• PfBlocker local files [solved]

    Moved
    10
    0 Votes
    10 Posts
    5k Views
    BBcan177B

    @iyad:

    Please i got this message and i can't find the issue

    ===[  IPv4 Process  ]=================================================

    [ forbid ] Downloading update  .. completed ..
      Empty file, Adding '1.1.1.1' to avoid download failure.

    [ Badsites_custom ] Downloading update [ 05/14/18 12:52:00 ]connect: No route to host
    connect: No route to host
    connect: No route to host

    . completed ..
    [ pfB_Badsites Badsites_custom ] Custom List Error ]

    In the IPv4/6 tab, click on the blue infoblock icons and you will see the correct format for adding URLs. It looks like the pfSense box can't connect to the URL you entered:

    Local file:    http(s)://127.0.0.1/filename  or  /var/db/pfblockerng/filename

    For the customlist, you need to enter one IP per line (also click on blue infoblock icon for details)

  • Geoip traffic map

    1
    0 Votes
    1 Posts
    399 Views
    No one has replied
  • Best way to start over?

    4
    0 Votes
    4 Posts
    540 Views
    RonpfSR

    In pfblockerNG General tab, disable pfBlockerNG and uncheck Keep Settings, save, this will clear all downloaded lists.

    Then remove package pfBlockerNG.

    Last add package pfBlockerNG, this should gave you a blank pfBlockerNG configuration.

  • Enforce pfblockerng for specific hosts/networks

    3
    0 Votes
    3 Posts
    659 Views
    S

    Ok thanks. I got that to work.

    But I guess I was looking for a way to bypass the firewall rules as well as DNSBL (i.e. I wanted a subnet on my LAN which would behave as though pfblockerng was not installed).

    I found this post:

    https://forum.pfsense.org/index.php?topic=119031.0

    which seems to suggest that the only way around DNSBL is to push an entirely separate DNS entry for the hosts that will bypass DNSBL. The problem with this though is that these hosts will not be able to take advantage of DNS over TLS as implemented in pfsense.

    Is there any other way to bypass DNSBL?

  • Redirect error page in Pfblocker?

    1
    0 Votes
    1 Posts
    483 Views
    No one has replied
  • 10.10.10.1?

    1
    0 Votes
    1 Posts
    722 Views
    No one has replied
  • PfBlocker firewall rules keep rearranging themselves??

    3
    0 Votes
    3 Posts
    472 Views
    J

    Thanks. That was it obviously

  • Thanks BBCAN177 !

    5
    1 Votes
    5 Posts
    4k Views
    S

    As pointed out to me in another post.
    https://forum.pfsense.org/index.php?topic=139634.0

  • Thank You for pfBlocker!

    3
    0 Votes
    3 Posts
    742 Views
    S

    I had missed that but am now a supporter. Thanks.

  • PfBlockerNG is not doing what I want…..

    2
    0 Votes
    2 Posts
    568 Views
    V

    Okay so here is what I really need help with.
    I want to block Outgoing packets to Russian and China with the exception of my torrents which I want to send through port 17000.

    How would I implement this, as the "Invert" option does not appear for ports only for sources or destinations.

  • 1 Votes
    5 Posts
    1k Views
    ARAMP1A

    @jdeloach:

    @ARAMP1:

    Thanks.  It ended up being the "pfB_Top_v6 auto rule" on my LAN1.  I disabled it and now can access the website.  Now, to figure out what the rule did and what I did by disabling it.  :o

    The web site, raspberrypi.org, appears to reside in the country of Great Britain per Whois.com.  Are you blocking the country, Great Britain?  If so, unblock it in the block list, if pfB_Top_v6  list includes this country.

    United Kingdom is listed in Top 20 and Europe and I have them both unblocked.  :(

  • DNSBL service auto started by its own even though its disabled!

    1
    0 Votes
    1 Posts
    273 Views
    No one has replied
  • Pfblockerng understanding the log and how it works

    6
    0 Votes
    6 Posts
    1k Views
    M

    For it to address the CNAME issue you will need to remember to whitelist sites via the reporting UI, and using that won’t be any different to you listing them yourself as both the server and servers they refer to will end up in the whitelist.  So don’t feel a need to wipe & redeploy.

  • Custom whitelist sites still being blocked as per log?

