The Force option Update will download the IP lists and create the aliases. If you're getting an error with the update, then it probably didn't create the aliases. In other words it has no information to work with. I've not run into an error there, let alone mentioning an ISO.

Generally when I've created them I use Alias Native and then create my own firewall rules.

Alright... I'll give that a try next.

Had to resort to a cron tab that did a:
/bin/cat /dev/null > /var/log/pfblockerng/dnsbl_error.log

every 15 minutes. That's a hack!

Will try the dev version next...

Thx,
Bob

@siam yes

@RonpfS
I just did a test. You need to "Force Reload" and "Force Reload DNSBL" in case If you remove an entity from custom white list. The entity behavior will change to blocking. You don't need to restart pfsense.

Thanks for clarification.

Just bumping this in case someone has a thought on it. I've also tried running this script as a shellcmd, but w/o success.

#!/bin/sh sleep 120 /usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php update >> /var/log/pfblockerng/pfblockerng.log exit

Thank you for that information. I will downgrade now pfSense. Would you @getcom mind to set up a bug-report? Your reputation is surely better than mine and i expect you can describe the problem better i could ever do.

Well, i guess this is the answer. The second router DNS has to be pointed to Pfsense DNS resolver address.

@durianbusuk

Thanks for this! Didn’t know about it and am trying it out now.

@lordofpc734 Oh nvm. i just had to rename the rules (changed pfB_ to pfb_) this was in some infoblock in the IPv4 page

@provels When you enable these you have the option of doing so. You can allow or block or use them as aliases.

@FMRC_Cheeky No worries. Don't be afraid to ask questions. You'll get up to speed faster than you may think!

I had to "recreate" my geo-IP alias for that, because I was not able to combine the existing one with the custom IP. But it works!
👍

@Gertjan Thanks.

Maybe one core isn't that bad. We'll see.

Looking good so far.

Is there a way to keep the list contents and disable future updates in pfBlockerNG? I selected Never for Update Frequency but I'm still getting download errors. Under DNSBL Source Definitions there is an option to place lists on HOLD, would this allow them to continue working without updating any more?

I don't see any harm in keeping the list active at least until another similar replacement can be found.