pfBlockerNG

• J

  WAN Rules
  • josepho  

  1
  0
  Votes
  1
  Posts
  40
  Views

  No one has replied

• P

  Failed Paypal/Sagepay transaction-How to identify the relevant log entries?
  • pm1961  

  2
  0
  Votes
  2
  Posts
  57
  Views

  

  Hi, Look at the pfBlockerNG-devel Reports page. Look at the Alerts and DNSBL lists. Look for the IP your device us using, and then a destination that should have a relation with this "sagepay " (whatever that is). Note : Feeds used by pfBlockerNG are created by humans like you and me - most often 'just for fun and to help the community'. They could be useful for some one, contain IP's that shouldn't be blocked for others. It's NOT an exact science.
• F

  how to block ads with pfBlockerNG ??
  • firefox  

  7
  0
  Votes
  7
  Posts
  266
  Views

  F

  I use the firefox browser and ublock plugin But it doesn't block everything and it's not the most convenient There are sites I reach and get notified that I can't browse until I deactivate the extension The last time I had a pfsense (It was in pfsense 2.4 maybe 2.3) it blocked the commercials and pop-ups I had no problem with such sites I will try to find a screenshot of it If I have There was a list of what to block sex Alcohol Gambling Medicines And so on and so forth It might as well have been squidGuard and not pfBlockerNG (Not remember)
• 

  Cannot Lock/Unlock - IP or table missing
  • TMiland  

  1
  0
  Votes
  1
  Posts
  42
  Views

  No one has replied

• S

  DNSBL Auto whitelisting happing ?
  dnsbl whitelist • • sesipod  

  11
  0
  Votes
  11
  Posts
  241
  Views

  L

  @jot thanks for the info. You are right. Though I do not understand why to force whitelist google and yandex subdomains which are used for ads - ads.google.com|adservices.google.com. I just can not block ads if I enable safesearch option
• A

  pfblockerng ASN aliase rule doesn't seem to work
  • ahtos  

  21
  1
  Votes
  21
  Posts
  200
  Views

  A

  Resolved. Just an update on the issue if someone ever face the same problem. I reinstalled PFSense, then PFBlockerNG-DEV. I didn't create any auto-rules and only uses native aliases. Maybe it's something obvious, but in my case they didn't play well together. I installed ntopng to find out all the required ASN, there are a few more than just netflix/youtube for the APPs. However, I got a second problem from time to time I wouldn't get an IP from the WAN and many dpinger send-to error 65. The problem was my onboard NIC is a RealTek and not Intel. Moving the WAN to an Intel port seem to fix the issue for me. I understand the recommendation is to use Intel. Thank you John for your time and help!
• 

  pfb_filter Keeps stopping
  • Mr_JinX  

  5
  0
  Votes
  5
  Posts
  60
  Views

  

  @RonpfS said in pfb_filter Keeps stopping: Does this happen during cron update? or DHCP registration etc .... Or a pfBlockerNG update ? How often pfBlockerNG is restarting ? How long does it take to restart ? As @RonpfS, remove 'filterlog' from System Watchdog. Goto console acces (== SSH) and use option 8. Enter : ps ax | grep 'filterlog' You should see : 4441 - I 0:00.42 /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog 33289 - Ss 0:44.89 /usr/local/sbin/filterlog -i pflog0 -p /var/run/filterlog.pid 44778 0 S+ 0:00.00 grep filterlog The last line is the 'ps' command itself. "filterlog" is actually two processes, not more, not less. My example shows 4441 and 33289. Example : when pgBlockerNG restarts - and this can take a lot of time - several minutes if you have a lot of DNSBL feeds to load and parse, the service watchdog that runs every minute will detect this, and start the two services again, which is a completely wrong action to take. pfBlockerNG has to finish updating / upgrading first/ When done, it will launch 'filterlog' by itself. Btw : I just try to understand what happens, didn't actually saw anything of all this happening. Rule of thumb : using " System Watchdog" is nearly always the wrong method. The actual issue has to be solved.
• I

  Peculiar pfblockerng / tld blocklist & whitelist behavior
  • im_not_a_robot  

  3
  0
  Votes
  3
  Posts
  154
  Views

  I

  In the end I disabled tld blocking since it led to many issues allowing certain sites with their own subdomains. I am maintaining a blocklist of individual sites. This is more effort but more reliable for use.
• M

