@bbcan177 said in pfblockernG-Dev Coinblocker and Cryptojackers URLs changes:

now available for both pfSense branches.

2.3.5-RELEASE-p2 (amd64) and 2.3.X DEVEL only offer 2.2.1.

@riaanwest said in pfblockerng:

Basically making pfblockerng to create an alias for each category referenced in shallalist so you can create manual firewall rules using those aliases pointing to lets say social networks?

You can't use FW_Rules with DNSBL tables.

DNSBL operate on the Domain Name space.

Firewall rules operate on the IP space.

@jwj said in Not understanding this ip block (https://ipinfo.io/AS32934):

So, it looks like ipv6 "tab" lists get incorrectly setup as ipv4 rules. And it looks like this has been fixed in the devel version.

Yes this is fixed in pfBlockerNG-devel

@mloiterman said in PHP Error on exhausted memory:

2.1.4_8

Best to move to pfBlockerNG-devel which will fix that issue.

perfect thanks!

I am so looking forward to the new version.
the dev version is excellent :)

So it looks like the openvpn range had the range it was last configured for, but not some of the others that had failed.

[2.4.3-RELEASE][root@pfsense.home]/root: ifconfig | grep inet inet6 fe80::224:b2ff:fedf:a196%bge0 prefixlen 64 scopeid 0x1 inet 73.82.108.146 netmask 0xfffffe00 broadcast 255.255.255.255 inet6 fe80::2e0:66ff:fe6a:c58f%bge1 prefixlen 64 scopeid 0x2 inet 10.10.0.1 netmask 0xffffff00 broadcast 10.10.0.255 inet 10.254.254.254 netmask 0xffffffff broadcast 10.254.254.254 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 inet6 fe80::2e0:66ff:fe6a:c58f%bge1.2 prefixlen 64 scopeid 0x7 inet 10.1.0.1 netmask 0xffffff00 broadcast 10.1.0.255 inet6 fe80::2e0:66ff:fe6a:c58f%bge1.5 prefixlen 64 scopeid 0x8 inet 10.2.0.1 netmask 0xffffff00 broadcast 10.2.0.255 inet6 fe80::224:b2ff:fedf:a196%ovpns1 prefixlen 64 scopeid 0x9 inet 10.2.10.1 --> 10.2.10.2 netmask 0xffffffff inet6 fe80::224:b2ff:fedf:a196%ovpns2 prefixlen 64 scopeid 0xa inet 10.1.10.1 --> 10.1.10.2 netmask 0xffffffff

I think that my choice works out fine though, 10.254.254.254 is way out of the way.

@labradorg13 https://www.reddit.com/r/PFSENSE/comments/8lnugz/pfblockerng_devel_version_released/

https://forum.netgate.com/topic/132669/pfblockerng-generating-php-errors/5

@ronpfs said in DisconnectAds, DisconnectTracking and DNSBL_Malicious - D_Me_Malw:

host -t A s3.amazonaws.com

Thanks Ronpfs it did the trick

host -t A s3.amazonaws.com s3.amazonaws.com is an alias for s3-1.amazonaws.com. s3-1.amazonaws.com has address 54.231.33.202

Did not new the command dig (domain information groper) thanks 👍

I've upgraded 2.1.2_3 to 2.1.4_8 without issue.

https://forum.netgate.com/post/780328

Fixit:

# pkg-static search icu icu-60.2_1,1 International Components for Unicode (from IBM) # pkg-static install -yf icu-60.2_1,1 # ln -s /usr/local/lib/libicui18n.so.60 /usr/local/lib/php/20131226/libicui18n.so.60

Restart php-fpm

Everything that is blocked is visible in the "Alerts Tab".

@ronpfs OK back up now, thanks..

@grimson said in pfblocker_devel:

You do know/understand that installed packages no longer show as an available package, as they are installed already?

lol yes, I was just wondering if the new version had the same stuff as the devel version.
It sort popped up out of the blue in the package list while I already had pfblocker installed so / I went and installed the pfblocker_devel version.
Maybe I was the only one who saw it.
The pfblocker_devel version I'm using now is excellent with all new feeds.
Now when I look at the package list I see the new version of pfblocker.

I'm thinking its time to fully uninstall the pfblocker_devel and go back to the pfblocker on the package list now lol
Looks like I'm the only one with the pfblocker_devel lol

Good to see Mr BBcan177 is back welcome home mate :)

cheers guys

With a little more troubleshooting I found the issue. I neglected adding in a firewall rule to allow the client access to the DNSBL VIP over ports 443 and 80.

Thanks for pointing that one out to me. I missed it, because I read this one, https://www.reddit.com/r/PFSENSE/comments/8lnugz/pfblockerng_devel_version_released/ ,which suggests it was only downloadable from the unstable branch, as I did not expect a development release in the stable branch... 😎