• Memory error at each IP reload

    3
    0 Votes
    3 Posts
    446 Views
    W

    @SteveITS Thanks!
    I have raised the value to 2M and it looks like it solve the issue.
    Thank you!!

  • IL_rep [ Israel ]?

    3
    0 Votes
    3 Posts
    503 Views
    W

    @johnpoz Thanks you very much!

    It will be nice if this info will be written in the text next to the relevant fields and in a public post, to expose this data to users.

  • nevermind

    1
    0 Votes
    1 Posts
    152 Views
    No one has replied
  • TLD Domain count exceeded

    15
    0 Votes
    15 Posts
    2k Views
    UnoptanioU

    @SteveITS

    Resolved

    Extract from /usr/local/pkg/pfblockerng/pfblockerng.inc

    // Determine max Domain count available for DNSBL TLD analysis (Avoid Unbound memory exhaustion) $pfs_memory = (round(get_single_sysctl('hw.physmem') / (1024*1024)) ?: 1000); if (!$pfb['dnsbl_py_blacklist']) { $pfb['pfs_mem'] = array( '0' => '100000', '1500' => '150000', '2000' => '200000', '2500' => '250000', '3000' => '400000', '4000' => '600000', '5000' => '1000000', '6000' => '1500000', '7000' => '2000000', '8000' => '2500000', '12000' => '3000000', '16000' => '4000000', '32000' => '8000000'); } else { $pfb['pfs_mem'] = array( '0' => '200000', '1500' => '300000', '2000' => '400000', '2500' => '500000', '3000' => '800000', '4000' => '1200000', '5000' => '2000000', '6000' => '3000000', '7000' => '4000000', '8000' => '5000000', '12000' => '6000000', '16000' => '8000000', '32000' => '16000000'); } foreach ($pfb['pfs_mem'] as $pfb_mem => $domain_max) { if ($pfs_memory >= $pfb_mem) { $pfb['domain_max_cnt'] = $domain_max; } }

    change "'7000' => '2000000'" and "'7000' => '4000000'" to "'7000' => '6000000'" in both sets.

    change "'8000' => '2500000'" and "'8000' => '5000000'" to "'8000' => '6000000'" in both sets.

    Update Reload | DNSBL after making these changes.

    2e83ff06-6f9d-4627-a64d-71193a0c3608-image.png

    2fb0b039-02d3-4859-9bb2-042eb7bde376-image.png

  • pfBlockerNG on CE 2.7 throwing error

    2
    0 Votes
    2 Posts
    393 Views
    J

    @bobhamish182

    What version of pfBlockerNG ?

    is there anything in
    Screen Shot 2023-11-10 at 7.13.02 AM.png
    or
    Screen Shot 2023-11-10 at 7.13.23 AM.png

    That might provide more information specific to what it was doing?

  • 2 Votes
    2 Posts
    496 Views
    D

    @gwaitsi I have been getting this error since pfSsense+ 23.01. No resolution yet.

  • Is shalla list off?

    9
    0 Votes
    9 Posts
    613 Views
    JonathanLeeJ

    http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

    Also a URL for a firewall with less memory. I use this one for my SG-2100.

  • TLD Domain count exceeded, prn getting through filter

    7
    0 Votes
    7 Posts
    737 Views
    S

    @Unoptanio
    Just looking at your screenshots I don't think upping your firewall Maximum Table Entries would help. But you need more physical memory -- 8 Gig is not near enough to turn on all the "toys". I recommend at least 32 Gig these days.

  • Cron Job Once/Day

    35
    0 Votes
    35 Posts
    5k Views
    NollipfSenseN

    @jrey said in Cron Job Once/Day:

    Installing the 23.09RC likely also contributed to that clean up..

    Agree...

