@jegr That's what I do :) The goal for initial questions was to learn how-tos , but general discussion about how users use home network is very useful ! Thank you all!

Yeah, due to my blocked Server (as Portforwarding inbound within the 10.0.0.0 /8) Range I just switched to Alias Deny to getting able to Suppress this /32 and it worked. On first Testings the Server responds and a page is being delivered. If you read this in the future: Native Alias works good. As I have seen Deny Alias works better. I just didn't had to set my Suppress up (List is empty, just checked it!) I only can suggest that with the Deny Alias maybe pfBlockerNG recognizes / admits the Portforwarding as a higher Priority and lets the Traffic to that IP pass. I will just have to figure out if this happens only eg from my own Adresses or whether even Contacts from IPs within the defined Block Lists will also get passed / "ignored"... If anybody is aware of that case or knows an Answer I'd highly appreciate your effort here, as it saves many time seizing the Logs for denied Inbounds by each List. Edit: As I just saw that I did not mention that clearly... I was before using the Native Alias and just shortly switched to use the lists as a Deny Alias. The portforwarding did not work before as the lists were set to Native Alias.

@grimson Sorted, thanks, have a nice Christmas, I am off to specsavers!

@ronpfs Thanks for the reply. I JUST finished updating all of the packages I have and updating PFsense to the newest version. After restoring a fully working config from a few months ago and it seems to be working okay now.

That's an awesome List, thank you for sharing it @anttechs I was just surfing all the way up and down to find sth similar, here it is. Just amazing! Edit I really do not know if it should have had been mentioned here but on http://iplists.firehol.org/ there is a comparison of several free accessible Lists. As it surely needs a little "work-in" imo it got the option to provide a good overview over several lists and even how individual lists overlaps one with an other. I just found it shortly. As I see it might provide one with a nice and unique overview though it might even need some time to get even this. Anyway, I guess it might be a good addition for any searches.

Try this : grep "maxmind.com" /var/db/pfblockerng/dnsbl/*.txt /var/db/pfblockerng/dnsblorig/*.orig /var/unbound/pfb_dnsbl.conf /usr/local/pkg/pfblockerng/dnsbl_tld it provides some more info about pfblockerNG db.

@tac57 I don't use Plex anymore, so no comments, sorry

Change the State to Flex

That must have felt good. Happy holidays.

Exact. Static ones are ok, they are known - and when the lease is renewed, DNS doesn't restart. Classic DHCP, if checked, will restart DNS. This is a known subject (I won't call it an issue, but if unbound has a lot of work to do at startup, like rowing through all these pfBlockerNG 's feeds files; and you have a 'light' system (processor, disk, whatever) then yes, it starts to take time).

Security through obscurity.. (if you believe that..) Use a different port number. That will keep some of it down.

@bbcan177 I am already using pfBlockerNG-devel, and i read yesterday about this bug with unbound reported after @RonpfS told me. Pfblocker is doing his job from what i saw,i was just curios about the ram behavior. Thanks both for the help .

@ronpfs said in Does it really matter????: A SSD could improve processing, but a decent HD should be ok. Many thanks that's all I needed to know really. bless you, my friend, and have a happy xmass and new year ;)

Won't this option work from my previous post: DNSBL is hardcoded to only use Unbound. However, you can still use Bind but would have to set Binds Outbound Forwarder to point to the pfSense Resolver so that DNSBL could be utilized. Sure, I've succesfully tried to use unbound as bind's forwarder to allow DNSBL. The downside of this solution is the poor dns performance and the overall complexity of the setup. The advantages of a setup using pfBlockerNG and bind are: an autoritative dns server to host local zones DNSBL features in place per view (which can be similiar as defining DNSBL per Interface) the functionalities from bind itsself few dependencies I found a very nice way to put all the zones from pfBlockerNG into bind using RPZ feature. (http://www.zytrax.com/books/dns/ch9/rpz.html) This way I've added ~300.000 blocklist zones into several views with very low memory footprint :) I'll update the script into my github repo.