So you're using the CARP IP address for the pfBlockerNG redirects? May I ask why that's necessary?

I resolved this by accepting the T+Cs via https://www.maxmind.com/en/accounts/1205389/geolite2/eula

@Gertjan Hello, Thank you. I had exactly the same issue, and your solution helped me fix it. Ask ChatGPT

@SteveITS ...got it, I should have looked in the docs... I do too use Quad9 and have DNSSEC disabled, so I guess my question is pointless.. Thank you for all the help.

@qinn Sent him an email Dan an email to the address on his site.. Not sure what is happening, my Teams stopped working. Disable it/turn it off and the problem went away.

@AlexK-0 said in Can't receive GeoIP databases updates anymore, banned: Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates. You've found a reason to use a VPN.

Thanks everyone. That did it. No more errors!!

@Qinn said in Feed issue on SWC: Got a reply from Dan and here it is solved. Thanks for feedback!

You can download it here now: https://raw.githubusercontent.com/ianb/alexa-sites/refs/heads/master/top-1m.csv

@The-Party-of-Hell-No excellent. I’m glad some experimentation proved successful.

@mikekoke You should just set Null Block in the DNSBL Groups Summary section. As @gertjan clearly explained, HTTPS traffic cannot be intercepted and redirected like HTTP. This means showing a block page when accessing a blocked HTTPS domain (like stats.g.doubleclick.net) won’t work — your browser will flag a certificate error, because pfBlockerNG cannot present a valid certificate for those domains. ️ The recommended solution is to switch to Null blocking (logging), which silently blocks access without trying to show a redirect page. This way, users won’t see certificate errors, and the block is still effective. Let me know if you need help finding where to set this.

@Gertjan Thanks for the thoughts!! I find that most Windows PCs generate more traffic in general. There is lots of app and utilities that cause the traffic.

@Uglybrian said in LibreWolf: Block Applications from Connecting to a IP (*.googleusercontent.com): I myself just used a blocking method. Yes, I've done this before myself in another system but keep putting it off for my current, I used pfSense pfBlockerNG configuration guide. So I decided today to get this back working. Its much easeir using granular control then generic. My system diagram is like: [image: 1749937554772-bond0-diagram.jpg] I will be using the above quide for the Lab-pfSense. I was trying to get blocking working just using pfBlocker alone, but unsuccessful. This guide and pfSense baseline guide with VPN, Guest and VLAN support for the Bare-bone pfSense. What do you think, any inputs and additions?

Yeah, I would use auto generated aliases in user created rules personally. That gives you complete control with all the benefits of auto updating.

@Gertjan I specifically chose my list of public DNS servers becasue they do support DNSSEC, I've seen what DNS poisining can do. I don't need to see a movie I've lived it. Did I mention damned near 30 years in the business? BTW, doing just a root hint forward doesn't do DNSSEC as root hint servers are not DNSSEC complaint yet that. BTW, in the beginning of the post packet forwarding was being stopped, not just DNS being blocked when pfBlocker was enabled. Through a lot of reboots I was able to get the packet forwarding going again with pfBlocker going, but then found the DNS block. I did use ICMP from the firewall itself to validate the lack of packet forwarding. I wish the logs would indicate which rule has the "offending" match that caused the block, but it sounds like the process roles all the lists up into a single firewall rule. I really don't want to tear down all of pfBlocker and start over, but it sounds like I will have to do that. Need to see if I can pull all the data out of a backup so that I have all my lists then can just recreate them as needed. I'm going to look more into what @BBcan177 mentioned, although I think I am already there since I have disabled all my lists, just not 100% sure.

@jlw52761 Yes, I followed the suggestions in the answers and started disabling the feeds one by one and found the culprit. I checked the logs and found which feeds were mentioning the DNS address ( there were about 8) then just disabled them one at a time and found the one blocking DNS traffic.

@thuizt You can create them as Alias Native format (eg mot Deny) and it only creates aliases not rules.