Click edit on an item and the bottom of the page is there
Clipboard01.jpg

@gertjan said in Unbound custom options:

@lcbbcl said in Unbound custom options:

Is this the way?

Not the right question.
The question is : how do you run (the DNSBL) part of pfBlockerNG ?
The answer will explain what you see.

The mode called 'python' mode doesn't use the unbound's custom box "include: /var/unbound/pf_dnsbl.*conf " option any more.
Now where back with the nice and clean :

780a3ec4-ac20-4a01-8d74-36302266de8b-image.png

which has a big advantage : no more messing up of the options.

Yes you are right i am using with python mode, thank you now is clear to me.
Pf dnsbl was working just fine.

@gwaitsi said in Help with understanding Threat Analysis:

grep: dev/snd/pcmC1D3p: Invalid argument

Yeah, sorry.
It read folders isn't shouldn't.

cd to /usr, that the most important one.

cd /usr

@nollipfsense

I'm not running DNSBL yet (still trying to figure out pfBlocker). I'm using IP list to block DOH, specifically Alias Deny with the list TheGreatWall_DoH_IP.

The list of of likely clients to unplug is a lot shorter than the list of ALL clients to unplug so I'll start with those first. The fact that there is no outbound log entries in pfBlocker seems to suggest it could be something like this post from another forum:

https://community.spiceworks.com/topic/527938-strange-inbound-udp-packets

I really appreciate you taking time out of your day to respond but since this is more of a curiosity than an operational issue I'll mark this thread as closed. Near as I can tell everything is working correctly on my network. Blocked things are getting blocked and allowed traffic is getting passed. If I find anything interesting or noteworthy I'll post it here but for now I think I'm done.

Thank you.

Cheers!

@p_bear said in Error alert I can't troubleshoot:

I don't use this ....

👍
You'll be fine.

@cobra_phil

I just realized that some of the answers to my questions were available in some of the screenshots your posted a month ago in your original post. Here is my thinking from the 35,000 foot view........

Configure pfSense to receive an address from ISP on WAN via their DHCP server Create a "management" interface on LAN with a private address range and its own DHCP server. This allows you to plug in a laptop or other host and talk to pfSense, manage firewall rules, DNS, pfBlocker etc. as well as any switches or wireless access points you might have Create a bridge interface with WAN & OPT1 where all your clients will connect. This will be a DMZ of sorts where your clients get addresses directly from ISP and can pass credentials, etc. See Internal / External Bridges on this page:

https://docs.netgate.com/pfsense/en/latest/bridges/index.html

Create a series of firewall rules to intercept and redirect DNS traffic to pfSense. Configure Unbound to listen for DNS requests on OPT1. Unbound can then either act as a resolver and serve up the appropriate web addresses or forward those requests to your DNS provider of choice. pfBlocker can also be used on pfSense defined interfaces (WAN, LAN, OPT1....) to filter content, IP ranges, etc.

Hope this helps. I'm far (far, far) from an expert but let me know how you want to proceed.

Cheers.

@smoothrunnings said in Is there anyway to whitelist?:

@nogbadthebad I think maybe you are missing the point there. Terra-master.com which is a Chinese company who makes the TerraMaster NAS box mail servers are all behind the great firewall of China. For me to get onto their forum requires me to open a connection to China with them.

The NAS box, just like my Seagate 4bay NAS boxes let folks know when there is a FW update, it does this by talking to home base everyone once in while. Its also what pfSense does, to let you when when there is an update to your firewall OS.

I'd be very wary opening an inbound connection that would possibly allow them access to the NAS that then has full access to the LAN.

FYI I get informed of updates from Synology without having to open an inbound connection, the device polls their server.

@nprog Use Smart YouTube TV

@ronpfs The Master is running 2.5.1 and all the child boxes were running 2.4.5. I upgraded the child pfsense that's failing to the same version as the master, but I'm still getting the

/usr/local/www/pfblockerng/pfblockerng.php: New alert found: A communications error occurred while attempting to call XMLRPC method merge_installedpackages_section:

error when I force a reload on the master.

@pfosten

btw, I mixed up the version numbers when writing this, headline must be:

"Removal of pfblockerNG 2.1.4 and installation of 3.0.0_16 + config via wizard leaves me with crippled DNSBL"

and inside text it must be:

"I was following the proposal by Lawrence Systems and simply

disabled the pfblockerNG old version 2.1.4 removed 2.1.4 package"

Sorry for the confusion.

I was also looking for a new guide for 2021 and I found this guide, and has lots of pictures and talks about the steven blacklist. This one worked for me.
How to Block Ads on pfsense with pfblockerng

Thanks for the quick reply :)

I don't know if IoT is the exact category, it's older home automation hardware from 10 years ago, that isn't that clever. It did cost a few pennies, so upgrading it won't be an option for a while.

I will use your solution for now, and maybe contact the manufacturer (or by asking on their forum) if there is a better/safer option to be able to control it from the outside.

@nollipfsense I saved and reloaded the changes. Im getting the correct 10.10.10.1 address when I attempt dns lookups. Thanks though.

@westlos said in pfBlocker and VPN Client:

I wanted to check if pfBlocker functions when one uses a VPN Client where all traffic is directed to the VPN Client.

Hi,

This cannot be a question, because the answer is yes 😉

pfBlocker-NG does, what you tell it to do
(The settings in the pictures are not real, I took them out on purpose, blue highlight bar - this is a clear starting point)

0afb6574-ec48-49ac-8b42-7990bda361e8-image.png

and f.e.:

1c8863db-3dba-414d-87e8-ed72d5809549-image.png

DNSBL:

9c09869c-6056-45a8-93e6-796f4657d7e5-image.png

@rogermct Please see below:

https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html

https://forum.netgate.com/topic/88575/pfblockerng-how-to-sync-ipv4-filterlists-between-carp-boxes

I was seeing odd behavior after the upgrade so I just started over with a clean config for pfBlockerNG-devel things are working again.

I suspect that there's "config rot" over time which requires occasional need to flush the config and start over.

Not only for packages, I've had to reset standard base config settings after the upgrade to get things to work.

Since then, things have been running smoothly with low CPU and memory usage.