@vito-0 I have verified that the update is successful, but the message "Log Viewer Standby" appears in the log section.
Why?

@benv22 said in GeoIP autocomplete not working:

turns out i had to enable the pfBlockerNG service first on the general page

Doh! ;) hehehe

I found the solution:

downlaad freebsd 11.2 lib package with missing files winscp to pfsense and copy the missing files each time it ask.. mine needed only 2 files restart pfsense and start doing your upgrades :D

@bbcan177 Hi, thanks for the pointer to the command to fetch and filter the json file. I was not able to work out how to use the commands in an IP alias in the firewall. Does it need to be used within the source for a pfBlockerNG > IP > IPv4 > "IPv4 Source Definitions" entry? If so, do you have any links to documentation that explains how to use it? Thanks,

Sorry linked the wrong tutorial on their website, followed this one obviously

@pftdm007 said in DNSBL is no longer working normally:

Am I missing something here ?

Maybe this :

Whatever you set here about:config (URL in Firefox) will retain, even after updates.
So switch DoH of over there, and you'll be fine.
If not, Firefox will use DoH, they do so on a new install for while now, at it is undeniable safer for the end user.

@jc1976

Confirmed
Redmine issue created: https://redmine.pfsense.org/issues/12443

@dgall said in Has Shallalist been removed from the latest version of PfBlocker?:

I thought the 3.1.0 was still in the development stage I usually do not use software in the development stage because the bugs are still being worked out I upgraded to 3.1 and shallalist is listed

True .... and not so true.
The current 3.x series is now under development for over 2 years.
The 2.x series is 'abandoned' for development, and upgrades come out if there are security issues. It will be ditched soon (if you asked me).
3.x had about 20 releases, and is now pretty solid.

I had the same problem and it was Squid.
In Squid, Transparent Proxy Settings, I had to add 10.10.10.0 (in my case) to the 'Bypass Proxy for These Destination IPs' or simply check 'Bypass Proxy for Private Address Destination'.

@sozler

Wow! My post was 3 years ago!

I’ve stopped using pfsense and therefore pfblockerNG quite some time ago.

I’m using https://nextdns.io now. It’s pretty good and much easier to use and configure. (It’s far from perfect, but it’s way simpler)

@gertjan thanks for the heads up! I left everything running for a week with python mode enabled in Unbound, pfBlocker IP enabled and DNSBL disabled… ran like a charm.

Enabled DNSBL last night with one Feed with 10k ish domains, so a pretty small list. Here’s the memory usage, staying consistent until I flipped the switch, within an hour unbound crashed with no obvious log.

3022C956-ACAC-4CAF-8EF4-B30877CCB14B.png

@steveits Yup, sure does! I was actually on the right track but I gave the wrong setting. It's actually the fake website shield that needs to be disabled. I will update that in my last post. So what happens is that AVG detects that pfSense is trying to change the IP address to the website you're accessing and so it'll circumvent it as it thinks it is an attack.

I can't edit my original post, so here's what needs to happen. It's the Fake Website Shield that is responsible for this. So go to Menu > Settings > Full Protection > Fake website shield > Turn it off indefinitely. Not necessarily the course of action that is the most awesome but that is the trouble module causing pfSense to be ignored.

@chudak If you click the actual feed URL on the Feeds page under the Header/URL column does it download? They will occasionally move URLs...though seems unlikely multiple ones did.

That´s of course the first thing, I tested. :)
The pfSense box can resolve the internal addresses.

I have realized this by using "Domain Overrides" at the DNS resolver. In which for the domain "10.in-addr.arpa" points to an internal DBNS server.

On the console I can resolve the addresses and in "Diagnostics"->"DNS Lookup" also works.

Only in the Alerts tab it doesn't seem to work...

@andrew453 said in Suppressing IP block in CIDRs other than /24 and /32:

https://www.iblocklist.com/list?list=cwworuawihqvocglcoss

List of people who have been reported for bad deeds in p2p.

This list is for protecting BitTorrent clients. IMHO it could be used on the local machine BitTorrent hosts instead of the Firewall.

When Auto-Rules doesn't fit your setup, you can use Alias type with your own FW rules order.