Yes, after upgrading to 3.1.0_4, everything is fine..
Thanks BBcan177 and pfsense team

@gertjan Upgraded to v3.1.0_4 (new one came out already?) and now it works! Thank you!

Updated to 3.1.0_4 a couples of minutes ago, and as usual I forgot to look at the state of unbound, and it was stopped of course.

But, what I do now is doing a full reload, as I see the yellow thingy :

2c281196-02a3-438a-a1df-2a08039ccfd5-image.png

and that will also take care of the unbound issue.

Hi,

After some troubleshooting, I found out the problem was with Private DNS (dns.google) setting on the phone. Once I set it to auto, everything turned out smooth again.

Thank you.

@pst said in Logging not working in 3.1.0_2:

@fireodo Thank you!

😊

@cool_corona said in pfBlockerNG-devel: Version 3.1.0_2 - Fix for #12706:

@gertjan Does it matter?

As https://redmine.pfsense.org/issues/12706 tells me :

Description How to reproduce: 1) Install pfBlockerNG-devel, and configure DNSBL in python mode 2) Enable RAM disk for /var 3) After reboot, all files associated with pfblockerng are deleted: /var/unbound/pfb_unbound.py /var/unbound/pfb_unbound_include.inc /var/unbound/pfb_py_hsts.txt 4) ...and unbound doesn't start:

But I have no RAM disks, as 'my case' is like many others : not much RAM, but loads of (SSD) disk space.
So, no step 2 for me. The issue becomes a none issue.
The issue is real, that's not the question.

Apparently being fixed in next release pfBlockerNG-devel v3.1.0_3:

https://github.com/pfsense/FreeBSD-ports/pull/1151

@fiblimitless

please ignore/delete my previous post.
When Global loggings Enabled, it takes priority, and is in effect, no matter the option shows inside the log's settings. when disabled, logs show back to what you changed it to.

@scorpoin

Goto the pfB logs page, select the error.log file and click on the waste bin.
Do an Update, reload, All.

If the error persists, wastebin the error.log file again.
Remove the incriminating feed.
Do an Update, reload, All.

@steveits There is no "Feeds" tab.
At the top I go to: Firewall -> PFBlockerNG
Then this is what I see in the image:

pfblocker.png

You were right. I was not using the "devel" version and was on the pfBlockerNG 2.1.4_26 version. I uninstalled this and installed the devel version. Now I see all the feeds. Thank you.

The patch and a filter restart did the job - thank you!

Perhaps @BBcan177 will see this and confirm if this is a bug or working as intended.

@gertjan You are well come :) .

@felipepipers said in Block Apps over Wi-Fi (Facebook-Instagram..):

And for HTTPS, some idea?

There is no workaround for HTTPS. It works on HTTP because pfblocker serves up the page when it blocks a site. Since the page is unencrypted the browser just serves up the page it's given. Pfblocker acts as a Man-In-The-Middle between the browser and the intended server and injects a non-asked for page.

By its design, HTTPS works by the browser verifying that the security certificate of the server it is trying to connect to is from the same domain it is intending to reach. So in pfblocker's case if it tries to serve up the blocked page the browser will not display it because it did not come from the validated server it was trying to reach. The browser then displays a security warning and won't load the page that it was served.

As an aside I noticed that there is a Facebook DNSBL feed in pfblocker that I had not noticed before:

a2a347ee-92e5-4d48-a905-66fa4c788afe-image.png

@dma_pf Thank you! I see that I am not using DHCP Registration so I think I am good to go. Took the plunge. Noticed a few things.

The memory utilization is actually higher. Not sure if there is a lot of initial work going on due to the change, but it's almost doubled from 8% of 8GB to 16%.

Under reports, the DNSBL area isn't showing the blocks in red anymore even though the (DNSBL Block Event color). The background is simply white.
Working as intended. I wasn't seeing the DNS Reply Events previously in unbound mode.

@patch said in PfBlockerNG Alias:

Alias Native would have the same net effect, using it would involve more processing when updating the list but less processing while using the list

Technically it would be the other way around, Alias Native does not look for duplicates.

However you should all probably read this thread which seems to have found that Alias Deny will remove IPs found in other lists which may not be the result you want, if rules for both lists are not denying the same port.

@clokwork

I just did just this at the weekend after recently installing pfBlocker as I found it was preventing visitors reaching sites via Google search.

googleadservices.com # For Google search links www.googleadservices.com # For Google search links

James.

