" <utf8_string> } } "country": { "geoname_id": 2963597 <uint32> "is_in_european_union": true <boolean> "iso_code": "IE" <utf8_string> "names": { "de": "Irland" <utf8_string> "en": "Ireland" <utf8_string> "es": "Irlanda" <utf8_string> "fr": "Irlande" <utf8_string> "ja": "アイルランド" <utf8_string> "pt-BR": "Irlanda" <utf8_string> "ru": "Ирландия" <utf8_string> "zh-CN": "爱尔兰" <utf8_string> } } "registered_country": { "geoname_id": 3469034 <uint32> "iso_code": "BR" <utf8_string> "names": { "de": "Brasilien" <utf8_string> "en": "Brazil" <utf8_string> "es": "Brasil" <utf8_string> "fr": "Brésil" <utf8_string> "ja": "ブラジル連邦共和国" <utf8_string> "pt-BR": "Brasil" <utf8_string> "ru": "Бразилия" <utf8_string> "zh-CN": "巴西" <utf8_string> } } }

I started noticing very weird blocked functions in my home network. My music server would not resolve http(s) get requests for streaming music, though I could on other devices. I could not resolve a domain name by typing the base URL in the address bar (like typing purple.com and get the page to load), but I could find it in a search bar and navigate to them and perform nslookups on them. I updated the main pfSense OS, but could not update any packages. Other weirdness that was not easy to categorize.

I tried to reboot the pfSense via the web and command menu - neither worked. I forced a hardware reboot and noticed many repeated errors on the console and system logs which read:
pfr_update_stats: assertion failed

Here is my solution, which is working for now:

In the Firewall / pfBlockerNG / General page, tick the box for "Suppression - This will prevent Selected IPs from being blocked. Only for IPv4 lists (/32 and /24)." and click the Save button for this page. In the Firewall / pfBlockerNG / General page, untick: Enable pfBlockerNG and Keep settings to disable them both. then click the save button. In the Firewall / pfBlockerNG / General page, tick only the Enable pfBlockerNG to enable and leave the Keep settings unticked/disabled. In the Firewall / pfBlockerNG / Update page, select the Select 'Force' option Update and click Run. Copy the output from this into a text file.

Use the text file to separate the results to find four types of results:

No Domains Found

Terminated - Easylists can not be used

Anything which is not working, such as a 404 page not found or other error

Anything working can be ignored

Open EVERY DNS Group Name on the Firewall / pfBlockerNG / DNSBL Feeds page. Search for any of the feeds that are NOT working at all and paste the URL into a browser bar. If they do not resolve, delete them - don't forget to click the save button at the bottom. If they do resolve, see the next step

Open EVERY DNS Group Name on the Firewall / pfBlockerNG / DNSBL Feeds page. Search for any of the feeds that are listed as No Domains Found, or that did resolve to a list in a previous step, and paste the URL into a browser bar. If the list is just a bunch of IP addresses, then you have them on the wrong part of your firewall! To fix this:

Copy the URLs of any of the lists which were IP-based out of the DNSBL page and into a text file as a placeholder.

Move over to the Firewall / pfBlockerNG / IPv4 page and start a new Alias Name (or edit one you may already have there). Add each one of the URLs from your text file, giving it a unique header name (the last field) and make sure to set it to Auto & ON. .

Once all added, I set the List Action and update schedule to my preference and saved the page

For anything which results in 'Terminated - Easylists can not be used' I do not yet have a solution.

In the Firewall / pfBlockerNG / General page, untick: Enable pfBlockerNG and Keep settings to disable them both. then click the save button. In the Firewall / pfBlockerNG / General page, tick only the Enable pfBlockerNG to enable and leave the Keep settings unticked/disabled. In the Firewall / pfBlockerNG / Update page, select the Select 'Force' option Update and click Run. Repeat the process of reviewing the results to remove broken lists and move IP-based lists to the right IPv4 list page.

------ONCE satisfied with the results:

In the Firewall / pfBlockerNG / General page, untick: Enable pfBlockerNG and Keep settings to disable them both. then click the save button. In the Firewall / pfBlockerNG / General page, tick BOTH the Enable pfBlockerNG and Keep settings to enable them both. In the Firewall / pfBlockerNG / Update page, select the Select 'Force' option Update and click Run.

Sounds like this issue: #10414

Workaround: #901871 but maybe the firewall table is to small to use pfBlocker after the change...

@Gertjan Yeah, you got it all wrong, probably because of my English-writing-skills. 😉