@juanchozn11 said in pfBlockerNG - error accessing GeoIP settings:

I'm on 2.3.5-RELEASE-p2

That's most way to old.
2.3.5 is not just EOL, it has entered the "don't use it" phase.

Several things happened the last couple of years :

@juanchozn11 said in pfBlockerNG - error accessing GeoIP settings:

Firewall -> pfBlockerNG > GeoIP

The access is now Firewall > pfBlockerNG > IP > GeoIP
So you're using the ancient version. As no one uses it any more, getting help is difficult. You might find some old forum posts ?!?

Also, the MaxMind GeoIP database needs a (free !) subscription. Dono if that's implemented into the old pfBlockerNG version.

Take note : only 'experts' keep old version up and running, because they have the knowledge *** to do so.
For the rest of us : make your live easy on you,, and keep your system up to date.

** but they don't, as no one really likes to deal with old bugs and errors that were solved ages ago already.

Thanks Bob! However, I do not exactly know how to do that without exposing my pfSense update traffic on the internet. I'm not sure I want that. Is there a way by which the Talos traffic IS the only one moving out to WAN aside from my vpn traffic? I think there is. I'll try to solve this later. Again Bob, thanks for replying quickly.

@jenskiebee

Keep in mind : it's a DNSBL bypass.
IP based feeds will still block, as these are just huge aliases used in firewall rules.

See also here and here.

It's still in the ⚡ phase of developing.

@provels said in bbcan177 Is your MS1 Block list still valid?:

My company was blacklisted back in the day ....

I presume the IP it was using, not your domain name ^^

The one and only reasons I left shared hosting : your own IPv4 (IPv6).
Also, you don't want your mail being sent from a "collective garbage bin" neither.
A small <5 $ / month will do.

@rabidsasquatch

Hi, Yes I upgraded to 21.05 and am seeing similar behavior.

I started a thread in the installations and upgrades section:
https://forum.netgate.com/topic/164252/pfblockerng-devel-dnsbl-not-working-after-21-05-upgrade

@chrischevy https://www.reddit.com/r/pfBlockerNG/comments/ncj4t9/asn_always_shows_as0/

@ik2189 said in https:

So if i understand it's not possible to display a web page displaying that the site is not allowed ?

Thats correct. Gertjan has explained you the reason why thats so.

@viktor_g Seems to have worked! No core dumps on "Configuring firewall..." boot status messages.

@gertjan said in Custom IP4 List:

@jmanatee said in Custom IP4 List:

@jegr

There are like 4460 IPs on that list and some of the IPs (5-8) still get past pfsense to the server and continue attempts to login to the mail server

Humm. That's scarry.

What if you take the IP you use when VPN-in - as I see you have the OpenVPN server.
If you add your Client OpenVPN IP to the pfB_ASSPBlock, you couldn't enter anymore, right ?! The firewall wall log would show the hit.

On the Firewall > pfBlockerNG > IP page, do you have this one activated :

ea6e796f-87a0-42d3-89af-618890c31270-image.png

?

Can't find another reasons ... and refuse to believe that pf, that is FreeBSD itself, is broken .... :(

Yes it will definitely block me on vpn I have done that accidentally a couple times.

Kill states was not enabled, I enabled it I will continue to watch it.

This was probably the problem.

Thanks

@gertjan
I have two public IP. One connects to my Wi-Fi Router, another connects to my pfSense Router.

I can open the two files when I use Wired Ethernet (pfSense Router).
I can also open the two files when I use Wi-Fi (Wi-Fi Router).

To test the dual WAN settings, I connect the Wi-Fi LAN to pfSense WAN2, I also set a new gateway (WAN2 Interface) for using the Wi-Fi Router Public IP.

0720.png

[ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 13:15:18 ]  [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 12:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 11:15:18 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 10:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 08:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 02:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 01:15:19 ]

Today, I find that the document might be downloaded in 05/31/21 03:15
Now I set the Update Frequency to Every 4 Hours

Our data center is still on 2.4.5 so thanks for the heads up on this issue.

I changed the update frequency on one of the feeds (2 hours to 4 hours), ran an Update, and that one change didn't get synced to the backup node.

For posterity, here is Viktor's redmine entry for your bug from the HA forum.

@revengineer said in Upgrade pfBlockerNG to pfBlockerNG-devel:

I had to modify the aliases for the deny lists

Ah, sorry, I had forgotten that. Yes we had to do that also.

Ok, I finally made the move to the devel version and this fixed the problem. It may be time to retire the other version.