@noonstarx said in pfblocker is not working. it does not block anything.:
There are a couple of NAT rules:
Those are not WAN based, they redirect 10.10.10.1, the IP of the build in web browser, to 127.0.0.1 so it can show you the "You've accessed a blocked site" page.
Which, IMHO, is a useless functionality, as most sites are accessed by https these days, and https can't redirected like that. Only ancient http request could be redirected.
I'm not using the this pfblockerng web server, but do 0.0.0.0+logging.
Your outbound nat rules are by default, that's fine.
This is pure BS :
@noonstarx said in pfblocker is not working. it does not block anything.:
C:\Users\user>nslookup facebook.com
Server: dns.google
Address: 8.8.8.8
why would you want your device (PC) to ask 8.8.8.8 to resolve for you ? ? ?
You are completely bypassing the resolver running on pfSense.
Conclusion : you are bypassing the pfSense resolver == bypassing pfblockerng. Remember : pfblockerng integrates itself into unbound, the resolver.
Read again :
3d213e58-f9be-4689-9793-242929fbeb5f-image.png
I guess its 'case closed' now 😊