I can now also confirm the filling filesystem issue is gone once pfBlockerNG is changed to "Unbound Mode" instead of python mode.

So this will serve as workaround until the issue with Python mode filling the filesystem is solved:

NOTE: It seems my pfBlockerNG stopped logging DNSBL hits once I changed to Unbound mode.
The counters in the widget no longer increases, and no hits are registered in the DNSBL report.
But DNSBL is still active and working

https://forum.netgate.com/topic/164796/php-warning-filesize-stat-failed-for-tmp-dnsbl_add_data

Hello? Anyone?

Hi @reza3sw ,
This is very old post but I want to ask in anyway.
Please could you decribe little bit more about your process?

Regards,
Mucip:)

@jegr Yep, I thought whatever I do there in pfBlocker wouldn't affect my unbound config, but that is not the case. So it works as intended it seems. That was the question in my first post.

@jrn77478 @BBcan177

Hello,

I got this answer from Talos (via Twitter):

"It moved to: https://snort.org/downloads/ip-block-list about a year ago"

Hope that helps all who need it.

Regards,
fireodo

@jdeloach I posted that message in May 2020.

Deleted reply.

@gertjan I skipped over "unchecked" apparently, sorry costanzo. Unbound was reverted to an earlier version in 21.05 but he has that already.

@ik2189 said in pfBockerNG, ads and trackers:

What are the best URLs for ads or trackers ?

The 'quality' ones, the ones that contain all the domains and IP's that block all the adds etc ?
If it exists, it isn't probably for free.

What you can do :
Take some domains that feeds pages with adds.
Try out all the feeds listed on Firewall > pfBlockerNG > Feeds one by one.
Check if the domain(s) that you've noted are listed. if so, keep that list as a candidate for your pfBlockerNG

Or : create your own feed, and add domains to it while you keep new ones. Don't forget to maintain and publish it ... for free of course ^^

@juanchozn11 said in pfBlockerNG - error accessing GeoIP settings:

I'm on 2.3.5-RELEASE-p2

That's most way to old.
2.3.5 is not just EOL, it has entered the "don't use it" phase.

Several things happened the last couple of years :

@juanchozn11 said in pfBlockerNG - error accessing GeoIP settings:

Firewall -> pfBlockerNG > GeoIP

The access is now Firewall > pfBlockerNG > IP > GeoIP
So you're using the ancient version. As no one uses it any more, getting help is difficult. You might find some old forum posts ?!?

Also, the MaxMind GeoIP database needs a (free !) subscription. Dono if that's implemented into the old pfBlockerNG version.

Take note : only 'experts' keep old version up and running, because they have the knowledge *** to do so.
For the rest of us : make your live easy on you,, and keep your system up to date.

** but they don't, as no one really likes to deal with old bugs and errors that were solved ages ago already.

Thanks Bob! However, I do not exactly know how to do that without exposing my pfSense update traffic on the internet. I'm not sure I want that. Is there a way by which the Talos traffic IS the only one moving out to WAN aside from my vpn traffic? I think there is. I'll try to solve this later. Again Bob, thanks for replying quickly.

@jenskiebee

Keep in mind : it's a DNSBL bypass.
IP based feeds will still block, as these are just huge aliases used in firewall rules.

See also here and here.

It's still in the ⚡ phase of developing.