@Ibor:

@BBcan177:

The package has a feature to backup and restore the DNSBL database for RAMDisk installations.

Where can I find that feature precisely? Thanks in advance!

Its done automatically in the background when RAMDisks are enabled…. No real need to touch it...

@EDinATL:

I had some particularly nasty ads popping up on my android which led me to want to manually block some ad servers via the DNSBL, so I eventually figured out how to do this today and used the method spoiler describes.  I found the process a bit confusing since the 'feeds' section would seem to be for feeds and not necessarily user defined lists.  At first I was manually editing a file in /var/unbound and mimicking the format used in pfb_dnsbl.conf which was cumbersome.  I was glad to find this method but I wish there had been kind of clue as to how to get there.  Thanks spoiler!

Its not recommended to edit the /var/unbound/pfb_dnsbl.conf file as that will get overwritten on cron updates…

The DNSBL Feeds Custom list is the easiest option to manually add Domains... You can also write the Domains to a text file accessible to the pfSense box (Local webserver) or on the pfSense box itself...  See the blue infoblock icons on the DNSBL Feed tab for more details...

@guardian:

Thanks…. that's a great help.  I should be able to work though this now.

I was wondering what would happen if I:

saved a copy of /usr/local/pkg/pfblockerng.xml

switched off pfBlockerNG

edited my copy, of pfblockerng.xml file

reloaded the edited copy of pfblockerng.xml to pfSense

then turned on pfBlockerNG

Assuming that the edits were minor and I didn't make a mistake would that work?

The pfblockerng.xml does not hold the configuration…. All configurations are saved in the pfSense config file:

/conf/config.xml

But editing that file should only be done with extreme care, or you risk crashing the config….

You could also setup another box and use the "Sync" feature, that will push all the configuration to another box... and vice-versa...

Are you using Safari?  I've only heard of issue with that browser :)  Not really much I can do about it…. Next release will have the option to sinkhole to 0.0.0.0 which will help with this issue.... But will also negate the logging feature.... So you could also just sinkhole to 0.0.0.0 for the domains that are causing these error messages.... But will have to wait for the next release...

https://forum.pfsense.org/index.php?topic=102470.msg573329#msg573329

That is an optional rule.

A permit firewall rule can be manually created to suit your network requirements…

I will try to improve this to the next release ...

@RonpfS:

Check the DNS configuration on your Macbook, it has to use pfSense DNS resolver in order to have DNSBL blocking effective.

Done. Fixed. Thank you.

Thanks for the update, the problem is a firewall issue… I'll put the TL;DR at the top, and all the background below in case it's needed for some reason.  (might help someone like me who is new to this stuff)

From the shell Filter Logs output... both ports are being blocked:
Rule: 1000000103,em1,match,block Port: 8081 - mss;sackOK;TS;nop;wscale
Rule: 1000000103,em1,match,block Port: 8443 - mss;sackOK;TS;nop;wscale

Here's the offending rule... but I don't know what to do since this rule is high up in the chain above where the GUI can have influence.
@5(1000000103) block drop in log inet all label "Default deny rule IPv4"
  [ Evaluations: 813      Packets: 81        Bytes: 7740        States: 0    ]
  [ Inserted: pid 55703 State Creations: 0    ]

How can I work around this issue since this rule isn't one that I put in?

Initial Checks - Server running / Restarted / Ports listening

Diagnostics / Status / Services Shows: dnsbl pfBlockerNG DNSBL Web Server as Running # ps aux | grep pfb_dnsbl_lighty root    36686  0.0  0.1  40260  5600  -  S    5:02AM    0:00.52 /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf # sockstat -4 USER    COMMAND    PID  FD PROTO  LOCAL ADDRESS        FOREIGN ADDRESS      root    lighttpd_p 36686 5  tcp4  *:8081                *:* root    lighttpd_p 36686 6  tcp4  *:8443                *:* After service stopped and restarted # sockstat -4 USER    COMMAND    PID  FD PROTO  LOCAL ADDRESS        FOREIGN ADDRESS      root    lighttpd_p 22249 5  tcp4  *:8081                *:* root    lighttpd_p 22249 6  tcp4  *:8443                *:*

Raw output from Shell Menu 10) Filter Logs```

Jan 20 13:17:14 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,58770,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,45948,8081,0,S,3847975149,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:17:14 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,53302,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,45950,8081,0,S,1577797007,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:17:18 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,58771,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,45948,8081,0,S,3847975149,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:17:18 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,53303,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,45950,8081,0,S,1577797007,,29200,,mss;sackOK;TS;nop;wscale

