@provels said in bbcan177 Is your MS1 Block list still valid?: My company was blacklisted back in the day .... I presume the IP it was using, not your domain name ^^ The one and only reasons I left shared hosting : your own IPv4 (IPv6). Also, you don't want your mail being sent from a "collective garbage bin" neither. A small <5 $ / month will do.

@rabidsasquatch Hi, Yes I upgraded to 21.05 and am seeing similar behavior. I started a thread in the installations and upgrades section: https://forum.netgate.com/topic/164252/pfblockerng-devel-dnsbl-not-working-after-21-05-upgrade

@chrischevy https://www.reddit.com/r/pfBlockerNG/comments/ncj4t9/asn_always_shows_as0/

@ik2189 said in https: So if i understand it's not possible to display a web page displaying that the site is not allowed ? Thats correct. Gertjan has explained you the reason why thats so.

@viktor_g Seems to have worked! No core dumps on "Configuring firewall..." boot status messages.

@gertjan said in Custom IP4 List: @jmanatee said in Custom IP4 List: @jegr There are like 4460 IPs on that list and some of the IPs (5-8) still get past pfsense to the server and continue attempts to login to the mail server Humm. That's scarry. What if you take the IP you use when VPN-in - as I see you have the OpenVPN server. If you add your Client OpenVPN IP to the pfB_ASSPBlock, you couldn't enter anymore, right ?! The firewall wall log would show the hit. On the Firewall > pfBlockerNG > IP page, do you have this one activated : [image: 1622494361542-ea6e796f-87a0-42d3-89af-618890c31270-image.png] ? Can't find another reasons ... and refuse to believe that pf, that is FreeBSD itself, is broken .... :( Yes it will definitely block me on vpn I have done that accidentally a couple times. Kill states was not enabled, I enabled it I will continue to watch it. This was probably the problem. Thanks

@gertjan I have two public IP. One connects to my Wi-Fi Router, another connects to my pfSense Router. I can open the two files when I use Wired Ethernet (pfSense Router). I can also open the two files when I use Wi-Fi (Wi-Fi Router). To test the dual WAN settings, I connect the Wi-Fi LAN to pfSense WAN2, I also set a new gateway (WAN2 Interface) for using the Wi-Fi Router Public IP. [image: 1622440249247-0720.png] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 13:15:18 ]  [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 12:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 11:15:18 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 10:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 08:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 02:15:17 ] [ pfB_PRI1_v4 - Spamhaus_Drop_v4 ] Download FAIL [ 05/31/21 01:15:19 ] Today, I find that the document might be downloaded in 05/31/21 03:15 Now I set the Update Frequency to Every 4 Hours

Our data center is still on 2.4.5 so thanks for the heads up on this issue. I changed the update frequency on one of the feeds (2 hours to 4 hours), ran an Update, and that one change didn't get synced to the backup node. For posterity, here is Viktor's redmine entry for your bug from the HA forum.

@revengineer said in Upgrade pfBlockerNG to pfBlockerNG-devel: I had to modify the aliases for the deny lists Ah, sorry, I had forgotten that. Yes we had to do that also.

Ok, I finally made the move to the devel version and this fixed the problem. It may be time to retire the other version.

Click edit on an item and the bottom of the page is there [image: 1621500353191-clipboard01.jpg]

@gertjan said in Unbound custom options: @lcbbcl said in Unbound custom options: Is this the way? Not the right question. The question is : how do you run (the DNSBL) part of pfBlockerNG ? The answer will explain what you see. The mode called 'python' mode doesn't use the unbound's custom box "include: /var/unbound/pf_dnsbl.*conf " option any more. Now where back with the nice and clean : [image: 1621494281622-780a3ec4-ac20-4a01-8d74-36302266de8b-image.png] which has a big advantage : no more messing up of the options. Yes you are right i am using with python mode, thank you now is clear to me. Pf dnsbl was working just fine.

@gwaitsi said in Help with understanding Threat Analysis: grep: dev/snd/pcmC1D3p: Invalid argument Yeah, sorry. It read folders isn't shouldn't. cd to /usr, that the most important one. cd /usr

@nollipfsense I'm not running DNSBL yet (still trying to figure out pfBlocker). I'm using IP list to block DOH, specifically Alias Deny with the list TheGreatWall_DoH_IP. The list of of likely clients to unplug is a lot shorter than the list of ALL clients to unplug so I'll start with those first. The fact that there is no outbound log entries in pfBlocker seems to suggest it could be something like this post from another forum: https://community.spiceworks.com/topic/527938-strange-inbound-udp-packets I really appreciate you taking time out of your day to respond but since this is more of a curiosity than an operational issue I'll mark this thread as closed. Near as I can tell everything is working correctly on my network. Blocked things are getting blocked and allowed traffic is getting passed. If I find anything interesting or noteworthy I'll post it here but for now I think I'm done. Thank you. Cheers!