@serbus said in GeoIP Showing Unk: Thanks for the report. The problem is that $file_dwn_esc should be $file_download. Will get this fixed in the next version. exec("/usr/bin/tar -xzf {$file_dwn_esc} --strip=1 -C {$pfb['geoipshare']} >/dev/null 2>&1");

Or don't make them auto. Just create them once and then I can drag them around like I want. Probably the same work on your end though.

@noplan Many thanks. Removing those files (dated 1969) and restarting the Unbound service worked for me

You can temporarily disable DNSBL blocking by: Going to Firewall-->pfBlockerNG-->DNSBL and unticking "Enable DNSBL" Going to Firewall--> pfBlockerNG-->Update and running (forcing) an update. Going to Status-->DNS Resolver and clicking the "restart service" icon. Now try to reach your previously blocked web site again. If you can now reach it, then DNSBL is the culprit. To turn DNSBL back on, tick "Enable DNSBL", and do steps 2 and 3 again.

@steveits said in Pfblocker not blocking outbound connections: @tbr281 Is the DNS server on your devices set to use pfSense? If they are, empty the DNS cache...on Windows, "ipconfig /flushdns". Note many browsers use DNS over HTTPS (DoH) to bypass local DNS, so that may also need to be blocked or disabled. pfBlockerNG-devel has a setting for that on the DNSBL SafeSearch page, though I had some trouble getting that to work and ended up using the DoH_IP feed. That worked thank you!!

@bbcan177 said in pfBlockerNG-devel v3.1.0_7 / v3.1.0_14: I was waiting for someone to post what error they were seeing and I didn't get any helpful details. So I think that bit of info that you now provided helps diagnose the issue. I will post a fix for testing once I have it ready. I'm a bit confused as to the current status of things... The current version I see available is 3.1.0_9. Does it have a known bug related to DNS getting sometimes broken? Thanks.

@wifi75 Did you wait for it to reinstall all packages after you reinstalled pfSense? There's a banner that pops up telling you not to do anything until it's done. But no worries, just reinstall the package from package manager, you won't lose it's config.

@frankm said in Youtube blocking: As for the youtube block, sorry I can't help you there. I found out something lately. As we are all using "pfBlockerNG", I had to "play" with this 'audio video' option : [image: 1672127552588-e7f917aa-ceab-4652-9932-77038a509d28-image.png] See here to make that option work again : https://forum.netgate.com/topic/176492/pfblockerng-devel-v3-1-0_9-v3-1-0_15/14?_=1672127400173 it resolved the issue for me, and left the option activated (selected). Later on, somewhat during Christmas or so, I discovered that the Youtube app was working just fine on my Phone, but the app wouldn't play any videos ... A non-wanted WTF moment kicked in. Then I remembered I was asking pfblockerng to filter 'audio video' sites. I de selected that option + force reload , and done, Youtube worked again.

@jdeloach Thanks a lot for the clarification regarding the removal of feed sources. I presume that specific source is offline for good as it is not shown anymore in the feed overview, i.e. not part of it anymore. But I guess new sources would be added automatically by pfblocker when they are added to an already subscribed feed?

@nollipfsense said in Yandex mail ad blocking problem!: sunucuyu bulmasını ve özel listenize eklemesini sağlayabilirsiniz Yes, I'm talking about the web browser. How can I find these ad servers?[image: 1671992899425-1.png]

@nogbadthebad You're probably right. I pulled my config and only see the one instance of that URL, but maybe it's included in one of the other consolidated lists, like @BBcan177 's own. Thanks for the reply. :)

@nollipfsense So I got this somewhat working actually. There is a nginix proxy that I have pfblocker sending the failed domains to. The proxy then has a default site configured where any domains get redirected to a custom web page with a valid cert. This is possible but would require a reverse proxy built in to pfblocker much like the light weight httpd server.

@killmasta93 Maybe intuitively pfSense is telling you it's time to upgrade...

@creationguy Glad you got it sorted. Duckduckgo is my default search engine but only on the browser.

@steveits That'll be it. I was not using the devel version.

@diamondcreeper75 Your "ports" alias doesn't have any ports in it, per the screen cap...?

@Tzvia It started failing again this morning at 5AM. Followed the link 30 minutes ago at noon and got a 500 server error https://talosintelligence.com/documents/ip-blacklist Just tried the link again and successfully see the list, so something going on with talos/AWS. Thanks for your help.