Jan 20 13:22:19 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,12996,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,50754,8443,0,S,704351713,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:22:19 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,27119,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,50758,8443,0,S,2252854924,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:22:23 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,12997,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,50754,8443,0,S,704351713,,29200,,mss;sackOK;TS;nop;wscale
Jan 20 13:22:23 guardian filterlog: 5,16777216,,1000000103,em1,match,block,in,4,0x0,,64,27120,0,DF,6,tcp,60,192.168.1.10,127.0.0.1,50758,8443,0,S,2252854924,,29200,,mss;sackOK;TS;nop;wscale

**Output from: pfctl -vvsr (Edited to remove some of the noise/confidential info)**``` @@0(0) scrub on em0 all fragment reassemble   [ Evaluations: 154347    Packets: 14254    Bytes: 1197540    States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @1(0) scrub on em1 all fragment reassemble   [ Evaluations: 140097    Packets: 14476    Bytes: 2440715    States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @0(0) anchor "relayd/*" all   [ Evaluations: 1617      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @1(0) anchor "openvpn/*" all   [ Evaluations: 1616      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @2(0) anchor "ipsec/*" all   [ Evaluations: 1617      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @3(1000000101) block drop in log quick inet from 169.254.0.0/16 to any label "Block IPv4 link-local"   [ Evaluations: 1678      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @4(1000000102) block drop in log quick inet from any to 169.254.0.0/16 label "Block IPv4 link-local"   [ Evaluations: 813      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @5(1000000103) block drop in log inet all label "Default deny rule IPv4"   [ Evaluations: 813      Packets: 81        Bytes: 7740        States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @6(1000000104) block drop out log inet all label "Default deny rule IPv4"   [ Evaluations: 1653      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @7(1000000105) block drop in log inet6 all label "Default deny rule IPv6"   [ Evaluations: 1678      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @8(1000000106) block drop out log inet6 all label "Default deny rule IPv6"   [ Evaluations: 867      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @50(1000000301) block drop in log quick proto tcp from <sshlockout:0>to (self:8) port = ssh label "sshlockout"   [ Evaluations: 1677      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @51(1000000351) block drop in log quick proto tcp from <webconfiguratorlockout:0>to (self:8) port = http label "webConfiguratorlockout"   [ Evaluations: 57        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @52(1000000400) block drop in log quick from <virusprot:0>to any label "virusprot overload table"   [ Evaluations: 858      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @53(11000) block drop in quick on em0 from <bogons:3757>to any label "block bogon IPv4 networks from WAN"   [ Evaluations: 858      Packets: 3        Bytes: 924        States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @54(11000) block drop in quick on em0 from <bogonsv6:79548>to any label "block bogon IPv6 networks from WAN"   [ Evaluations: 91        Packets: 16        Bytes: 1216        States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @55(1000001570) block drop in log on ! em0 inet from 192.168.0.0/24 to any   [ Evaluations: 818      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @56(1000001570) block drop in log inet from 192.168.0.15 to any   [ Evaluations: 810      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @57(1000001570) block drop in log on em0 inet6 from fe80::228:1aff:fee0:1004 to any   [ Evaluations: 818      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @58(1000001591) pass in log on em0 proto udp from any port = bootps to any port = bootpc keep state label "allow dhcp client out WAN"   [ Evaluations: 44        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @59(1000001592) pass out log on em0 proto udp from any port = bootpc to any port = bootps keep state label "allow dhcp client out WAN"   [ Evaluations: 851      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @60(1000002620) block drop in log on ! em1 inet from 192.168.1.0/24 to any   [ Evaluations: 1657      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @61(1000002620) block drop in log on ! em1 inet from 192.168.111.1 to any   [ Evaluations: 264      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @62(1000002620) block drop in log inet from 192.168.1.1 to any   [ Evaluations: 868      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @63(1000002620) block drop in log inet from 192.168.111.1 to any   [ Evaluations: 860      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @68(1000002661) pass in log on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"   [ Evaluations: 1649      Packets: 2113      Bytes: 323093      States: 16    ]   [ Inserted: pid 55703 State Creations: 160  ] @69(1000002662) pass out log on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"   [ Evaluations: 338      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @70(1000002663) pass in log on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"   [ Evaluations: 346      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @71(1000002664) pass out log on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback"   [ Evaluations: 168      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @72(1000002665) pass out log inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself"   [ Evaluations: 1657      Packets: 2113      Bytes: 323093      States: 16    ]   [ Inserted: pid 55703 State Creations: 160  ] @73(1000002666) pass out log inet6 all flags S/SA keep state allow-opts label "let out anything IPv6 from firewall host itself"   [ Evaluations: 839      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @74(1000002761) pass out log route-to (em0 192.168.0.1) inet from 192.168.0.15 to ! 