@RonpfS thanks for the reply. I have the exact same NAT as yours, but still cannot browse the VIP.

@ar15usr said in No IP Alias/Group defined from Feed?:

Should I change them all?

No, those are normal when nothing is defined / configured for these entries.

Run a "Force Reload - DNSBL" and check the pfblockerng.log for more details.

@deividuska said in Site Blocking Using pfblocker DNSBL Unblock device:

@ronpfs

Hi
So what are my options in pfBlockerNG? DNSBL EasyList?

If I follow, you have one device that you do not want ad blocking on. If true, manually set the DNS on that device to the server you want. It will bypass DNSBL.

@r-oliveira

Guys I resolved this problem uninstalled the pfBlockerNG 2.1.2_3 , after that i installed the version pfBlockerNG-devel net 2.2.1 it worked for me

Run the following command:

grep -A30 "<menu" /conf/config.xml

And check to see if there is an empty <menu></menu> tag... I have seen this with another user, but am not sure if its a pfSense bug or a pfBlockerNG bug?

If there is an empty tag, you can edit /conf/config.xml and remove that empty tag. If you do that from pfSense > Edit File, that will reload the config after you press save and hopefully that fixes it.

Yes make a Permit Outbound Alias and add the IPs to the customlist and ensure that this Permit rule is above the other block rules.

@krischeu It might not generate alerts for that range if it is in a whitelist.

I had a spare mSata drive for my pfsense box...so I used that to upgrade and retained a full backup of the older version by swapping the drive... this issue is resolved in the newer version of pfsense

Not sure where you got the idea that pfblocker would be the correct tool for blocking users from accessing social media, and allowing others.

That would be better done with a proxy and categories..

Sure you can use the pfblocker dnsbl to block domains... But there is no drop down list that says this social media site, that one, this one.. Allow X but block Y, etc.

These different sites use many many IPs multiple domain names and different CDNs to host their content.. Do you have specific block lists already in mind that your wanting to use with pfblocker?

@bbcan17 I still cant acess 10.10.10.1 in my browser.

Cool, thanks..

(I added some overrides manually so thats why its on the list..)

Thanks! I will remove those extraneous characters in the next version.

@bbcan17 said in DNSBL and PlayStation Vue issue - again:

manually add domain to the Whitelist

I really need hand-holding with this. I get the general concept, but where to "manually add domain to the Whitelist" and then to figure out (for example duappsdap.wshifen.com) an run 'drill' command, is not clear to me.

I hope it will be useful to many users.

Thx

I have plans to add this at some point, so for now, you can manually add this to the DNSBL Whitelist customlist:

fetch -o /tmp/file.txt "https://www.archlinux.org/mirrorlist/?country=all&protocol=https&ip_version=4&use_mirror_status=on" grep '=' /tmp/file.txt | cut -d '/' -f3 mirror.koddos.net ftp.lysator.liu.se mirrors.kurnode.com mirrors.dotsrc.org mirrors.nix.org.ua archlinux.us-west.mirror.zoidplex.net arlm.tyzoid.com ftp.lanet.kr archimonde.ts.si mirror.wormhole.eu archlinux.mirror.wearetriple.com ftp.fau.de arch.eckner.net mirror.i3d.net mirrors.arnoldthebat.co.uk arch-mirror.wtako.net www.ratenzahlung.de archlinux.us-east.mirror.zoidplex.net mirror.hackingand.coffee mirror.metalgamer.eu mirror.lty.me mirror.smith.geek.nz mirror.fra10.de.leaseweb.net ftp.sh.cvut.cz fooo.biz arch.mirror.constant.com mirrors.rutgers.edu archlinux.mivzakim.net mirror.pseudoform.org archlinux.thelinuxnetworx.rocks mirror.system.is muug.ca mirrors.n-ix.net archlinux.beccacervello.it mirrors.cat.net repo.itmettke.de packages.oth-regensburg.de mirror.netcologne.de mirrors.phx.ms mirror.csclub.uwaterloo.ca sgp.mirror.pkgbuild.com pkg.adfinis-sygroup.ch mirror.hactar.xyz gluttony.sin.cvut.cz mirrors.neusoft.edu.cn ftp.heanet.ie arch.mirror.square-r00t.net mirrors.celianvdb.fr arch.yourlabs.org jpn.mirror.pkgbuild.com mirror.puzzle.ch linuxmirrors.ir repo.sadjad.ac.ir archlinux.mirror.pkern.at mirror.epiphyte.network mirror.dkm.cz mirror.aarnet.edu.au archlinux.eu.mirror.zoidplex.net mirrors.kernel.org ftp.jaist.ac.jp mirrors.ukfast.co.uk mirror.thomaskilian.net archlinux.dynamict.se mirror.srv.fail mirrors.nxthost.com mirror.sfo12.us.leaseweb.net mirrors.sjtug.sjtu.edu.cn mirror.lnx.sk ftp.rnl.tecnico.ulisboa.pt foss.aueb.gr mirror.osbeck.com mirror.sergal.org archlinux.layer8.fail mirrors.rit.edu mirrors.atviras.lt www.mirrorservice.org ftp.halifax.rwth-aachen.de mirrors.sonic.net archlinux.asia-east.mirror.zoidplex.net mirror.kku.ac.th mirrors.lug.mtu.edu archlinux.mailtunnel.eu mirror.reisenbauer.ee archlinux.nautile.nc archlinux.ip-connect.vn.ua ind.mirror.pkgbuild.com mirror.michael-eckert.net mirrors.niyawe.de mirror.yandex.ru mirror.f4st.host mirror.0x.sg archlinux.vi-di.fr ftp.spline.inf.fu-berlin.de mirror.ams1.nl.leaseweb.net mirrors.xjtu.edu.cn mirror.kaminski.io mirrors.uni-plovdiv.net mirror.bethselamin.de mirror.t-home.mk mirror.homelab.no arch.jensgutermuth.de mirror.ubrco.de ftp.wrz.de mirror.neostrada.nl mirror.armbrust.me ftp.myrveln.se mirror.xtom.com.hk mirror.neuf.no mirror.dal10.us.leaseweb.net mirrors.ocf.berkeley.edu k42.ch mirrors.ustc.edu.cn mirrors.pidginhost.com mirror.one.com archlinux.nullpointer.io mirror.orbit-os.com mirror.thekinrar.fr mirror.jankoppe.de mex.mirror.pkgbuild.com mirror.stephen304.com ftp.acc.umu.se mirror.aur.rocks mirrors.shu.edu.cn mirror.datacenterlight.ch archlinux.thaller.ws mirrors.tuna.tsinghua.edu.cn archlinux.us-central.mirror.zoidplex.net mirror.wdc1.us.leaseweb.net archlinux.surlyjake.com glua.ua.pt mirror.grig.io

@pfsensetest
Thank you. The format with the .*conf is correct.

@xentrk Thanks! You should also check out the DEVEL version.

@telecomguy you have to clear your browser and OS DNS cache between these events or wait for the TTL to expire.

I've not tried to read a file directly, but since the country aliases were created as URL aliases I copied that to create https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_GeoIPUSv4. Can you try loading via URL? Our Asia alias for instance is https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_Asia_v4 and I'm pretty sure I didn't create that one.