  Filtering outgoing traffic
  • MarianHlusek  

  11
  0
  Votes
  11
  Posts
  58
  Views

  M

  @johnpoz Well, honestly ... I would love to use the pfBlocker, as this seems to me 'easier' solution as it is already implemented and working. The shallalist is available there as well ... the only thing I am not sure is how I split the filtering for: parents -> DNSBL, Ads, IP kids -> all the above + categories But let's see, maybe someone else comes with some other views. Thank you.
• 

  Re: [Blocking Youtube Ads]
  • Xentrk  

  1
  0
  Votes
  1
  Posts
  104
  Views

  No one has replied

• T

  Blocking Youtube Ads
  • thezfunk  

  31
  0
  Votes
  31
  Posts
  25753
  Views

  

  Grublets has written a script for pi-hole that is working to block YT ads on the router. It was forked forked on the Diversion ad blocker on Asuswrt-Merlin firwmare yesterday and early testing is very positive so far. https://gitlab.com/grublets/youtube-updater-for-pi-hole/-/tree/master https://discourse.pi-hole.net/t/youtube-script-seems-to-be-working-very-well/31316
• 

  ip2location as alternative for MaxMind databases
  geolocation gdpr ccpa deo ip • • Sergei_Shablovsky  

  35
  1
  Votes
  35
  Posts
  1461
  Views

  A

  @johnpoz Actually when some other agency or corporation gets MinMind customer database plus the ISP databases that nowadays you can bet are automatically available... yes then someone could have a complete picture... it amazes me how people don't care about privacy and don't seem to understand that no privacy means no democracy... Do we still value democracy over money or convenience? You don't know what actually MinMind is... so I suggest updating pfblockerng to use another geolocation database and prepare it to accept more easily other options. There's always the possibility of a fork.
• D

  dnsbl PHP reset every minute
  • DirkO  

  6
  0
  Votes
  6
  Posts
  200
  Views

  

  I am having this same Errors. Did you ever get yours fixed? @Ronpfs Just Because you do not use some thing, Does not means he should not ? THATS pretty backwards thinking!
• P

  Fast way to whitelist domains?
  • pooperman  

  1
  0
  Votes
  1
  Posts
  38
  Views

  No one has replied

• 

  New pfBlockerNG feature - SafeSearch
  • viktor_g  

  3
  6
  Votes
  3
  Posts
  211
  Views

  P

  DoH feature disable is absolutely great
• M

  pfblocker-ng don't update cron hour on update tab ?
  • maba  

  1
  0
  Votes
  1
  Posts
  32
  Views

  No one has replied

• F

  List error when using ASN drop list
  • FredMcfly  

  2
  0
  Votes
  2
  Posts
  30
  Views

  F

  Turns out it is the semicolon causing the issue. In this post, BBcan177 says there is no parser for the semicolon.
• T

  pfBlockerNG large logs crash PHP
  • thouwlin  

  1
  0
  Votes
  1
  Posts
  35
  Views

  No one has replied

• J

  Subscribe to a DNS host feed for whitelisting sites?
  • jeffvogelsang  

  2
  0
  Votes
  2
  Posts
  58
  Views

  R

  @jeffvogelsang Well, on PFBLOCKERNG/DNSBL page, there is the TOP 1M WHITELIST. You can choose the Cisco or Alexa list and then choose how many down the list from the top you want to whitelist. Then choose what is to be included in TLD whitelist. I see it as a safety net to catch popular domains that could end up as a false positive in the blacklists. I set mine to the top 2k. A real pre-packaged 'whitelist' like the blacklists would be very hard to maintain and would obviously need to be very large to really be useful. Consider that for it to have value, you would have to decide what to do with sites that are not on the whitelist. Do you block them? If you don't then what is the point of the whitelist? Thinking someone can figure out, for all the blacklists out there, what the false positives are and then making a whitelist for them and keeping it up to date would be about as daunting. Think about the maintenance involved, ouch. I rarely have issues where I have to add anything to the whitelist anymore, my list is about 45 domains and some TLD exclusions that have been added over the last couple of years. If I test out a a list and see a large amount of false positives I dump it and use something else.
• J

