@SteveITS Works perfectly, needed more ram. Thank u!

It appears to be a redirect of the permalink, so it should continue working unless you have a list or something blocking cloudflarestorage. https://dev.maxmind.com/geoip/updating-databases

@areckethennu For now you can use this link oisd big

I think my CPU problem might be fixed... I found some corruption in my config.xml in regards to ipv6 and router advertisements. Somehow fixing that seems to have fixed pfblocker. Doesn't make any sense really so I'm thinking the problem might come back in a few weeks.

@SteveITS Thanks, then I will try to install it.

@garyn - the fix for issue 2587 was posted this morning. Fresh download confirms Raviu56 fix. https://github.com/StevenBlack/hosts/issues/2587

@RobbieTT said in pfBlockerNG - Failed to parse: pfb_py_data.txt: Any other ideas how to simplify this hunt? By looking at the file ?! The format is rather simple, and 'constructed' after the DNSBL you've selected. MOst priobably, one of them contains a format error not detected by pfBlocker upon construction, but when read back in, it fails. Start removing one by one your DNSBL feeds, and as soon as the errors goes away, you'll know which one to exclude. Btw : this is what I would do to tackle the issue.

@reberhar So I had two similar machines acting exactly the sameway. They only shared the config file. I am preparing for HA. Trying lots of links for the UT1 list and changing many settings, one started to work with the squidguard list. Which means that my config file is corrupted. I am not looking forward to doing a pfblocker clean install, but it seems that that is what it needs. SIGH

@SteveITS - Thanks!

@netboy yeah your setting there is pointing stuff that is blocked to the IP that pfblocker is using.. It can not present the correct cert for the actual fqdn your browser is thinking its going to..

@Sergei_Shablovsky Do you know of a way to virtualize iOS ? Palm Pre use to do this with virtual box...

@johnpoz Found the issue, I didn't choose the countries within the continent. Therefore, it was not creating the alias. Thanks for your quick responses anyway!

@JHODZ How much DNSBL feeds do you have : [image: 1708931319588-820408bc-f8f1-4dc7-9aa2-1d50b23a47f3-image.png] [image: 1708931339104-c306e0a5-a521-40a4-9a23-c8464307fefa-image.png] What does this log show you when you reload pfBlockerng like this : [image: 1708931392970-dee28981-7849-47e1-926e-58f7d2187797-image.png] Do the test both in unbound and Python mode.

@SteveITS I use pfBlocker only for generate geoip lists. So, I use this lists for allow/block rules on wan interfaces.

@coffeecup25 After some back and forth I was able to get a list together. For anyone interested, this list got Facebook working properly for me. facebook.com whatsapp.com fb.me messenger.com whatsapp.net whatsapp-cdn.net fbstatic-a.akamaihd.net fbcdn-photos-b-a.akamaihd.net fbcdn-photos-a-a.akamaihd.net fbexternal-a.akamaihd.net fbsbx.com fbsbx.com m.me -RYknow

@SludgeT try using an RFC1918 IP address for the DNSBL webserver.

@MaxFactor-0 I suspect something isn't matching. Did the name or the URL change? Maybe the old URL is being redirected? As long as the file exists on disk pfB should use it as is. It doesn't mean it's being updated. And being Unknown doesn't mean the feed isn't downloading it just means it's not recognized in the predefined list.

@SteveITS said in Is it possible to modify pfBlockerNG to pfAllowNG?: This is a dirty patch /usr/local/pkg/pfblockerng/pfb_unbound.py Let the Python regex list use for AllowOnly Is there a potential bugs here? # Block via Regex if not isFound and pfb['regexDB']: isRegexMatch = pfb_regex_match(q_name) #print q_name + ' regex: ' + str(isRegexMatch) if not isRegexMatch: isFound = True feed = 'PythonAllow' #isRegexMatch group = 'DNSBL_Regex'

@unknownName said in pfBlockerNG not working: Yes, this is the pfBlockerNG version I've installed. And now is not allowing either to install/uninstall packages, save new config changes, etc., but the firewall is up and running, so it has internet connectivity. This is due to some PHP functions missing/not found based on error logs ... The latest pfSEnse packages are build against the latest pfSense version. This means : with the news libraries, new or other functions etc. This is why : (to make a long story short ) you should not install/upgrade packages before you've updates pfSense itself. Doing so might break things; You've seen the results. The long story : Before, this was recalled whenever a pfSense upgrade was announced : see here for pfSense 2.7.2. On that page you'll find : Netgate has a detailed Upgrade Guide available in the pfSense documentation to help explain the process. Below are the high-level steps to perform the upgrade. Clicking on Upgrade guide brings you to the upgrade guide. Now click on "Packages" : [image: 1708075432171-95eddd8d-53dd-43e5-992d-a8a51325a7e7-image.png] The Packages page starts with : Do not upgrade packages before upgrading pfSense software. Either remove all packages or leave the packages alone before running the update. Great, right ? IMHO : The fastest way out : Get a copy of 2.7.2. Save your config. Install 2.7.2 over 2.7.0 (this will wipe the disk etc but who cares ^^) Import your config. Done. Plan B : If de installing pfBlockerng is possible, do so. Now, use the GUI to upgrade. Re install pfBlockerng.

@xantonin The file is created, and lines are added by 'pfBlockerng'. So the manual (== the source code ) should give you hints about how the line is created and with what info. I've found /var/unbound/pfb_unbound.py line 802 :``` csv_line = ','.join('{}'.format(v) for v in ('DNSBL-python', timestamp, q_name, q_ip, isDNSBL['p_type'], isDNSBL['b_type'], isDNSBL['group'], isDNSBL['b_eval'], isDNSBL['feed'], dupEntry)) Be careful. It's Python.