@BBcan177:

How the pfBlockerNG Tracker ID number is created :
Each Firewall rule for pfBlockerNG is assigned a unique Tracker Number.
This Number can be used in a Remote syslog so that Events can be tracked by this unique Tracker Number.

Tracker Number function is here:

https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc#L2036

Basically it takes the Alias Name, various Interface Information and converts this to a unique tracker number…

All pfBlockerNG Tracker Numbers start with "177"

Just had a quick look around the GUI, I think its possible but not in a one click manner.

So pfblockerng filters via DNSBL and IP based BL.

The latter is done solely via the firewall so modifying the firewall for that LAN ip to bypass should be possible although you may need to adjust an option in pfblockerng related to rule ordering so custom rules are processed before pfblockerng rules.

The former is done via DNS manipulation, and that will direct blacklisted domain names to a local webserver on the firewall, so to bypass that you need to basically send back different DNS query results to the LAN ip.  This is possible via an exotic unbound configuration (similar to view statements in BIND).

@DaReaLDeviL:

So here we go, all my settings are now like you greatly suggested but:

I'm looking in the wrong menu? I don't have the "ip4 source definition" like you?!

He is using development version of pfBlockerNG.

IP6?  Or it’s querying a different domain for ads…

I’d consider putting a trace on the port 53 traffic from that host to see what it’s looking for and where.

Finally I disable the TLD, It consumes a lot of ram 8GB was quickly saturated
thank you

You may need to think about this in the opposite way. Instead of blocking, think about what countries you want to allow. You then create "alias" lists in pfBlockerNG which can be used to create your own firewall rules. 
Depending which country list is shorter (allowed or blocked), I would start there, and remember you can always set "Invert Match" to accomplish what you want.

I just clicked the link and got this:

https://forum.pfsense.org/index.php?topic=138904.0

What version of DNSBL will this be implemented?

@anttechs:

I use these on my Pfblocker its great https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/firewall

Confirmed, the updates are working again with the proposed list as a whitelist.

Thanks

I binned off phishtank a while back as it had a really high false-positive count.  I got fed up with it blocking genuine content…

Solved the problem - it seems when I started looking at others peoples problems and offering suggestions I saw mine in a new light

I had Alexa TLD exclusions selected - several of them
I removed all exclusions and TLD is back working just fine

Though I will be putting custom FQDN's I want to block into the proper category - DNSBL Feeds -  from now on

To summarize - packet loss was the first issue + configuration error on my part the second

Turn on Global logging, for debugging purposes, and try inbound and outbound on just the LAN for starters

Choose the 2nd or 3rd "Rule Order" option so all your firewall pass rules are evaluated first

pfBlockerNG rules on the WAN can complicate updates

I prefer floating rule sets

my 2 cents

Specify "Floating Rules" under general setup

Hi,

Start posting here : pfSense Forum » pfSense English Support » Packages » pfBlockerNG as it seems to be a pfBlockerNG  issue.

Well I am not running your version of pfblockerNG
So concentrate on the infoblock under your table.