  How do I interpret these status graphs in pfBlockerNG?
  • J24  

  4
  0
  Votes
  4
  Posts
  87
  Views

  J

  @maba Thank you. Makes sense. Just found the button to clear out the counters and reset them!
• M

  pfblockerng 2.2.5.32 bug
  • maba  

  2
  0
  Votes
  2
  Posts
  180
  Views

  M

  ok i figure it out ... for some obscure reason , the line server:include: /var/unbound/pfb_dnsbl.*conf in dnsresolver was append at the end of my custom options ... it need to be at the top before them... The update of pfblocker have broken that. Hope it stay as it is. edit: and a better solution : my options just miss one line ... My "options" begin with: local-zone: "x.X.X.X.X.X.ip6.arpa" typetransparent i had to add "server:" just before "local-zone" ... so no more crash , "server:include..." can be at the bottom or at top ... it's working. ;) So maybe the bug, one more time, was between the chair and the keyboard ;)))
• J

  Devel 2.2.5_31 Safesearch is missing
  • Jobee  

  2
  0
  Votes
  2
  Posts
  132
  Views

  

  @Jobee Please wait for package update: https://redmine.pfsense.org/issues/9874#note-8
• J

  Devel 2.2.5_31 Error loading
  • Jobee  

  1
  0
  Votes
  1
  Posts
  75
  Views

  No one has replied

• J

  Stale Block Lists -- pfBlockerNG - devel
  • J24  

  1
  0
  Votes
  1
  Posts
  84
  Views

  No one has replied

• 

  pfBlockerNG Cron Kills all my connections
  • Soloam  

  1
  0
  Votes
  1
  Posts
  56
  Views

  No one has replied

• 

  xxx.xxx.xxx.xxx.in-addr.arpa [TLD]
  • Qinn  

  1
  0
  Votes
  1
  Posts
  61
  Views

  No one has replied

• M

  WAN open ports problem
  • manuelgop  

  8
  0
  Votes
  8
  Posts
  169
  Views

  T

  @manuelgop Did you apply the changes after reordering the rules? They apply in order, though as I said pfBlocker might reorder them.
• M

  pfBlockerNG 2.2.5_30 & pfSense 2.4.4-p3
  • mifronte  

  1
  0
  Votes
  1
  Posts
  86
  Views

  No one has replied

• S

  Pfblocker-NG blocking white-listed website
  • scorpoin  

  3
  0
  Votes
  3
  Posts
  90
  Views

  H

  You mean a IPv4 List you created is now not working? I'm having the same problem with a brand new setup + List. Cant create it, when it tries to update it gives me custom error list!
• W

  Error in updating PFblockerNG
  • Waqar.UK  

  4
  0
  Votes
  4
  Posts
  117
  Views

  W

  Thanks all.
• Z

  When will pfBlockerNG 2.2 be stable
  • zjgn  

  4
  0
  Votes
  4
  Posts
  283
  Views

  A

  I just came here to check if there was an eta on 2.2 being not marked as development - I normally just look in the package manager for updates. @NollipfSense said in When will pfBlockerNG 2.2 be stable: @zjgn said in When will pfBlockerNG 2.2 be stable: pfBlockerNG-devel 2.2.5_30 Has been stable getting close to 2yrs now. So is the 2.1 branch no longer recommended?
• F

  [SOLVED] pfBlockerNG - Reloading unbound fails
  • fpv  

  17
  0
  Votes
  17
  Posts
  5296
  Views

  

  cool thing ! have fun & stay safe nP
• H

  Cant create Ipv4 custom list
  pfblockerng ipv4 alias custom • • helderingor  

  1
  0
  Votes
  1
  Posts
  28
  Views

  No one has replied

• 

  pfBlocker, blocking the wrong countries
  • IsaacFL  

  8
  0
  Votes
  8
  Posts
  114
  Views

  

