This is reported here: https://redmine.pfsense.org/issues/12827
Forum discussion: https://forum.netgate.com/topic/169955/latency-spikes-during-filter-reload-ce-2-6-0

I ran into this issue as well after upgrading to 2.6.0/22.01 and confirm that logging is working properly again after applying the patch. Below is a link to an updated post from @BBcan177 on Reddit:

https://www.reddit.com/r/pfBlockerNG/comments/t1awl6/updated_patch_for_pfsense_2621x_ip_logging_issues/

Link to the original post on this issue for reference:
https://forum.netgate.com/topic/169610/ip-logs-are-not-being-created-populated/

@gmenelau In addition to what @Gertjan mentioned above you can also click on the red lock icon to temporarily unblock the IP or domain. Sometimes it's not completely obvious what is actually keeping a webpage from working correctly and this allows you to try to figure out what you want to add more permanently to your whitelist.

@pierrelyon

I'm using this list instead:

https://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

Info: https://dsi.ut-capitole.fr/blacklists/ (Google Translate)

To be honest, I think there is no other free list alive I'm aware of.

@bambos Hi, I would suggest you start with the set up wizard for pfBlocker-NG-devel.
The learning curve for pf bocker can be steep, so go slow and read everything......twice.
In addition, go to the help on your pfSense dashboard, then click pf Sense book and navagate to pf blocker package and read up. just type pf blocker in the search of the book.This will give you a good start and basic understanding.Screenshot from 2022-02-22 08-46-26.pngScreenshot from 2022-02-22 09-10-59.png

Solved - see https://forum.netgate.com/topic/170142/updated-to-22-01-sg1100-high-cpu-usage-sbin-pfctl-vvsr/16

@pftdm007

See here for a patch:

https://www.reddit.com/r/pfBlockerNG/comments/sk9txi/ip_block_logging_not_working_pfsense_260rc/hvv99s1/?utm_source=reddit&utm_medium=web2x&context=3

@periko found the solution, change the DNSBL web server interface from localhost to LAN, done, thanks!!!

@clokwork said in What to whitelist to allow YouTube history?:

just unsure

The solution that always works :
Remove all feeds (IP and DNSBL).

Iterate over :
=> Flush local DNS cache (Micrsoft OS : ipconfig /flusdns)
=> Test youtube history
=> Add one feed
=> pfBlockerNG-devel full reload
=> reloop

I left pfBlocker up and running and everything seems fine after the update. Thanks.

@wesleywillis There is a way to order rules in pfBlocker settings, but what I find easier and clearer is for any of those type of blocks where I need to allow some, create the pfB list as Alias Native. That just creates the alias without any rules. You can then use the alias in whatever rules, NAT forward, etc.

allow from Good_IP
block from Bad_IPs

False alarm.
Problem fixed by forcing a pfBlocker update.

@thelastunicorn

LogFile?

Without be a problem

BrNP

@diamondcreeper75
De activated that redirection of an DNSBL. It won't work.
Select :

85db2075-333e-43b4-9f35-91e93c3ad3c2-image.png

If the webserver, the one used by pfBlockerNG, had a certificate that says it marketplace.google;.com, then that page would have been trusted by your browser.
Or, you have not that certificate. Actually, from all the DNSBL you have listed in the DNSBL feeds, you have none.
Conclusion : Yes, it's true, even the sites that serve add pages and such, use all https these days.

This web server page stating that you visited a page blocked by DNSBL works well for plain http sites. These do not exist any more.

@diamondcreeper75

See the other thread : you are using the very old pfblockerNG non devel version.

I know the recent version works.

For more info : pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!