@Aseknet Thank you

I submitted a merge request to FreeBSD-ports https://github.com/pfsense/FreeBSD-ports/pull/1309 EDIT: I see the above will be obsolete if/when https://github.com/pfsense/FreeBSD-ports/pull/1303 is merged.

@SteveITS said in XMLRPC Sync with pfBlocker?: There was a bug in a recent version and I want to say it was fixed in the Plus package code but not CE? Turned out it is fixed in the non devil version of the same number... So I am on it now too. Thanks @SteveITS !

I configured the "Advanced Inbound Firewall Rule Settings" and now its working. Thanks.

Disabling logging on the FW rule continues not to update the pfBlocker stats/reports pages. I understood this to be independent so is there something else at play here and must i have the FW log rammed with pfB alerts being triggered on the WAN?

@table1 Can anyone confirm if this is a known issue? Does it have a fix or is it a configuration issue? Would a complete reload provide any solutions to the issue? I am new to pfsense, and learning as I go! Thanks in advance.

@danno91 [image: 1696309985470-83eaa859-3cfd-4628-a823-bc128ec6006c-image.png] For a list to show blocked packets, your devices have to visit host names present in the list. And your devices used on the pfSense LAN have to use pfSense as their your DNS.

@HomeLabGuy Have you tried re-installing phBlockerNG?

@Unoptanio said in Pfsense 2.7.0 pfblockerng ERROR: could not update pfB_PRI1_v4 content from ...: Could the alias have been included in version 2.6.0 by default? 2.6.0, or the current 2.7.0 : make use of the fact that it is open source so look for yourself in this folder, the GUI web root folder : https://github.com/pfsense/pfsense/tree/master/src/usr/local/www : there is no /pfblockerng/ folder - neither the PHP file in that folder : pfblockerng.php (ok, this is quiet obvious). Also, when pfblockerng is installed, there are no DNSBL feed or IP feeds activated, they have to be selected and downloaded first. When you install pfblockerng, it does nothing, it has to be set up first. Still, I'm curious. To be sure, I would have to get a copy from a non infected source : https://www.pfsense.org/download/ and see what I find in the aliases when done. That's .... hum..... to much work

@gwaitsi I have the same exact error. Did you find a solution? I have the "pfBlockerNG-devel" package installed. The DNSBL part is turned off. This is the error I get: [19-Sep-2023 12:18:28 Etc/UTC] PHP Fatal error: Uncaught ValueError: escapeshellarg(): Argument #1 ($arg) must not contain any null bytes in /usr/local/pkg/pfblockerng/pfblockerng.inc:3816 Stack trace: #0 /usr/local/pkg/pfblockerng/pfblockerng.inc(3816): escapeshellarg('^192\.168\.1\.1...') #1 /usr/local/pkg/pfblockerng/pfblockerng.inc(5647): find_reported_header('192.168.1.15\x00\x00\x00...', '/var/db/pfblock...', false) #2 /usr/local/pkg/pfblockerng/pfblockerng.inc(1031): pfb_daemon_filterlog() #3 {main} thrown in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3816

Subsequent to the first post the DNS Resolver cache ran ok until 16 Sep @0615hrs - ie for 54 hours since pfBlockerNG last reset the DNS cache to zero. At the time off this post the DNS has been running again for 8hrs 13 mins and completed the single Cron job at 1215hrs with no reset. Not ideal. ️

Monitor Guy, thank you, exactly right. I deleted the old dnsbl line from Service Watchdog dnsbl pfBlockerNG DNSBL Web Server and added pfb_dnsbl pfBlockerNG DNSBL service and problem solved! No more messages every minute.

@danilo-arrifano said in Block Youtube with and without domain: Good afternoon, Netgate masters. I hope everyone is okay! I don't have in-depth knowledge of Firewalls, but the company I work for has PFSense 2.7.0 I have to block the Youtube website on my network, but my network has hosts with Windows Pro and Windows Home. Knowing that devices with Windows Home do not adhere to firewall rules because they do not have support for domains, I send you my request for help. How to resolve this issue? Sorry for my English, but I don't speak the language. I would be very grateful for any ideas that can help me! Thank you very much in advance! Go to firewall menu and select pfBlockerNG > DNSBL, scroll down until you see TLD Blacklist/whitelist...click on the plus symbol...you should see below and add youtube.com. Save, update and reload. Remember to clear browser cache on all devices. [image: 1694552530458-screenshot-2023-09-12-at-3.53.38-pm-resized.png]

@j-koopmann Gotcha, hmmm that is odd. Mine has been creating them just fine, I'll check several other pfSense units I have running though and see if any others are having the same problem.

@Gertjan Without modifying the TTL like you did it makes python group whitelisting kinda pointless.....

@BlueCoffee said in Every morning I have a "crash report" why?: Should I post this error ina new thread do you think? We'll leave that to the forum admins ^^ here : log_error(sprintf('hw.physmem = "%s" - hw.realmem = "%s"', $physmem, $realmem)); Do you think you can manage to edit the file, make it look like this : [image: 1694437136275-94fe540a-dade-4d6a-ae39-38e1097877ae-image.png] Now go to the pfSense GUI dashboard. And then to the location where the answers are : the logs : [image: 1694437203198-a63f8325-f7e6-4617-8d64-9d2e7040762b-image.png] You saw I what I have. Both are probably strings that can easily be converted to integer numbers. Now : your turn. @BlueCoffee said in Every morning I have a "crash report" why?: I moved to this little box What little box ?

@sub2010 I´m happy i found the error . When i configure the DNSBL SafeSearch, YouTube Restrictions the Video doesnt show up. [image: 1694364852098-b8befdd6-b447-4a4d-b412-4ea17dae4e40-image.png] [image: 1694364872602-a87b582a-c73f-4051-bd61-08ce68d7d97f-image.png] And even i disable it, i cant bring back the video. Only one Reinstallation can help me. Do you have any Idea how i can use Restrictions with whitelistening?

@Gertjan You are certainly correct that the Adult (XXX) category that's available on UT1 is huge. But at least the option is available for those that have the proper firewall hardware for it. While the Shallalist does not seem to be available currently. Archives are an option, but they are mostly outdated since they're no longer updated regularly.

Oh, all my formats are on AUTO, so I'll have to find out which list has GeoIP format.... :-( So I have to go through all the non-custom lists? This could take while, and I don't know what to look for. Maybe there is a keyword like GEO-something? EDIT: there might be an easier way, I just sift through the update.log of pfblocker and discard lists that show something like "Classifying repeat offenders by GeoIP". EDIT2: Oh, the reputation functions dmax and pmax use GeoIP! I turned these on a week ago or so.... Embarrassing, I should have made the connection! Thanks @Bob-Dig , I am confident that turning reputation off is the solution. Will report back if I am wrong..