I turned off inbound filtering completely instead and left the logging on for the outbound traffic. It would be great if we could configure inbound and outbound logging separately in pfBlocker.

@wc2l Visit the Feeds tab, after every pfBlockerNG-devel update, there are some changes. https://kriskintel.com/feeds/ktip_covid_domains.txt works fine here.

@jpvonhemel said in shopify sites: When I disable pfblockerng, or add the domain to the whitelist, the sites load. I am not at home now, I’ll get back on the other questions, I know I the ip they resolve to is the same, and that is from Shopify. Yeah, I ran across a similar event when I was trying to get to Maglite.com. I didn't disable pfBlockerNG, I just caught the Shopify by time stamp in the alert tab and did a temporary unlock on it. Maglite.com then worked.

@gertjan I ended up figuring out the problem, not that I remember what it ended up being to be totally honest though. thank you!

BBcan177 got ahold of me and suggested I move to the 3.0 devel version. That, and a force update of rules, fixed the issues. Plus, the new version has amazing features!

@bob-dig It is not so crappy. ;) Sorry to bother you - I will post everything you needed know to prevent you from signing up. Thanks for your support !

@wizardofwhere I would get pfSense running good first before adding packages while you read up on what you want to accomplish as it sounds like you're somehow locking yourself out every 3hrs.

@bbcan177 that typing error was occured during making this post I tried to edit it but it does not let me to do so. its 192.168.100.0/24 . Regards

@ex1580 I appreciate the post. I have the same TLD CN block and couldn't get past the OUT OF SYNC error until encountering your post. This does seem to be a defect on the surface but I'm interested to see how it ultimately resolves.

@harison Just off the top of my head I'd say to make sure that this setting is unchecked in Services/DNS Resolver/General Settings: [image: 1615557859064-d2f51175-a5a1-4dcd-b29f-4fa90bf826ad-image.png] The above causes unbound to stop and reload itself every time a client requests a DHCP lease. During that time DNS resolution does not happen and therefore nothing trying to be reached by a domain name (www.google.com) can be reached on the net (unless it is already cached in the DNS). Other than that, I think we're going to need a lot more info to help you. As a start, I'd suggest screenshots of your DNS and pfblocker settings as well as Status/System Logs/System/DNS Resolver and Status/System Logs/Gateways when the issue is happening. When the web "crashes" can you ping 8.8.8.8 from the WAN as the source address in Diagnostics/Ping? What about www.google.com?

@bbcan177 said in "DNSBL Listening interface" best choice with VLANs?: just keep it as "lan" and use the Permit firewall rule option to create a floating permit rule that will allow the other lan segments to access the DNSBL listening interface Hello all, I also work with the pfblocker and the DNSBL feeds. What do I have to set so that the lists only work on the interface LAN? Currently, I have the lists working on all interfaces. I don't want that

@bbcan177 Thanks. I was hoping for a less involved solution. Though, I'll take what I can get.

@teamits in other forums, they manage it the way, that maintainer/admin/mod is only allowed to post in that single thread. each version gives a new thread with the version specific changes. That will keep a history of the versions. users can continue asking questions or whatever in different threads

@tzvia I had it set to 2.5. I had no idea that this setting impacts packages, especially since there's clear mention about this being related to firmware update...weird design. Anyway, after changing it to 2.4.5, the _15 is gone from the list. Which I guess is ok. Thanks.

@illern p1 fixed the kernel lock issue but this is another :(

@guilty Figured out the issue. Google Wifi was causing this behavior. The only way I found out was hard wiring in. So Google wifi is doing something with the DNS requests as they come in.... why they do that...who knows. I was planning on removing Google Wifi soon. This is yet another reason to get rid of it.

@bbcan177 said in pfBlockerNG 2.1x - fix for Talos feed and Cloudflare 1.1.1.1 DNS: > I hear you Man, I'm with you, you communicate poorly, these people believe in you, so in nothing else. OPEN SOURCE

Zombie thread resurrection as this issue is back due to a regression. Link to new thread: https://forum.netgate.com/topic/161817/pfblockerng-2-1x-fix-for-talos-feed-and-cloudflare-1-1-1-1-dns

@rjk13230 ??? pfB has only ever had a entry under the Firewall menu that I'm aware of.