  @IsaacFL said in pfBlocker, blocking the wrong countries: @bmeeks maybe someone who is using pfblocker more than I, could verify if that is really the case. This is a /10 owned by Microsoft in Ireland so a pretty big error in the data base. I know it was pointed out that the orig file was not in numerical order, but at least the csv file I downloaded from Maxmind, was in numerical order so I expected the country extraction would also have resulted in something also in numerical order. But i didn’t spend much time on it so could have been something I did wrong. Sorry, but I don't use pfBlocker. I was just responding to the general issue of GeoIP inaccuracies. This effects things other than just pfBlocker. My personal opinion is that GeoIP is slowly losing its utility due to these errors.
• H

  A feed in pfBlockerNG blocking access to Ubuntu.com, keepasssc.org, etc?
  • hda55  

  4
  0
  Votes
  4
  Posts
  155
  Views

  H

  mostly RESOLVED Eventually bothered me enough today that I finally sifted through the logs - thanks for pushing me Gertjan :) - I should have just done the work initially :). I was focused on the DNSBL feeds but it wasn't those at all. Turned out the be the Top Spammers selection of GeoIP that was blocking lots of sites that I consider useful - ubuntu.com, keepassxc.org, winscp.net, etc. Disabling Top Spammers resolved access to those sites. Added an alias for allowed sites, created a rule to allow above this particular pfBlokerNG rule, and then re-enabled Top Spammers - still blocks. Will leave Top Spammers disabled for now until I have more time to fine tune.
• T

  lighttpd taking > 30% cpu
  • tazmo  

  4
  0
  Votes
  4
  Posts
  73
  Views

  

  @gabacho4 said in lighttpd taking > 30% cpu: Turning off the pfblockerng service does Leave it on. With the default settings. With no feeds what so ever. Now you have the same config as I have, and the same as the author has. he wouldn't release it if it would explode the usage of certain( lighttpd ) processes. All will be fine - guaranteed. Now, add your feeds - your config, step .... by ... step...... and test a lot. As soon as you see strange things, like lighttpd going haywire, undo that step - reboot, drink cofee, take a break, and test that step ones more. Still a no go ? Detail your step on the forum : you'll be having something that can be reproduced. That's worth a lot ! If you find something : do not forget to detail your entire setup without omitting anything. Btw : You could even disable lighttpd, as it only servers a 1 by 1 pixel in most times (I guess, never tried it). @gabacho4 said in lighttpd taking > 30% cpu: Is there really only a couple of us having this issue? Just you ;) tazmo resolved the issue by putting things in place. A reboot is rarely needed, but it never hurts.
• V

  Allow Port Exceptions In Floating Rule for GeoIP
  • vazoom  

  1
  0
  Votes
  1
  Posts
  16
  Views

  No one has replied

• W

  Correct pfBlockerNG Set Up?
  • WannabeMKII  

  21
  0
  Votes
  21
  Posts
  317
  Views

  

  Added to that, "names" = host names exists for humans. DNS exists sot that all these names are converted to IP's, something that device actually can use. You could throw away all host names. Try visiting https://[2610:160:11:18::199]/ or https://208.123.73.199/ - your browser will yell at you because the cert of that web site doesn't have 2610:160:11:18::199 or 208.123.73.199 in it's ALT DNS list, so for the sake of testing, just override the warning, accepts it, and you'll see ...... this forum. Without using names (URLs). Edit : when you see these browser certificate warniong, inspect the cert. drill down to the cert info list, and you will find : so you know that you are connected to netgate.com or any sub domain of that site - forum.netgate.com in this example. @WannabeMKII : when you call someone, do you enter his name, or his phone number ? => Well, you use your contact list, a sort of DNS lookup, to have the phone select the according phone number. The phone circuit isn't aware of 'names'. Just numbers. Setting up a contact list without phone numbers ... that's .... not useful.
• M

  This problem is driving me nuts! Please help.
  • mike3y  

  9
  0
  Votes
  9
  Posts
  186
  Views

  

  "Cannot allocate memory" on 2.4.5 does not mean you don't have enough table entries. On 2.4.5 that error will be "Too many elements" if you need to increase the table entries limit. "Cannot allocate memory" is likely just what it says, it ran out of kernel memory trying to load the table. Usually this is only temporary and will resolve itself in the next filter reload. See https://redmine.pfsense.org/issues/10310 for more info.
• B

  mobile.pipe.aria.microsoft.com
  • bigjohns97  

  1
  0
  Votes
  1
  Posts
  109
  Views

  No one has replied