@bbcan177 said in pfBlockerNG & Squid transparent proxy: localhost It was already in localhost. pfBlockerNG works with both pfBlockerNG & Squid running. However, Squid 'transparent' proxy is not working. If I can configure proxy settings in my browser then I can see Squid proxy is getting the URL request & virus scanner running. I suspect transparent proxy is conflicting with pbBlockerNG

@talaverde HA is a complex animal, some interfaces use CARP VIPs and packages use the XMLRPC to sync. XMLRPC has issues where you can use a dedicated user and some vendors(Snort/Cisco) did not think you could do that so they force you to use root/admin to sync your data.

@bbcan177 Thank you, thank you, thank you!!! The "Suppression" option was disabled and enabling fixed the problem. The 192.168.1.1 IP is now begin removed from the URLhaus blacklist. I think I also now understand the ALIAS solution. I would need to convert ALL pfB lists to aliases and completely forgo the auto rules. This seems to be good practice in general and I may consider this. Finally, I do plan on updating to the devel version eventually, probably when I update to pfSense 2.5.0 in the future. This will take some time and I need to make sure I carve the time out from my schedule to address the issue. Right now, I am too busy at work and need the internet to just work for my video conferences.

@mcury I am just adding each Vlan to the "Outbound Firewall Rules" under the IP tab in pfBlockerNG. Then Each Vlan has this rule towards the top before the block firewall/Internal rules [image: 1609993918639-7475b17a-506b-4c43-b709-0b0650b33fc0-image.png]

@teamits I did not. It halted during boot and led me to a "#" prompt

@bbcan177 Confirmed. It was the 6 hours time difference.

@bbcan177 said in pfBlockerNG v3.0.0_6 update: Add preliminary DNSBL Group Policy configuration that will globally bypass DNSBL for the defined LAN IPs Thank god for this new functionality, thank god! (well, thank bbcan177!!!) Sure looking forward to the CIDR notation

It appears to be working now that the cache is cleared, thanks.

@bbcan177 work perfect

Thank you @BBcan177 for confirming your (eventual) plan and @Gertjan for the graphic picture. :-)

@griffo @ronpfs in my case things have gotten more interesting. I can see a restart before each outage. So this suggests an unplanned reboot happening about once a week pfblockerng or unbound does not start up correctly upon restart #2 is fixed by re-starting pfblockerng but #1 will need more digging. It's easy to see if this is happening by checking NTP logs (search for "Starting") or system logs. The reboot is interesting. In all three cases LAN was fine, WAN was knocked out by the restart, CPU temps are very good, and in at least two of the cases I was making network adjustments through the unifi UI for my access points at the time that things went down. Possibly coincidence.

@amrogers3 The easy way to learn how to do thing is to use the Alerts tab '+' icon, it will offer choices for whitelisting according to the blocked type (DNSBL, TLD, Regex, etc). You can then review the DNSBL Whitelist to see what pfBlockerNG did. If you find blocked IPs in the Alerts tab, then you can whitelist or suppress them with the '+' icon.

@bbcan177 Thanks! Everything is working.

Using a large alias on many NAT or firewall rules can slow down the web GUI as it downloads the alias hint/tooltip multiple times. In one case for similar connections to multiple servers, we changed the NAT rules to allow any source IP, turned off the linked firewall rule, and created one firewall rule to allow "from the alias" to all of the servers on that same port, so there is only one rule using the alias instead of many.

@miiwaukee Figured it out. Had an incorrect Outbound NAT Entry that was set to IPv6 instead of IPv4. Issue resolved!

@provels said in MS activated DoH at the operating system level, in this "great" 20H2 release...?!: What would happen to those of us using the resolver and talking to the roots? Hello everyone... Okay (hmmm, how should I start, OK I already know), I’ll post a new and great evidence on this theme (Win10 _20H2 vs. DoH) in 2021, so I am not doing it now, ...because I want to (sorry,....I would like to)..... and I would like to wish a beautiful Christmas and a pleasant New Year holiday to everyone, but then comes the dread in 2021....HOHOHO..HAHAHA, like bird flu H1N1 - Winflu 20H2 - HIHIHI -it wasn't a good joke, though it looks a bit similar..... (so, "give me five") (I am using roaring emoticons , not like others :) of course only for those who like to control their own DNS stuff - I look forward to seeing everyone, if you are interested in the future... and theDNS theme BTW (preliminary): the encouraging test environments: (4 colleagues, 4 separate locations (in EU), 4 external pfSense installations - same Win image - 20H2) [image: 1608657176922-2020-12-22_17h03_37.jpg] +++edit: MY new year "vow" WILL BE that I wont be createing less colorful posts and +++edit2: anyway, I use windows everyday (to my stuff) well, that's a joke (so I got upset)

@sebm said in pfBlockerNG-devel v3.0.0_7: While in Firefox, the first file I select never gets loaded, Using Firefox 84.0 - no adds, when I visit : [image: 1608623290318-1d1ebd34-dbd6-4ec3-af08-bb59b1496741-image.png] Now, I'm invited to make my selection, using the second "Log/file selection" pull-down list When done, the file is shown right away. Looks fine to me now.