192.168.0.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself"   [ Evaluations: 839      Packets: 3418      Bytes: 1432738    States: 73    ]   [ Inserted: pid 55703 State Creations: 634  ] @75(10000) pass in log quick on em1 proto tcp from any to (em1:3) port = http flags S/SA keep state label "anti-lockout rule"   [ Evaluations: 1709      Packets: 2275      Bytes: 770250      States: 10    ]   [ Inserted: pid 55703 State Creations: 13    ] @76(10000) pass in log quick on em1 proto tcp from any to (em1:3) port = ssh flags S/SA keep state label "anti-lockout rule"   [ Evaluations: 117      Packets: 4107      Bytes: 1578034    States: 2    ]   [ Inserted: pid 55703 State Creations: 5    ] @77(0) anchor "userrules/*" all   [ Evaluations: 1580      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @78(1770002729) pass quick on em1 inet from any to 192.168.111.1 flags S/SA keep state label "USER_RULE: pfB_DNSBL_Allow_access_to_VIP"   [ Evaluations: 1691      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @79(1770008293) block return log quick on em1 inet from any to <pfb_dnsblip:46>label "USER_RULE: pfB_DNSBLIP AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @80(1770008377) block return log quick on em1 inet from any to <pfb_ethreats:3223>label "USER_RULE: pfB_ETHREATS AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @81(1770008328) block return log quick on em1 inet from any to <pfb_rw_ipbl:10627>label "USER_RULE: pfB_RW_IPBL AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @82(1770008734) block return log quick on em1 inet from any to <pfb_sh_ipv4:60>label "USER_RULE: pfB_SH_IPv4 AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @83(1770008690) block return log quick on em1 inet from any to <pfb_level_1:167115>label "USER_RULE: pfB_Level_1 AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @84(1770008714) block return log quick on em1 inet from any to <pfb_level_2:137>label "USER_RULE: pfB_Level_2 AR"   [ Evaluations: 581      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @85(1469301982) block drop quick on em0 inet6 all label "USER_RULE: Keep IPv6 Noise Out of The Logs"   [ Evaluations: 1691      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @86(1469301982) block drop quick on em1 inet6 all label "USER_RULE: Keep IPv6 Noise Out of The Logs"   [ Evaluations: 1015      Packets: 8        Bytes: 512        States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @87(1469300765) block drop in quick on em0 inet6 all label "USER_RULE: Noise Block IPv6_WAN-Keeps Log Clean"   [ Evaluations: 356      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @88(0) block drop in quick on em0 inet6 from <easyruleblockhostswan:2>to any label "USER_RULE: Easy Rule: Blocked from Firewall Log View"   [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @89(1483770230) block drop in quick on em1 inet6 all label "USER_RULE: Noise Block IPv6_LAN-Keeps Log Clean"   [ Evaluations: 356      Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @98(1469733859) pass in quick on em1 inet proto tcp from 192.168.111.1 to 192.168.1.1 port = 3000 flags S/SA keep state label "USER_RULE: Allow NTOPNG"   [ Evaluations: 3        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ---------------------------------------- @99(1468341693) pass in log quick on em1 inet proto tcp from any to 192.168.1.1 port = domain flags S/SA keep state label "USER_RULE: Allow pfSense to handle DNS requests"   [ Evaluations: 0        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @100(1468341693) pass in log quick on em1 inet proto udp from any to 192.168.1.1 port = domain keep state label "USER_RULE: Allow pfSense to handle DNS requests"   [ Evaluations: 544      Packets: 1062      Bytes: 72729      States: 124  ]   [ Inserted: pid 55703 State Creations: 532  ] @101(1468981713) pass in log quick on em1 inet proto tcp from 192.168.1.0/24 to any port = http flags S/SA keep state label "USER_RULE: Web Traffic"   [ Evaluations: 47        Packets: 27        Bytes: 21493      States: 1    ]   [ Inserted: pid 55703 State Creations: 1    ] @102(1468981713) pass in log quick on em1 inet proto tcp from 192.168.1.0/24 to any port = https flags S/SA keep state label "USER_RULE: Web Traffic"   [ Evaluations: 34        Packets: 375      Bytes: 94278      States: 2    ]   [ Inserted: pid 55703 State Creations: 8    ] ---------------------------------------- @103(1468981713) pass in log quick on em1 inet proto tcp from 192.168.111.1 to any port = http flags S/SA keep state label "USER_RULE: Web Traffic"   [ Evaluations: 26        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] @104(1468981713) pass in log quick on em1 inet proto tcp from 192.168.111.1 to any port = https flags S/SA keep state label "USER_RULE: Web Traffic"   [ Evaluations: 1        Packets: 0        Bytes: 0          States: 0    ]   [ Inserted: pid 55703 State Creations: 0    ] ----------------------------------------</easyruleblockhostswan:2></pfb_level_2:137></pfb_level_1:167115></pfb_sh_ipv4:60></pfb_rw_ipbl:10627></pfb_ethreats:3223></pfb_dnsblip:46></bogonsv6:79548></bogons:3757></virusprot:0></webconfiguratorlockout:0></sshlockout:0>

