@rjk13230 ??? pfB has only ever had a entry under the Firewall menu that I'm aware of.

@mcury said in pfblockerng 3.0.0_15 not available in 2.4.5p1:

I really don't want to run with only one cpu

Right, I was just pointing that out as an apparent workaround until the PHP issues are fixed, for someone who can't downgrade and doesn't want to run with out Snort or pfBlocker. Haven't tried it myself.

re: 3100 date:
blog post: Introducing the SG-3100 Firewall Appliance
by Doug McIntire on 05 Sep 2017

is this normal behavior?...pfblockerng.log...

===[ DNSBL Process ]================================================

Clearing all DNSBL Feeds

TLD Analysis not required.
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver... completed [ 03/5/21 03:00:03 ]
Restarting DNSBL Service (DNSBL python)cat: /var/db/pfblockerng/dnsbl/*.txt: No such file or directory
cat: /var/unbound/pfb_py_data.txt: No such file or directory
cat: /var/unbound/pfb_py_zone.txt: No such file or directory

@rtw915

The text that you highlighted is referencing IP "Match" types. Its not needed if you want to Block those IPs. pfSense allows creating Match IP Rules, to allow for the "Logging" of the event any nothing further.

@dalillama
So I assume that MaxMind was rate-limiting based on the cURL user-agent string. When the ID was missing, it was a generic string "pfSense/pfBlockerNG cURL download agent-". Then when the ID was found, the UA string was not rate-limited because it included the ID.

Sorry for the resurrection,

I seem to be experiencing the same issue, and my cron update won't go past 1 AM, and I'm on pfsense 2.5

It is not only the Foss version but official Android Telegram app does the same. I have 11888 hits on the IP 196.55.215.129 in last 24 hours. Anyway the Telegram itself works OK. It is "just" annoying...

@monaco said in DNSBL fail - pfblockerNG:

https://raw.githubusercontent.com/RPiList/specials/master/Blocklisten/pornblock3
the following error:
[ DNSBL FAIL ] [ Skipping : pornblock3 ]
[1614168721] unbound-checkconf[22123:0] error: local-data in redirect zone must reside at top of zone, not at m.www.localhost 60 IN A X.X.10.X
[1614168721] unbound-checkconf[22123:0] fatal error: failed local-zone, local-data configuration
Is it possibly because of this entry:
m.www.localhost

Yes you can't add localhost TLD in a blocklist as you have that TLD already defined in Unboubd abd hence the error:

"local-data in redirect zone must reside at top of zone"

Seems like they removed that domain from that Feed.

@monaco Check out pfBlockerNG-devel Feeds page, and the Blacklist Category page.

@ronpfs said in pfblockerng crash report:

@fireodo The problem occurred when Unbound restart after WAN was toggling.

I stop Firewall service, that stopped all tail_pfb processes. Start Firewall service.

I have also toggled the WAN and there was no problem.

@mariusghita see/read other threads first - the ones from yesterday (March first). They were closed with a 'a solution is coming'.

This morning/night, the issue was corrected.
Upgrade to 3.0.0_14.

@cjbujold
Ok found the issue

Edit file: /usr/local/pkg/pfblockerng/pfblockerng.inc

Reference:
https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-pfBlockerNG-devel/files/usr/local/pkg/pfblockerng/pfblockerng.inc#L2489

From:

$s_info6 = str_replace(' A ', ' AAAA ::/0', $s_info);

To:

$s_info6 = str_replace(' A ', ' AAAA ::', $s_info);

Will get this fixed asap.

Submitted PR here:

v3.0.0_13
https://github.com/pfsense/FreeBSD-ports/pull/1049/files

@bbcan177 said in pfBlockerNG-devel v3.0.0_11:

@fireodo said in pfBlockerNG-devel v3.0.0_11:

BTW: after update unbound has to be started manually.

See here:
https://redmine.pfsense.org/issues/11398

Aha! - thanks 👍

@teamits said in pfBlockerNG-devel v3.0.0_10:

/usr/local/www/pfblockerng/pfblockerng_alerts.php:160

Comment out that line #160, by prefixing "//" to it (without the quotes). Will get that fixed in next version.

@ronpfs said in pfBlockerNG-devel 3.0.0_10 won't uninstall:

@smoothrunnings What version of pfsense? There was a "fix" to install unbound 1.13.1 Unbound crashes periodically with signal 11

Version 2.5.0-RELEASE (amd64)
built on Tue Feb 16 08:56:29 EST 2021
FreeBSD 12.2-STABLE

Currently system is on the latest version.

@ronpfs a pleasure.

In your example there is a date, the missing data is the year.

Feb 23 17:19:24 pfSense filterlog: 9,,,1000000103,xl0,match,block,in,4,0x0

@gertjan will try 800k

@mhab12 said in No pfBlockerNG alerts after update to 2102:

Perhaps the log file locations are different after update to pfS+/2102?

The file format changed, 2.5.0 is not using clog.