Had to restore the config, after the restore, the package was installed but I could remove it from the package manager.

Attempt before the config restoration.

[2.4.5-RC][root@pfSense.local.lan]/root: pkg delete -yf pfSense-pkg-pfBlocker\* No packages matched for pattern 'pfSense-pkg-pfBlocker*' Checking integrity... done (0 conflicting) 1 packages requested for removal: 0 locked, 1 missing

Not sure what could have happened, everything almost to the default settings.
Didn't even set the maxmind, won't be using geoIP, so, just ran the wizard without the hp-hosts list.

@solaris81 said in pfblockerNG possible bug:

Seems that when pfblocker is restarting it is creating those rules all over again.

Upgrade to pfBlockerNG-devel and see if the issue persists

@RonpfS said in pfBlockerNG-devel DNSBL whitelist not working:

@NollipfSense There is another way to do it.

Add tiqcdn.com to the TLD Exclusion List Remove tags.tiqcdn.com from the Whitelist Remove .tiqcdn.com from the Whitelist Run a Force Reload DNSBL

Access tags.tiqcdn.com,if it is still blocked, whitelist it using the Alert Tab "+" icon.

Thank you for sharing...I learned something new today, awesome!

@krbvroc1 said in secured.netflix.com blocked - WHY?:

Another case of dishonest people ruining things for everyone else.

Yup!! This is across the board on everything, not just free trials ;) The world is full of assholes, they keep the rest of us from having nice things ;)

@shunter521 Here...
Screen Shot 2020-01-23 at 10.31.07 AM.png
Screen Shot 2020-01-23 at 10.31.50 AM.png

@jacol Thanks, I got it working. Turns out that my config was right but I noticed from PFSense syslog that I get login 401 to my ELK server. Changed the user and now it works!

@NogBadTheBad $90 is a lot more expensive than most TLDs, so I don't understand why that would be a reason to block an entire TLD.

Ouch, glad I don't have any .tk domains then!

@RonpfS

That is understandable. Thanks for the answers. I'll try to find a way to use these logs in my need.

This DNS server will only be used when you use the Alerts Tab "+" icon to whitelist a Domain.

@NollipfSense I'll for sure try to import the DNSBL cert to my browser later in the day.
My dns over https is also disabled :)

Figured this out.
I replaced pfBlcokerNG with pfBlockerNG-Devel but the behavior remained the same. Creating a rule based on a GeoIP alias containing a country, opens ports 81 and 53 to the world (despite ports 81 and 53 are not included in the alias settings; only the required ports are included). To avoid this, in addition to (or instead of) having Custom DST Port in Firewall > pfBlockerNG > IP > GeoIP > Continent > Advanced Inbound Firewall Rule Settings, the ports are also required to be set in the Destination Port Range of the Rule, otherwise ports 81 and 53 (in addition to other opened ports) would be opened to the world. In my case I disabled the Custom DST Port and set the Destination Ports Range in the rule. I am not sure about the purpose of the "Custom DST Port" in GeoIP.

@BBcan177 Thanks for your help.

Sorry I have wasted your time.

lastly, pfBlockerNG is amazing. It just makes pfSense so much more powerful as a great firewall solution.

These settings are all and only stored in the main pfsense config xml file.
All other files on the disk should be removed. It's not a "setting", after all.

@gabric098 said in How to fully uninstall pfBlockerNG:

zero knowledge about pfblockerNG

Me neither.
That's why I read the installation manual(aka : the php and xml files that install pfblockerNG are in plain old school English ...).

@Gertjan i will keep watching
thanks again

@wormuths Up again.

@provels - Hi, I am running pfBlockerNG (v. 2.1.4_20).

I don't use DNSBL, just the IPs. I started readding the blocklist IPs (e.g., BinaryDefense, EmergingThreats, firehol Level 1 to 3) and they now work.

Hi guys,

I came back again and unbound is now working.

Thanks for all of your replies.