@dma_pf thanks,
thats what I thought it will do, and how i used it , for some reason it disappear ,
and only reappear after an upgrade

@patch said in pfblocker Documentation:

Is the only documentation for pfblocker

Have a look at this guide:
https://nguvu.org/pfsense/pfSense-pfblockerng-configuration-guide/

Edit: Here is another guide for setting up pfSense, VPNs and some information concerning pfBlockerNG that looks to be a good reference.

https://nguvu.org/pfsense/pfsense-baseline-setup/

@dma_pf Yes, just realized this (commented at the same time as you). Real sad, hopefully they can start up again somewhere at some point.

Appreciate the info here.

Still having some issues with UT1 but since it's working on one firewall and not the other I'm guessing it's a config thing of some sort.

@fsantoro Interesting, 400000 on that line is a bit less than the 4000000 in the post title...

FYI I seem to recall PHP has a limit of 512 MB on pfSense.

So I have an update.

I was configuring wireguard between my sites and after the static routes it allowed sync to the other routers.

So I guess I just missed it before.

@bbcan177 said in PHP memory problems with current version:

Is related to DHCP Leases. So probably delete that file, or clear it out? In future, this section of code can iterate each line instead of loading the whole file into memory,

Thanks for the pointer, will look into that!

So probably delete that file, or clear it out?

Don't know if that will help so much, as the customers running that are medium sized corps with A LOT of clients so even when I delete that now, they will get bigger and accumulate over time again. But I'll check if that will us buy some time for when you probably have an update ready that will parse that file a bit smoother ;)

Is the DHCP lease file related to you parsing of the filter log to display what IP/host triggered a warning/block/rule/DNS call etc?

Cheers mate,
\jens

@gertjan said in Updating to pfBlockerNG-devel 3.1.0_1 from 3.1.0 blocks DNS requests:

I've already seen posts about feeds that have their own IP in the list

Yep, I had this happen all off a sudden I got notifications that lists couldn't be updated, it's because the lists were blocked by other lists lol.

And now pfBlockerNG doesn't even log IP addresses that it blocks for me. I think the developer has pretty much given up on the project.

@viktor_g :

Ok, nice.
A bit of a hammer approach, though.

I still wonder why unbound refuses a simple TERM signal, send initially, just a couple of lines above.

@szympro My use of pfBlocker has been for it to download feeds, and I use Alias Native for it to load the feed into a firewall table/alias for use in rules. Typically, for geo IP lists.

I see the "Whois" option does say "Convert a Domain name into its respective IP addresses" but I don't know how "whois" would do that...whois normally looks up the registrant or perhaps DNS servers for a domain. Perhaps @BBcan177 can explain further.

I guess if you can duplicate it you can report it as a bug. It just seems an odd feature to have if it already exists in pfSense, and oddly named...sounds more like "DNS lookup" than "whois."

@mohdikramsaif

45538466-c3ab-4f90-b758-a2f14f6e70ad-image.png

What is your pfBlockerng version ??

This is the latest version :

5b0c6455-e2b8-4604-a52f-4098f262ace5-image.png

Your questions :

The DNSBL feeds activated will "block" the access to the listed sites. (not only websites). Add "web.whatsapp.com" and all other whatsapp.com related domains to a list and you're ok. There was a whatsapp forum post no so long in the past. Keep in mind that whatsapp == facebook so you might have to block entire "AS". pfBlockerng had possibilities to include exclude certain LAN devces. See the very old forum posts about how to do so.
The newer (from yesterday) pfBlockerng-devel uses a simpler approach :

a85a8af5-b7ac-46c1-95d6-5aa9eefe388a-image.png

@mohdikramsaif said in pfblockerng:

Kindly share your suggestion

Have a look (abuse the search button) most of not all questions are already answered on the pfblockerng support forum.

@dma_pf

thanks for the suggestion. With openDNS I cannot make filters for specific internal network segments. The OpenDNS category restrictions will block some categories the grown ups need to access.

@dma_pf i'm running the latest version of both.