@manjotsc

You Welcome 😉

It could be an error in the third party database being downloaded. Or, IPs "move" (https://azure.microsoft.com/en-us/blog/windows-azures-use-of-non-us-ipv4-address-space-in-us-regions/).

To allow an IP you need a firewall rule above it. What I often do is set up an Alias Native alias and then can use it in whatever NAT or firewall rule I want (which allows ordering). The files are downloaded and stored on disk by country code:
e21f386f-a1f0-41b8-832f-08634edf26db-image.png
Remember to run an Update in pfBlocker after creating the entry, to generate the alias.

As pfBlocker notes you can also default block all, and just allow the desired IPs or countries.

Resolution as follows:

System -> Advanced -> Firewall & Nat -> Firewall Maximum Table - bump up the figure (I'm set to 1,000,000).

System -> Advanced -> System Tunables. If there is an entry called "net.pf.request_maxcount", change the number to match above. If an entry doesn't exist, create one.

Nevermind…it's already fixed in the devel version.
Screen Shot 2020-09-10 at 05.00.24.png

sarrieee 😬

I'm curious on how you determined that pfBlockerNG is the root cause of the issue?

If I were troubleshooting, I would create a firewall rule:
Source = 192.168.25.14:*
Destination = *:53
Enable logging and move it to the top of the rules for that interface and see what it captures.

@JeGr ok thanks ya i made sure malewarebytes was upto date and microsoft antivirus scanner.. its just weird i ordered on amazon then i got 30 min later saying ym order was on hold and you need to check your credit card and of course email address isnt from amazon or if it is an amazon email the link you click on isnt amazon..
so its getting more trouble some these days.. but ok i figured id ask if it was possible.. keep doing what i doing n make sure its spam or not myself..

thank you for your help (:

I wanted to update on the resolution to this problem I had. I didn't want to post a problem and leave it the way this thread went. It turned out that pfblockerng-devel was my problem. Even though it was disabled both in the general tab and dnsbl, when I uninstalled the package, performance went to normal internet speeds. I tested and verified performance before anything was touched, and after I uninstalled it. I put the older version on and it did not affect my performance. I enabled what I wanted and was still good. I'm not sure why this was the issue, but all appears to be good now.

I ran into the same thing.
After look around it appears the IP might have changed.

There is a reddit thread about it I found here:
https://www.reddit.com/r/pfBlockerNG/comments/inat95/new_ip_address_for_safeduckduckgocom_old_ip/

September 5th is about when it broke for my setup, which lines up with the IP change

Hi,

i mean it is normal, then you click the "Anzeige" and behind this "Anzeige" is a https redirect to Ads Server System "ad.doubleclick.net" and pfblockerng broken this Link and you see this "Error Messages".

To open this Link behind the "Anzeige" you must have add this "ad.WHATEVER" to DNSBL Whitelist in pfblockerng. i think you must clean the browser cache and try it again. i use always the Update / Reload DNSBL function too.

but, what says your firewall / pfblocker logfiles in the same moment when you try it to open this link?

BR

@ex1580 @johnpoz Thank you both!

Excellent. Thank you so much for the quick response and reassurances.

@johnpoz John, I have to go. Thanks again for your help. I'll check back later in the day.

Getting stranger, they are blocked again. According to the rule it should be suppressed but clearly it was blocked.

I now manually added the ips to the alias and did a "update - reload -all) and now it is working again.

===[ Suppression Stats ]=================================== List Pre Suppress Master ----------------------------------------------------------- BinaryDefence_IPs_v4 1445 1445 67583 Suppression ET_Block_IP_Ranges_v4: 1.1.1.0/24 (Excluding: 1.1.1.1/32) ET_Block_IP_Ranges_v4 995 994 67837 ET_Compromised_IPs_v4 450 450 67837 ISC_1000_30_v4 451 450 67836

So the alias "pfBlockerNGSuppress" was apparently the right place to add them, only when I added it from the reports it did not show up there and was not working again a little later

Got added to CINS army as well. I added all IPs to the suppression list

1.1.1.1/32 1.0.0.1/32 1.1.1.2/32 1.0.0.2/32 1.1.1.3/32 1.0.0.3/32

Forced Reload and got this:

CINS_army_v4 15000 15000 19434   Suppression ET_Block_v4: 1.1.1.0/24 (Excluding: 1.1.1.1/32)  Suppression ET_Block_v4: 1.1.1.0/24 (Excluding: 1.1.1.2/32)  Suppression ET_Block_v4: 1.1.1.0/24 (Excluding: 1.1.1.3/32)

Everything working again. Until all the lists are clean just add the IPs to your suppression list.

This duplicate to this
https://forum.netgate.com/topic/156300/strange-issue-with-1-1-1-1

See my answer there.