@viragomann said in Email reports?:

@pyrodex said in Email reports?:

I've looked at the the wonderful pfB reports for dnsbl but not sure how we can obtain the same data to be emailed out on a daily basis.

pfBlocker might write this into log files. You can use the mailreport package to send the log to you.
mailreport also lets you apply a filter to the file, so you can limit the lines to the actual date or to specific errors or whatever you want.

I tried this with the dnsbl.log and switched off VIP mode to NULL (0.0.0.0) which logs it into the file. However, I am seeing LARGE discrepancies between what the report shows for a 24 hour period vs what the log shows when I parse it. I even wrote a simple script to give me some data from the log and in fact do use the email reporting tool for that output but once again huge differences.

Just deleted the py.error.log and it went away.

On 2.5.2 still and havent upgraded yet. PFB 3.1.0_1

Redmine ticket logged through support channel: https://redmine.pfsense.org/issues/13209?next_issue_id=13207&prev_issue_id=13210

@nasheayahu If it helps (you or others) I have a note from several years ago to, when installing pfBlocker, double the default Firewall Maximum Table Entries (with a minimum of 2 million).

Note however there is (or was, don't have 22.05 yet) a bug where the sentence "On this system the default size is" shows the current setting, whatever it's set to.

@steveits said in Using Large List on netgate 1100:

The CPU on the 1100 is not exactly fast

The CPU is half the battle here. That large list will quickly chew up the remains of the 1GB RAM.

@mcury Confirmed, it was the spacing issue. Fix has resolved my issue.
Truly appreciate you guys. @mcury @SteveITS Thanks for your help !

@tharinduudaya

The python module doesn't work with IPs.
It's under the DNSBL tab, not the IP tab :

f124b7b9-7320-4fef-b47f-70285b86a091-image.png

The python module gets called by the Resolver unbound, you can see it as a plugin for the resolver.
The resolver resolves host names to IP addresses (amongst others).

You can white list host names of coutse.

@the-other said in GeoIP Process in log blank:

HYPE (software sux cause no dark-mode available discussions) around it.

Yeah some people can go nuts over some silly shit for sure ;)

I like dark on a few sites, other sites not - I use dark here, but the pfsense gui I just have it on the standard theme, I don't personally like the dark on pfsense.

Really only reason I switch to dark on forum was it was easier to spot spammers trying to hide links ;)

@the-other Thank you. Added service status to my dashboard.

@steveits Thanks for the input...

I've got the latest version, and while playing with a test scenario I used some stuff from the addin that was supposedly updated.... crashed the whole mess...

I built my own pfSense box... using an DL360pGen8 server:
System pfSense
Serial: USE42208M5
Netgate Device ID: a5c89be807563baa5ef5
BIOS Vendor: HP
Version: P71
Release Date: Mon Feb 10 2014
Version 2.6.0-RELEASE (amd64)
built on Mon Jan 31 19:57:53 UTC 2022
FreeBSD 12.3-STABLE

The system is on the latest version.
Version information updated at Wed Jun 22 18:25:56 EDT 2022
CPU Type Intel(R) Xeon(R) CPU E5-2630L 0 @ 2.00GHz
12 CPUs: 1 package(s) x 6 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (inactive)
QAT Crypto: No
Hardware crypto
Kernel PTI Enabled
MDS Mitigation Inactive
Uptime 44 Days 05 Hours 19 Minutes 53 Seconds

Many have said it is overkill and a power waster, but I'd rather have the speed and power when necessary. Complete updates take only seconds...

I really need to figure out a way to end the SPAM. alas pfSense isn't it. But glad for all that it does.

@nasheayahu No one can really tell you what to do in your environment. Review each list and decide if it's something you want/need to block. Hover over the (i) icon next to each feed for a summary.

@chandlerl said in Unchecking Enable DNSBL Blocks DNS resolution?:

why unchecking Enable DNSBL would stop DNS resolution from functioning even when it was turned back on

PfblockerNG DNSBL is tied to unbound (the resolver). There are also 2 ways: unbound mode and python mode. It will be interesting to see if, when you disable DNSBL, unbound stops running (see Log). If thats the case it could be a bug ...

@steveits
No, I have custom list, but I did not block that domain or IP. Anyway, I have never been modified pfBlockerNG settings other way then GUI.