@fireodo Great, thanks for following up and share.

@enesas DNS doesn’t know why something asked for an answer just that it did.

It sounds like one of the many “AdBlock” browser plugins is more what you’re looking for. Because it knows the page you’re on it can manage page or site specific settings.

@peterlecki said in pfBlocker causing unexpected "Default deny rule":

I cannot because v3 doesn't allow fine tuning filters to individual countries, only continents.

What? Sure it does - using them currently on 3.1.0_4

geoip.jpg

@johnpoz
Thank you so much i think that did the trick

@johnpoz Thank you, I will give it a try. Still new to this and appreciate the help.

@jperezme

Hello.
Try this method.

Go to FIREWALL - PFBLOCKERNG Tab DNSBL Tab DNSBL GROUPS Edit any list. At bottom, at DNSBL CUSTOM_LIST - clic "+" for adding sites for blocking (blacklist).

@michmoor
Update on this: Generating a new license key and applying it still did not update the database after i performed a Reload.
So far the fix was to remove pfblocker including not choosing to keep settings and doing a fresh install. MaxMind license updated. Not sure what happened but thankfully the resolution is quick and painless.

@ntorp41 Did you use the wizard when you reinstall? How is your drive space? Please check the logs, both the pfBlockerNG and the error logs as here:

Screen Shot 2022-05-29 at 6.06.02 PM.png

@shoulders Cool, thanks.

@shoulders

I found and read the parser code. He is a quick over view.

IP Block Lists
There is are no defined supported formats. All files are treated as text files and then an IPv4 and IPv6 regex is applied and all of the IPs are extracted allowing all formats and more (json, csv, xml, text)

DNSBL

CSV can only be used if they match one of the internally coded formats which are feed specific. each line is processed as a single record if a valid (non 0.0.0.0 / 127.0.0.1) address is found on the same as a domain, then the domain is ignored. domains are extracted (via various clean ups) from the record and then processed as you expect.

Hope this helps

@johnpoz
Thank You!

I just updating ports and FQDN that Apple devices using...

TCP and UDP ports used by Apple software products

Use Apple products on enterprise networks

Good luck, I hope it works out for you this round. You may want to check under services – DNS resolver – General settings. That python mode is enabled. I don’t know I can’t remember if PFblocker-NG turns it on automatically when you install it or if you have to do it manually. Or even if it is necessary

It is solved now, I have removed error.log and pfblockerng.log . Remove check from keep setting in general tab then saved and re-check on keep setting and then save. Force update and every thing worked like a charm .

Hope this will be help some one else as well.

@dimnovotny A cron job of every minute or even every 15mins is grossly unnecessary and is bound to consume cpu cycle...my corporation runs its feed once per day.

@obxjeepguy Okay, cool.

@mcury Thanks for chiming in. That settles that. :-)

@nollipfsense A force reload may have fixed this, going to see if it progressively gets worse or not.

Why would that effect it so heavily though?