Do not use top Spammer list from geo blocking
Strange things are happening means that legit and clean ranges are blocked

BR np

@nogbadthebad Andy, thanks for that tip! My wife's out until this afternoon but I'll definitely look into what you suggest. I never knew you could do that on an iphone (not much of an apple guy). I'll let you guys know what I find out.

Thanks again!

@dma_pf Thank u bro

Try the following fix

https://forum.netgate.com/topic/169610/ip-logs-are-not-being-created-populated/10

@j-lanham said in PFBlockerNG Webserver not running.:

What's the best way to uninstall the current version and install the correct version? I tried installing it on my home version and the DHCP server went nuts. Uninstall, reboot, then install the devel version?

It was a long time ago that I made the switch and my memory is a bit foggy. To the best of my memory I just installed the devel version. But doing a complete uninstall would not be a bad way to do it either. Just make sure that you do a full backup of your complete system first. And before uninstalling or doing an update of the current version make sure that you have the following enabled in the pfblocker settings:

ba1e36f0-3efd-45b7-8a63-664810658e74-image.png

There is an issue with DHCP in the devel version. Once you update you should switch this setting off in DNS Resolver settings:
8bf06834-06e2-469b-bfea-fbf086897bad-image.png

If you do have specific clients that you need to register in DNS assign them a static IP address and enable this setting in DNS Resolver:

ead8a93d-9c88-472c-9413-b91074f535c4-image.png

I was seeing this too but now it's downloading it again.

This is reported here: https://redmine.pfsense.org/issues/12827
Forum discussion: https://forum.netgate.com/topic/169955/latency-spikes-during-filter-reload-ce-2-6-0

I ran into this issue as well after upgrading to 2.6.0/22.01 and confirm that logging is working properly again after applying the patch. Below is a link to an updated post from @BBcan177 on Reddit:

https://www.reddit.com/r/pfBlockerNG/comments/t1awl6/updated_patch_for_pfsense_2621x_ip_logging_issues/

Link to the original post on this issue for reference:
https://forum.netgate.com/topic/169610/ip-logs-are-not-being-created-populated/

@pierrelyon

I'm using this list instead:

https://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

Info: https://dsi.ut-capitole.fr/blacklists/ (Google Translate)

To be honest, I think there is no other free list alive I'm aware of.

@bambos Hi, I would suggest you start with the set up wizard for pfBlocker-NG-devel.
The learning curve for pf bocker can be steep, so go slow and read everything......twice.
In addition, go to the help on your pfSense dashboard, then click pf Sense book and navagate to pf blocker package and read up. just type pf blocker in the search of the book.This will give you a good start and basic understanding.Screenshot from 2022-02-22 08-46-26.pngScreenshot from 2022-02-22 09-10-59.png

Solved - see https://forum.netgate.com/topic/170142/updated-to-22-01-sg1100-high-cpu-usage-sbin-pfctl-vvsr/16

@pftdm007

See here for a patch:

https://www.reddit.com/r/pfBlockerNG/comments/sk9txi/ip_block_logging_not_working_pfsense_260rc/hvv99s1/?utm_source=reddit&utm_medium=web2x&context=3

@periko found the solution, change the DNSBL web server interface from localhost to LAN, done, thanks!!!

@clokwork said in What to whitelist to allow YouTube history?:

just unsure

The solution that always works :
Remove all feeds (IP and DNSBL).

Iterate over :
=> Flush local DNS cache (Micrsoft OS : ipconfig /flusdns)
=> Test youtube history
=> Add one feed
=> pfBlockerNG-devel full reload
=> reloop

@keyser I'm sorry that I'm ressurecting my old thread on this topic again, but I just installed 22.01 (ZFS reinstall) on my 6100 and that in turn updated pfBlockerNG to the latest version 3.1.0_1 version.

I'm sorry to report that has brought back the Unbound disk write issue (with the same config).
My box went from doing about 130KB/s writes to about 550KB/s now. About 30% of that comes curtesy of the ZFS filesystem, but still it's at least a tripeling of Unbound diskwrites...

I'm beginning to wonder if Netgate considered the wear ZFS would cause on the small eMMC. appliances. If the write endurance rating is "industry standard" on the built-in eMMc, this level of write IO will kill my box within 2 years (And that's only because it's a 16Gb SG-6100).
The same config in my SG-2100 will kill the eMMC within a year.

I think we have a huge problem here....