  • Shallalist has closed it's doors

    1
    0 Votes
    1 Posts
    244 Views
    No one has replied
  • 0 Votes
    1 Posts
    189 Views
    No one has replied
  • Block social but allow facebook

    2
    0 Votes
    2 Posts
    385 Views
    NollipfSenseN

    @reynold said in Block social but allow facebook:

    Hi, I need to block majority of social network with pfblocker but I need to allow some of them such as facebook.
    Is there a way to do that?
    thank you

    Go to Firewall > pfBlockerNG > DNSBL and scroll down until you see DNSBL Whitelist and click the plus sign to get drop down box like below and add facebook.com then save:
    Screenshot 2023-11-02 at 9.39.02 PM.png
    Then, go to DNSBL > DNSBL Group, click add...scroll down to custom like below then click the plus and add the ones you want to block, then save:
    Screenshot 2023-11-02 at 9.37.53 PM.png

    You will need to force update and reload. Please read these:
    https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
    https://docs.netgate.com/pfsense/en/latest/recipes/block-websites.html?highlight=pfblockerng

  • pfblockerng v3.2.0_4

    1
    0 Votes
    1 Posts
    232 Views
    No one has replied
  • Block Audio/Video but allow Youtube only.

    4
    0 Votes
    4 Posts
    554 Views
    NollipfSenseN

    @marcoaapereira said in Block Audio/Video but allow Youtube only.:

    @NollipfSense Hi, thanks for the answer! :-)
    I used:
    Firewall -> pfblockerng -> DNSBL -> DNSBL Category
    Then I selected UT1 (Un. Toulouse) and after clicked in Audio/Video option.
    The problem is that I need to block Netflix, Amazon, etc, but not Youtube, because Professors use it.
    Thank you!

    Okay, I had only used the shellalist...
    If I were you, I would disable the audio/video then add YouTube only to the DNSBL whitelist...just click on the plus sign and add youtube.com in the drop down box, then force update and reload.

    Screenshot 2023-10-30 at 10.46.48 AM.png

  • How to unblock duckduckgo and find why it's being blocked.

    21
    0 Votes
    21 Posts
    20k Views
    GertjanG

    @Ir0nsh007er

    If your still using a very old version of pfBlocker from before October 2022, then no.
    Because you didn't update/upgrade.

    If you did upgrade : then yes, fixed :

    @mrtumnus said in How to unblock duckduckgo and find why it's being blocked.:

    I can confirm that duckduckgo does load properly now.

  • pfblocker failed to pars

    2
    0 Votes
    2 Posts
    263 Views
    J

    @tbr281

    Are you running into this ?

    https://forum.netgate.com/topic/182156/pfblockerng-asn-downloads-only-contain-a-header/46?_=1698167808688

  • pfBlockerNG-Devel bypassing local IP NAT

    9
    0 Votes
    9 Posts
    1k Views
    J

    @SteveITS

    @coffeecup25 was actually applying the concept here for a DNS sinkhole

    https://forum.netgate.com/topic/182752/can-pfblocker-sinkhole-an-address-domain-overrides/16

    in addition to the mail sample provided, I do similar for other specific traffic as well (like DNS)

  • Can pfBlocker Sinkhole an Address? Domain Overrides?

    17
    0 Votes
    17 Posts
    2k Views
    C

    @Bob-Dig

    Follows is my final solution. It appears to work well.

    The problem to solve: pfBlockerNG blocked many addresses repetitively. It appears that 80% of the blocks came from 20% of the dns addresses. I considered that as pollution. Streaming TV is the worst offender.

    The objective: Continue blocking these addresses, but take them out of pfBlockerNG so lists show everyone except the usual suspects.

    The solution:

    Identify the polluting dns addresses and put them in an alias Create a LAN rule that blocks the addresses in the alias from ever leaving the network Whitelist the offenders in ofBlockerNG so the LAN rule gets them instead.

    Blocking still works very well and pfBlockerNG is bypassed entirely for those addresses.

    You must reload DNSBL after these changes for pfBlockerNG to know about them.

  • Bing Chat?

    4
    0 Votes
    4 Posts
    780 Views
    provelsP

    Getting back to this, looks like I found a solution. In my dumb little Pi-hole VM I created a cname entry pointing www.bing.com to nochat.bing.com.
    Looked at having resolver do it, but I don't see a way to add a cname, just overrides and aliases..

  • Unable to install pfBlockerNG because of old/stuck install of DNSBL

    1
    0 Votes
    1 Posts
    220 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.