Ah.  Thanks.  I think what I did will work. This module never ceases to amaze.

Everything is starting to come together. This makes perfect sense! Exactly what I was looking for. At first I had no idea what you were saying but it was that I never fully read to understand these settings on these pages. Sorry to waste your time and thank you!

That did the trick, thanks for your help!

@BBcan177: Click the blue Infoblock Icon in the DNSBL Feeds Tab when editing a "Group"…. The "DNSBL Settings" infoblock has this text: Note:  AdBlock Easylists cannot be used in this Tab. Yes yes im not using ADBlock EasyList… also as you said mentioned there Easylist cannot be used  

BBcan177, exactly what I thought…. Thanks for demonstrating, and showing pfblockerNG works very well once more!

so; If I allow inbound GeoIp rule for only US IPs then by default all other are denied?  True?. but either way it looking like pfblocker is working. ( 100% again) I'm now seeing the Geoip rules listed in the dashboard ( did not see any listed when using 2.1.1.2 ) no crash errors yet. not seeing any allowed inbound from china or anywhere else over 500 packets denied and Count > 3,000,000 Again Thanks, I'll need to look at a reverse rule ( allow inbound US only) but I know just enough about firewalls to be dangerous or screw up the works so that no one get in our out.

@BBcan177: Here are more DNSBL Feeds that can be used in pfBlockerNG. (Copy and paste URLS as plain text) Create a new alias for these. These are not necessarily ADvert domains. So I named mine "Malicious" hpHosts http://hosts-file.net/download/hosts.zip SWC http://someonewhocares.org/hosts/hosts spam404 https://spam404bl.com/blacklist.txt https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt malc0de https://malc0de.com/bl/BOOT MDS (use 'Flex' state) https://mirror1.malwaredomains.com/files/justdomains MVPS http://winhelp2002.mvps.org/hosts.txt MDL http://www.malwaredomainlist.com/hostslist/hosts.txt GJTech http://adblock.gjtech.net/?format=unix-hosts dShield_SD  (They also have a conservative list available) https://www.dshield.org/feeds/suspiciousdomains_High.txt Zeus https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist These two feeds post full URLs, so there can be some more false positives. Create a new Alias, and use Alexa as a recommendation. PhishTank https://data.phishtank.com/data/online-valid.csv.bz2 OpenPhish https://www.openphish.com/feed.txt MPatrol (You need to register - Free or Paid subscription. Use Danguardian feed) https://lists.malwarepatrol.net This is a feed that I manage (as time permits) MS_2 https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw Use this in its own Alias: BBC_DGA  (This is a large feed of DGA for the likes of Cryptolocker et al…) http://osint.bambenekconsulting.com/feeds/dga-feed.gz BBC_C2 http://osint.bambenekconsulting.com/feeds/c2-dommasterlist.txt Use this feed in its own alias as it is updated more frequently. So you can update it more often than once per day. hpHosts_partial http://hosts-file.net/hphosts-partial.asp If users find other feeds, please post back so that others may benefit also. Its also important to donate to the feeds provider (IP and/or Domain) as they all need support. BBCan, When you say "create a new alias…" do you mean under DNSBL Feeds or Firewall Aliases?

That was an awesomely fast reply BBcan ~ thanks! Um; Okay, but I'm only forcing CRON because my BlackList feed disappears overnight - presumably, due to the same CRON issue at 4:45 am daily? Can you elaborate upon "Select how often List files will be downloaded. This must be within the Cron Interval/Start Hour settings." ? I.e: how should I set my DNSBL feed to be updated within my CRON? UPDATE thanks for looking into this issue BBcan! It seems to have gone away now, and I don't know why.  I'll write again if the problem returns.

AWESOME!  Thanks! I am eager to upgrade to 2.3 but unfortunately each time I upgrade my CARP configs the upgrade produces a crash dump loop. Thanks for the solution!

Spot on! After removing /var/run/booting everything works as expected. Thank you!

BBcan177 was able to figure out the issue. I was using the same header/label in multiple alias lists. This was preventing all the lists from updating. Changing the header's to being unique has fixed the issue. Thanks to BBcan177 for all his work on this package and figuring out this problem.

@dsefcik: I think pkg manager is broken, I installed rsync and it also had the same effect, upgrading to 2.3.2 in the console fixed the broken pkg manager but I still need to test pfBlocker but suspect it will be fine. https://forum.pfsense.org/index.php?topic=115777.0 – Just an update, after upgrading both systems to 2.3.2 I was able to install pfBlocker fine and it seems to work as expected, thank you for your help.

To resolve the issue : https://forum.pfsense.org/index.php?topic=102470.msg647719#msg647719

Use another browers can solved it.But it's no any solution?

To increase memory_limit over 512M you also need to fix /usr/local/etc/php.ini, /etc/rc.php_ini_setup

To install or re-install pfBlockerNG 2.1.1_2 https://forum.pfsense.org/index.php?topic=102470.msg647400#msg647400

So you put the IPs in the Custom Address(es) of an Alias. When you save the change, you have to change Update Custom List from Default to Update Custom List , then click Save Then do a Force Update You can select the Rules order in    Firewall / pfBlockerNG / General