@sebm said in pfBlockerNG-devel v3.0.0_7: While in Firefox, the first file I select never gets loaded, Using Firefox 84.0 - no adds, when I visit : [image: 1608623290318-1d1ebd34-dbd6-4ec3-af08-bb59b1496741-image.png] Now, I'm invited to make my selection, using the second "Log/file selection" pull-down list When done, the file is shown right away. Looks fine to me now.

@bbcan177 Yeah I saw that, but nothing clear about the free version. Maybe we just have to wait. Anyway thank you @BBcan177

@bbcan177 said in Some download FAIL alerts: Yes that is what I said in that reddit post. Yup, I understood. I said that too above. (free for private use) Yes, it works with a minor bug, the download sometimes doesn't start, but if I know well they are working on it.

@bbcan177 oops.. I cleared it and it’s all good. Thanks.

Thank you both for the sugestion. Already implemented it and it's working great!

@bbcan177 That's what I was afraid of. Guess I'm asking Santa for a computer so I can get the most out of this.

@rloeb said in pfBlocklerNG v3.0.0_6-devel blocking all outbound traffic?: Thank you. Do not mention it

@thewismit said in Whitelisting guidance: I need to curate the feeds? definitely the pfBlockerNG installation (app) includes predefined lists, but this is everyone's individual taste and goal oriented... Like: [image: 1608222099844-ee9d8d53-fdc6-45b8-849c-154b6e9b6257-image.png] +++edit: of course you can use multiple lists, but like I said, define your goal (in addition to what is specified in the DEV or not pre-installed) always be careful with these, as it can be annoying to install a senseless lists +++edit2: one more thought, if you have to do too many things on a whitelist, think about whether you choose a good BLK list(s)?

PfBlockerNG is not the tool to use for content filtering. PfBlockerNG is used to sinkhole content like adverts or malicious IPs/domains. You want to use Squid or Squidguard and setup categories to block for specific groups of users, subnets or VLANs. There are already guides out there on how to do this.

Just wanted to provide an update to this thread as someone helped me find the issue that was causing this. NtopNG has threat feeds in it now and when it can't get to one of the feeds it just keeps trying and trying. To disable you have to go into the admin interface go to settings and category lists and then disable the offending list giving you an issue. I went ahead and disabled all of them since this was such a problem to find as well as these lists seem to go up and down and I don't want it to just keep trying (outside of its setting to only pull them down daily).

hehe ok, ty sir. I think I will not poke the bear and trust it is working!

@herman You should be able to edit the thread title and tag - if not I can do it for you. Thread marked.

@vesalius said in pfblockerNG TLD help: dnsbl python mode I wasn't 100% sure what the difference between unbound and python mode was, so I decided not to change it just yet until I had a better understanding. However, since you asked, I thought I would try it and see if it worked that way. I checked your other suggestions, and yes they were set as you mentioned. After changing to python mode, TLD is now working - thank you! Also, pretty cool that my RAM usage is down to 15% now.. guess I didn't need the upgrade, oh well. I did read the following post from BBcan177, along with the "more info" under "dnsbl mode", but was wondering if you had more info I can check out to better understand. Also, because of this, I didn't enable anything else under DNSBL other than TLD More info This mode will allow logging of DNS Replies, and more advanced DNSBL Blocking features. BBcan177 post https://forum.netgate.com/topic/158592/pfblockerng-devel-v3-0-0-no-longer-bound-by-unbound/2

@bbcan177 I have not set this Clear Widget Option afaik, still every night I am running into this error. Could it get triggered by something else?

@huskerdu I noticed that some things being blocked via [ TLD ] are still showing as Unknown Unknown EX: Unknown Unknown www.googletagmanager.com [ TLD ] DNSBL-python | HSTS_A Do you happen to know a fix?

@bbcan177 said in pfBlockerNG-devel v3.0.0_5: @lcbbcl said in pfBlockerNG-devel v3.0.0_5: I have a weird problem with the new version, if i enable HSTS mode for DNSBL, on reports i have unknown unknown for Lan but for Wifi is working fine. Before the v3.0.0 i had web server interface set as LAN and now i set localhost. Btw can someone guide me how to use regex? pfSense 2.4.5 uses Unbound v1.10.1 which has a regression that fails to pass some information to the python modules. It has been fixed, but there is no way to upgrade Unbound to v.1.12.0 in pfSense 2.4.5. In pfSense 2.5, it has Unbound v1.12.0, soon to be v1.13.0. For the DNSBL Blocking part, you can enable the checkbox in the DNSBL Tab > DNSBL Event Logging , and that will stop the python integration from logging, and use the DNSBL Webserver to log the events. Unfortunately, that is only limited to HTTP events. And for DNS Reply logging, there is no other workaround. Not much I can do unfortunately. Its recommended to use localhost instead. For Regex, here is a list of Regexs that can be used: https://www.reddit.com/r/pfBlockerNG/comments/k08n33/pfblockerngdevel_v300_no_longer_bound_by_unbound/gdkaod4/?utm_source=reddit&utm_medium=web2x&context=3 Regex seems to be like a add-on to PfB. Thank you.

@bbcan177 said in Adding IPv6 Feeds from the Feeds Tab in pfBlockerNG v3.0.0_5: @jdeloach Edit /conf/config.xml And find the "pfblockernglistsv6" tag, and remove the "<config></config>" line below it. <pfblockernglistsv6> <config></config> That fixed it. Thanks for your prompt support of this great package.

@costanzo See here: https://forum.netgate.com/post/950929

Agreed that's a lot of lists Tone them down. The potential protection they are providing you are not worth the issues you are having and will have. I know it's tempting to add everything, hit save and walk away, but that's asking for trouble. Every now and then even well established lists that have been working fine for a long time can start to block legit stuff. It's the nature of the beast. Having many lists just makes it more difficult to track down which one is causing headaches. It is sometimes hard to track down which specific list it is so I think @Gertjan approach is best.

@azdeltawye said in Windows 10 machines constantly pinging Isreal IPs: 185.77.248.89 AS details for AS58018 :- aut-num: AS58018 as-name: NETSTYLE2 org: ORG-NAL9-RIPE import: from AS43945 accept ANY export: to AS43945 announce AS-NETSTYLE admin-c: DUMY-RIPE tech-c: DUMY-RIPE member-of: AS-NETSTYLE status: ASSIGNED mnt-by: RIPE-NCC-END-MNT mnt-by: EC42500-MNT created: 2017-01-02T14:57:40Z last-modified: 2018-09-04T11:56:16Z source: RIPE remarks: **************************** remarks: * THIS OBJECT IS MODIFIED remarks: * Please note that all data that is generally regarded as personal remarks: * data has been removed from this object. remarks: * To view the original object, please query the RIPE Database at: remarks: * http://www.ripe.net/whois remarks: **************************** IPv4 subnets for AS58018 :- 185.77.248.0/24 IPv6 subnets for AS58018 :- 2a00:55a0:3::/48 Wednesday, 9 December 2020 at 21:39:06 Greenwich Mean Time