• pfBlockerNG-devel Not Blocking Malvertizing on LAN

    54
    0 Votes
    54 Posts
    4k Views
    N

    @gertjan & @SteveITS Thank you both for your assistance. It doesn't go unnoticed.

  • Only a couple of hours of DNS reply stats

    5
    0 Votes
    5 Posts
    453 Views
    J

    @gertjan okey, that log was just over 20k lines after I increased it to 100k according to keysers suggestion. So it sounds like this is going to help.

    The log I increased to 100k was the dns_reply.log it seems that it is containing only the dns replys, whereas the unified.log contains a lot of other information as well.

    Interesting comment on that they will degrade the SSDs. Might be a good idea for me to go for enterprise grade SSD:s when they start to degrade too much then. They should have significantly better lifespan for the amount of writes they can take.

  • DNSBL Source list ?

    2
    0 Votes
    2 Posts
    1k Views
    GertjanG

    @cburbs said in DNSBL Source list ?:

    How do I know if this list is getting updated/etc?

    Here is the answer :

    Easylist - https://easylist-downloads.adblockplus.org/easylist_noelemhide.txt

    Whats not clear for you :

    [Adblock Plus 2.0] ! Checksum: L6s8GbrfOL9KuXYzlRkeXw ! Version: 202212021441 ! Title: EasyList without element hiding rules ! Last modified: 02 Dec 2022 14:41 UTC ! Expires: 4 days (update frequency) ! Homepage: https://easylist.to/ ! Licence: https://easylist.to/pages/licence.html ! ! Please report any unblocked adverts or problems ! in the forums (https://forums.lanik.us/) ! or via e-mail (easylist@protonmail.com). ! !-----------------------General advert blocking filters-----------------------

    @cburbs said in DNSBL Source list ?:

    I noticed if I try and open it it's getting blocked from GeoIP

    You geoip blocked a German IP network. Well, ok, why not.
    That's a typical shoot in your own foot situation. My advise : don't (use geoip).
    But don't feel bad about it. It has been seen before : people used that new great perfect DNSBL list and it contained the DNSBL (host names) of all the other DNSBL feeds ... guess what happened ? ;)

    And what's next : you block (yourself !) the access to the Netgate upgrade servers ?
    Microsoft upgrade servers ?

    IMHO geoip isn't really useful these days. Most IPs are ok, but there to many false positives.
    It's something from the past, when everybody knew who was who etc.
    And the upcoming IPv6 will blast geoip to oblivion.

    @cburbs said in DNSBL Source list ?:

    does this mean it won't download correctly either?

    Ask your pfSense :

    On the console :

    curl https://easylist-downloads.adblockplus.org/easylist_noelemhide.txt

    For me, in comes in just fine.

    Or do a pfblockerng-devel force update and look at the resulting log on the screen.

  • pfBlockerNG 3 not blocking anything

    Moved
    10
    0 Votes
    10 Posts
    2k Views
    S

    @gertjan Rereading, I confused this thread with the other thread we're both in for the same topic. Sorry. :)

  • Some pfBlockerNG-devel Feeds require accounts

    3
    0 Votes
    3 Posts
    473 Views
    EveningStarNME

    @rcoleman-netgate Thank you. It was a typo. We're using pfSense 2.6.

  • pfBlockerNG Reports reporting with incorrect dates

    2
    0 Votes
    2 Posts
    391 Views
    B

    UPDATE:

    The displaying date issue seems to at least somewhat resolved itself. However, today it began using these placeholders instead of showing the hours. See screenshot.
    FW-pfBlockerNG-Report.PNG

    Has anyone had a similar issue or know what might be the cause of this?

  • Daily error from pfBlockerNG-devel

    1
    0 Votes
    1 Posts
    235 Views
    No one has replied
  • Lose Internet access when trying to disable DNSBL in PFBlockerNG-devel?

    1
    0 Votes
    1 Posts
    200 Views
    No one has replied
  • How I add custom Pi-Hole hosts files or others to pfBlocker

    4
    0 Votes
    4 Posts
    2k Views
    F

    @pfsjap

    No I haven't and I don't recall seeing that. I must be blind in one eye and can't see out of the other. Will look for it and try it.

    Thank you for the tip.

    Take Care and Enjoy!

    Edit: I found it, I set it, now to play around and see what it does.

  • pfBlockerNG v3 changelog, where?

    4
    0 Votes
    4 Posts
    686 Views
    GertjanG

    Or click here :

    02cf2e15-1341-4e8f-bd79-dd3b33b75727-image.png

  • Unable to block website.

    2
    0 Votes
    2 Posts
    346 Views
    GertjanG

    @dharmender-bankal said in Unable to block website.:

    Created alias for yatra and facebook along with IP address for both sites.

    Read Aliases, especially the Warning and the Note.
    Facebook uses thousand of IPs. Not 'one'.

    You have to look up what an "ASN" is, and how to use use it with pfBlockerng-devel.

  • pfBlockerNG-devel version 3 not sync in HA

    1
    0 Votes
    1 Posts
    223 Views
    No one has replied
  • IP Tab in pfBlockerNG is missing

    3
    1 Votes
    3 Posts
    360 Views
    J

    @kenj05
    Version 2.1.4_28 of pfBlockerNG is an old version that is no longer supported nor recommended by the package maintainer.

    You need to upgrade to the latest version of pfBlockerNG-devel 3.1.0_6 or _x, depending on which version of pfSense you are using.

    If you are still having issues after you upgrade, come back to forum and someone will be glad to help you.

  • Will Pfblockerng-devel work with WireGuard configured?

    5
    0 Votes
    5 Posts
    756 Views
    R

    @bob-dig unfortunately that’s still not what I mean. I’m referring to dnsbl feeds in bfblocker blocking domains.

  • pfblockerNG- tuning needed or do i have an error in config?

    5
    0 Votes
    5 Posts
    761 Views
    chris1284C

    @steveits said in pfblockerNG- tuning needed or do i have an error in config?:

    There is also DNS over HTTPS or DNS over TLS which bypasses local DNS servers altogether. :)

    I think this could be blocked true the ip feeds for DoH ("ipv4 DoH_IP the Great Wall" for example) and block port 853 for DNS over TLS (DoT) as long as i don't use it.

  • pfBlocker e BIND

    1
    0 Votes
    1 Posts
    199 Views
    No one has replied
  • Pfsense automatically unblocking blocked websites

    2
    0 Votes
    2 Posts
    317 Views
    GertjanG

    @victor-1

    I'm using pfBlockernd-devel - latest version.
    facebook isn't blocked for me.
    If it is for you :
    a) stop using the feed that blocks it ?!
    b) whist-list it ?!

    yatra.com is, according their web page, not accessible for European visitors (wonder what they have done to earn that position).

  • Adobe Analytics being blocked

    1
    0 Votes
    1 Posts
    289 Views
    No one has replied
  • ASN lookup failing with empty files [solved]

    12
    0 Votes
    12 Posts
    2k Views
    fireodoF

    @lohphat said in ASN lookup failing with empty files [solved]:

    I still think that the failure mode could be better handled and alerted -- the logs indicated empty files, but was it due to d/l failure or the server returned an empty file? Something should throw an alert if possible.

    Ofcourse that could be a good Idea!

  • 0 Votes
    1 Posts
    291 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.