@diamondcreeper75 De activated that redirection of an DNSBL. It won't work. Select : [image: 1645087876797-85db2075-333e-43b4-9f35-91e93c3ad3c2-image.png] If the webserver, the one used by pfBlockerNG, had a certificate that says it marketplace.google;.com, then that page would have been trusted by your browser. Or, you have not that certificate. Actually, from all the DNSBL you have listed in the DNSBL feeds, you have none. Conclusion : Yes, it's true, even the sites that serve add pages and such, use all https these days. This web server page stating that you visited a page blocked by DNSBL works well for plain http sites. These do not exist any more.

@diamondcreeper75 See the other thread : you are using the very old pfblockerNG non devel version. I know the recent version works. For more info : pfBlockerNG MaxMind Registration required to continue to use the GeoIP functionality!

@scorpoin said in issue pfblocker-NG-Devel 3.1: how do I resolve this. By finding the pace where this errors happens. Could be "TLD Whitelist" related ;=) Go to Firewall > pfBlocker > NGDNSBL Scroll down to "DNSBL Whitelist". Copy / cut everything in there and put it in a safe place elsewhere. Now, that block is empty. save. Update Force Reload All. Error message gone ?

@gertjan Makes perfect sense, thank you for the clarification. I haven't had to use any patches as of yet, I usually just work around the problem or the problem doesn't effect me so I let it be, but this was an annoying problem that required me to disable mail notifications, which means potential issues may get ignored until they are noticed. That in itself can be a problem. Thank you everyone for your help, greatly appreciated!

@viktor_g Thanks! I guess I thought I had it enabled but I had to un-check "Check to disable MaxMind CSV updates" After that did updates, ran cron and reloaded just to be sure it was all loaded and it's good to go!

@netfly If the DNS block list is not enabled I don't think pfBlocker really does anything except update its feeds based on the update timer.

@furom said in pfBlockerNG-devel 3.1.0_1 issue running wizard: only one window will keep the selection Found it. The dark theme I was using made the "selected but not active" selections not visible...

@steveits Hey Steve -- Yeap, the Floating Rule at the top has Quick enabled.

@rvjr said in IPv6 list generated IPv4 rule: ok, that's weird. No I'm using the standard pfBlockerNG 2.1.4_26 on pfSense 21.05.2-RELEASE. I'll try switching the list action and see if that makes any difference. Your problem is that you are using an old unsupported version of pfBlockerNG. The maintainer of pfBlockerNG, @BBcan177, does not recommend the use of that old version. The -devel version has been in use for 2 to 3 years now and is very stable and the only version currently being updated. Make sure that the box is checked to save your current settings and then uninstall your current version of pfBlockerNG 2.1.4.26 and then install the -devel version 3.1.0_1. This should take care of the issues you are seeing, if not, post back to the forum and someone will help you.

@rvjr On pfSense unbound generally restarts. See https://redmine.pfsense.org/issues/5413

Update: After looking into this, it seems to be a "localnet" that I have in the: firewall > pfblockerng > IP > IPv4 > "localnet" (which is a custom list) > there's where the screwed up process seems to be. It points to "Custom DST Ports" and at one point in the FW's lifespan I couldn't add a custom IPv4 "allow list" without making this dumb alias with destination ports. It is so annoying because at one point, the white list was the white list. After some update you had to further carve out your destination ports. It used to be simple. Now, checking the other firewalls, they all have this setup but for some reason I get errors. On the working firewall I have an alias: pfB_localnet_v4. That looks "built in" to PFbNG. On the non-working one, that alias doesn't exist. I think somewhere in here is where the problem is but I'm not sure how to work it out yet. I had to create that "Web_Ports" alias at one point because the system would not simply allow me to make an IPv4 allow list that was simple, I had to specify the destination ports via a port alias (lame) Error: Empty destination port alias 'Web_Ports' for rule 'pfB_localnet_v4 auto rule' @ 2022-02-12 11:51:40 Empty destination port alias 'Web_Ports' for rule 'pfB_eits_whitelist_v4 auto rule' @ 2022-02-12 11:51:41 Empty destination port alias 'Web_Ports' for rule 'pfB_localnet_v4 auto rule' @ 2022-02-12 11:51:42 Empty destination port alias 'Web_Ports' for rule 'pfB_eits_whitelist_v4 auto rule' @ 2022-02-12 11:51:43 Empty destination port alias 'Web_Ports' for rule 'pfB_localnet_v4 auto rule' @ 2022-02-12 11:51:44 Empty destination port alias 'Web_Ports' for rule 'pfB_eits_whitelist_v4 auto rule' @ 2022-02-12 11:51:45

@vmac said in Why is my pfBlockerNG still showing up to date: @bmeeks Thanks for the response, I am on the latest version of pfSense. [image: 1644108442875-screenshot-2022-02-05-174431.png] How do I get onto the development version if that is the best and it is "stable" in that I won't be having to have my router reset while I'm traveling for work? You will just install it from the Packages Repo (under SYSTEM > PACKAGE MANAGER in the menu). I am not a pfBlockerNG user, so I can't say exactly what settings will migrate over from pfBlockerNG to pfBlockerNG-devel. You might want to read up on all the posts in this sub-forum about pfBlockerNG-devel before installing it. I believe the best procedure would be to delete pfBlockerNG and then install pfBlockerNG-devel. You should not lose the pfBlockerNG settings that way. But there are so many changes in features in pfBlockerNG-devel that you might consider a fresh install from scratch the better approach.

@dma_pf @SteveITS @BBcan177 Thank you guys, so it all starts with the problem I have where the 'source' field doesn't behave as expected and is not linked to any list - I think in that respect I finally found the bug (and a workaround) - for me this applies to all formats (so far I tested 'Auto', GeoIP and ASN). So as described before, whenever I try to add a new custom list (Firewall-->pfBlockerNG-->IP-->IPv4), the 'source' field is broken and only act as plain text [image: 1644007074458-screenshot-2022-02-04-at-21.34.07.png] So I discovered that if I try and save it at this state before completing it (so in this example I left Name / Description / header empty), I will get the same page but with an error - in this new page the 'Source' field works just fine [image: 1644007231543-screenshot-2022-02-04-at-21.34.41.png] So I can now create my aliases in this way. As for the second problem (Logs - logs file box always remains empty regardless file type / file selection), So far I can say this is browser related - I work on a Mac, using Safari, in Chrome this works fine (although from some reason it worked once today for me in Safari but I so far did not figured out why it is inconsistent and if it is because of some settings or the browser itself). Thank you guys for all your help and support!

@laviniuc My guess it's definitely because of the Captcha requirement. On their website (http://list.iblocklist.com/humantest?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz it says: "If you register an account, then you will not have to pass the security check when downloading list files." Some other feeds that also require registration give you a token that you can then put into the URL of the feed to be able to download the lists. I don't know if iblocklist does that or not. But you might try registering and see if the provide that for you. My guess is thy might as their website explicitly says that their lists can be used with pfsense.