    4
    0 Votes
    4 Posts
    605 Views
    RonpfSR

    When I click on the infoblock I see :

    Note: These entries are only Whitelisted when Feeds are downloaded or on a 'Force Reload'.

    ::)

  • Blocking a single host

    3
    0 Votes
    3 Posts
    516 Views
    ?

    Thanks. I guess I was being thick :)

    John

  • Command line cmd to trigger ip update?

    3
    0 Votes
    3 Posts
    855 Views
    K

    Actually I am having difficulties with the cron settings, very similar to this person (drewsaur):
    https://forum.pfsense.org/index.php?topic=129048.0
    unfortunately it was decided he did not have a bug and ignored :(

    I get the same error, only ever updates at 1:30.  Played around with it a bit, and it seems the only field that takes is the minute field "pfb_min" it ignores the rest.  The cron settings solution you indicated is a good idea, but seems unlikely to work because of the above error.  Unlike drewsaur, having it only update at 1:30 am was not really a problem for me.  Rather then try and fix a messed up cron thing, I figured it would be easier just to add a new job for what I wanted.

    . . .

    I dug through the pfblockerng_update.php to find the command, it it looks like its not command line at all per say, but sending a call to pfblockerng.php, which in turn calls sync_package_pfblockerng.  Not familiar with bsd or package manager so will continue down the rabbit hole when I have time.

    edit:
    sync_package_pfblockerng is not a package manager call at all I guess, it is defined in pfblockerng.inc, which is executing .php to do the update.  A neat way to do it.

    edit:
    answering my original question:

    commands for pfblocker can be executed with:
    /usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php [put your option here]
    ex: /usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php update

    the options for [put your option here] are defined in the /usr/local/www/pfblockerng/pfblockerng.php file in a switch statement.  None of them achieve the objective of my original question.

    My personal solution was to add a new option by editing pfblockerng.php & pfblockerng.inc.  This is a grade A hack job, but if anyone is interested inquire and I will post the details.

  • DNSBLIP Blocking 1.1.1.1

    6
    0 Votes
    6 Posts
    2k Views
    K

    For me, the Alerts tab in pfBlockerNG showed that 1.1.1.1 was blocked because it was on the Abuse_Zeus list.  I had to add this IP to the Supress List by clicking on the "+" symbol in that row of the Alerts table.  Then I had to disable and re-enable pfBlockerNG to get 1.1.1.1 to be unblocked.

  • DNSBL Certificate Error: INVALID CA

    2
    0 Votes
    2 Posts
    1k Views
    R

    BTW, after making changes to pfBlockerNG.inc:

    head -10 pfb_dnsbl.conf

    local-data: "004b17a0c349157de.com 60 IN A 0.0.0.0"
    local-data: "006a039c957c142bb.com 60 IN A 0.0.0.0"
    local-data: "007-gateway.com 60 IN A 0.0.0.0"
    local-data: "0073dd485d46d930dd9.com 60 IN A 0.0.0.0"
    local-data: "00aaa2d81c1d174.com 60 IN A 0.0.0.0"
    local-data: "00e20f955428d.com 60 IN A 0.0.0.0"
    local-data: "00zasdf.pw 60 IN A 0.0.0.0"
    local-data: "012469af389a1d1246d.com 60 IN A 0.0.0.0"
    local-data: "0194c6fcbb3.com 60 IN A 0.0.0.0"
    local-data: "019f2d2d415.review 60 IN A 0.0.0.0"

  • Fix for: pfblockerng_alerts - Allowed memory size exhausted

    1
    0 Votes
    1 Posts
    442 Views
    No one has replied
  • Number of Domains Supported by DNSLBL?

    2
    0 Votes
    2 Posts
    459 Views
    M

    The problem is not so much what unbound can handle, that seems to be limited by RAM, the list updates from pfBlocker can be done seamlessly.

    The problem you’ll have is that if you have DHCP allocating names to IPs then every time you do so it restarts unbound which reloads everything and that takes time with a big list.  My system (N3150, 8gb + SSD) starts getting grumpy after ~600,000 domains but it’s just reload time.

    I looked at looking at how DHCP sets up the names to use the seamless method that pfB does, though it may be possible to double up on DNS servers somehow with a clever config.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.