Select "Force Reload" in the update tab

Firehol is converting those Domain based lists into an IP format… I'd not recommend that...  The pfBlockerNG package has an IP and a Domain section.... so best to use the applicable format (IP or DNSBL)...

Yes hpHosts has individual Feeds, or the combined feed linked above... Take a look at their website for further details.

@guardian:

Can you give us any idea of how they are compiled (source) so we know if they are a good match for our use case?

Take a look at the Gist URLs… it will show a comment line for the source(s)...

I'll certainly defer to the developers, but I doubt that it will cause any problems.

I will post a much shortened list I ended up with which I got to by removing domains I know for sure are not for telemetry and also that broke other services.  The list is way shorter as expected.  But bear in mind its a game of whack a mole.  Microsoft at any point can change the domain names used or even connect directly to ip's.  This list I got here was last updated probably a year or so ago when I gave up on windows 10.

choice.microsoft.com choice.microsoft.com.nsatc.net df.telemetry.microsoft.com diagnostics.support.microsoft.com oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net reports.wes.df.telemetry.microsoft.com services.wes.df.telemetry.microsoft.com settings-sandbox.data.microsoft.com settings-win.data.microsoft.com sqm.df.telemetry.microsoft.com sqm.telemetry.microsoft.com sqm.telemetry.microsoft.com.nsatc.net survey.watson.microsoft.com telecommand.telemetry.microsoft.com telecommand.telemetry.microsoft.com.nsatc.net telemetry.appex.bing.net telemetry.microsoft.com telemetry.urs.microsoft.com vortex.data.microsoft.com vortex-sandbox.data.microsoft.com vortex-win.data.microsoft.com watson.ppe.telemetry.microsoft.com wes.df.telemetry.microsoft.com

Yes it needs to be in an unused network range, and is used to host the DNSBL Webserver…

Maybe the MaxMind Database didn't get downloaded and installed correctly during installation… On the SG-1000, it might take more time to sort the MaxMind database... From looking at the partial install log from the other post, its missing the balance of the installation...

Try to uninstall/Re-install. There is a setting in the General tab to "keep settings", uncheck that option so that it starts with a fresh installation...  Then do not move away from the installation window, until its completed its installation...

As for setting it up, in general just read through the info panes built into pfbng & dnsbl. That should get you going, then whatever specific questions you may have after setting up either search the forum or post a quetion.

As for feeds, here are some good places to start. The php import that BBCan177 wrote is what I primarily use.
https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975
https://forum.pfsense.org/index.php?topic=86212.msg510369#msg510369
https://forum.pfsense.org/index.php?topic=86212.msg548372#msg548372
https://forum.pfsense.org/index.php?topic=117806.msg652480#msg652480

I also just posted this which has some links to get you setup for really good content filtering.
https://forum.pfsense.org/index.php?topic=124013.0

I am not at all a computer or networking person, but through this forum and the info panes in pfbng I've been able to get it up and running and it's great.

IMO it's the single most useful package for a home or small office looking to filter their network.

@BBcan177:

PR # 156/157 have been posted for pfBlockerNG v2.1.1

CHANGELOG:

Other Improvements

Add Malware Corpus Tracker to the DNSBL parser www.h3x.eu

@BBcan177:

Here are the links for Malware Corpus Tracker which can be used w/ pfBlockerNG DNSBL:

Site:
http://track.h3x.eu/about/400

Available Feeds:
https://tracker.h3x.eu/api/sites_1month.php
https://tracker.h3x.eu/api/sites_1week.php
https://tracker.h3x.eu/api/sites_1day.php
https://tracker.h3x.eu/api/sites_1hour.php

DO NOT Select all of these Feeds. You should pick only one Feed. For example: the "1Month" will include the "1Week/1Day/1Hour".

[ Edit - change to https ]

Twitter:
https://twitter.com/h3x2b

sure

I used SECOIT GmbH's solution (crediting the original guy).

His post is here.

https://forum.pfsense.org/index.php?topic=89589.msg517047#msg517047

Be aware with this solution, if you do an action that requires a unbound restart/configure, you will manually need to stop and then start in the gui. pfblockerng will still be fine tho.

ok will keep that in mind, thanks.