From your FW rule, it looks like there is no Firewall 'Auto' Rule Suffix' in the description.

Your Firewall 'Auto' Rule Suffix is set to "AR" and that doesn't show in the Description of the FW Rule.

I guess you changed that setting it at some point. Did you disable pfblockerNG when you changed the settings ?

Select 'Auto Rule' description suffix for auto defined rules. pfBlockerNG must be disabled to modify suffix.

@NollipfSense Thanks for the suggestion of increasing states/table entries. I will give it a try.

Although, as described in my initial post, my system seems to use a disproportionately low amount of memory about two hours after reload, it seems to apply TLD filtering adequately, as far as I can discern from looking at my Reports/Alerts/DNSBL log... Still puzzled...

EDIT: Of course, I might not know about packets escaping filtering and thus logging, yet the log appears to be populated in a plausible manner.

Solved it guys, did some googling on that SSL error and found another post here:

In
/var/unbound

Delete
dnsbl_cert.pem
unbound_control.key
unbound_control.pem
unbound_server.key
unbound_server.pem

Reboot and run force update/reload.

DNSBL now up and running. Thanks for the help in diagnosing guys.

@jdeloach Funny that I turned off mine yet it still had the notification of failure! Just did a reload and that seems to resolve.

@cmeziere You're welcome and glad you fixed it.

@lbm_ said in pfblocker-devel does not block ip:

I've created an alias under firewall rules

There, you go...that's exactly what I would say.

@NollipfSense ...

This very blind moron thanks you, sir! I don't know how I could have missed that expandable bar...

Offending entry removed, license key entered, problem solved. Thank you again!

Yes, I understand completely (now that you explained) --- I did not realize that pfBlocker was working at DNS level - I assumed that it was putting IP blocks in firewall rules.

Thanks again the help

Opened https://redmine.pfsense.org/issues/10252

Are you sure the disk space is being used by pfBlocker or is that just reporting the write error? Do you have Suricata installed by chance?

https://forum.netgate.com/topic/140951/suricata-log-files-are-filling-the-disk
https://forum.netgate.com/topic/130980/suricata-not-limiting-log-sizes-by-default

The logs ?

@roney-s-mathews said in Installed pfBlockerNG but service does not start:

I used multiple Ip's outside my network but the pi-hole page is not displayed

pfSense / pfBlockerNG-dev is not pi-hole .... or please explain.

Btw : The DNSBL part of pfBlockerNG-dev needs the resolver, not the forwarder. So it's nomal the DNSBL part doesn't start.

f40122ad-5c96-47ef-bcd2-ff739129fe7a-image.png

Hi,

You you have the "TLD" option checked ?

f6abe414-bbfa-456b-ab35-855a61407b80-image.png

If so, click on the blue "I" - right after the red text.

So : uncheck TLD, or go out and buy really huge RAM sticks.
Or remove some feeds.

@nopro You'll need to search as I remembered reading last year...maybe they use the same system resources since the function/feature they provide is similar so when one is using the resource the other is stranded.

@ZIMNYSBRAIN @NollipfSense No reason not to have Automatic Configuration Backup enabled. But still curious why pfB updated on its own...?

@BBcan177

Hello Sir,

I'm having the same issue. I went i did what was said here twice and still have the problem. I also unchecked the boxes and rebooted the system, still nothing.
could you help please?

V/r

@mifronte

Good afternoon,

Thanks for trying to help me with this issue. I checked all download feeds and everything seems to be working. I had a registered maxmind feed and turned it off too. Pretty much I had turned everything off and deleted the files per another forum. I even bought a new device, installed everything and I got the same problem. Which makes me think is something in the feeds. One strange thing I found is that the firewall rules are gone too. This is really strange to me. I rechecked every setting 5 times already and forced reload, started and stopped the resolver. I recognize that I’m fairly new to this firewall software, but I really don’t find what can be causing the issue, as I have even restored the system using my previous config files. Sorry I’m a little frustrated. why is it doing the same with the other system and is a brand new installation. I also have a Free malware patrol subscription and turned it off. I’m I hacked?

Also :

@whizatit said in TLD issues/questions....:

Can't retrieve/post logs if system freezes :-(

That why logs shouldn't stay on the router.
You have to 'backup' your logs. Because: if you have them, you wont need them - and the other way around.

I've TLD selected since the beginning on a very old plain vanilla "Intel(R) Pentium(R) 4 CPU 3.20GHz
2 CPUs: 1 package(s) x 2 hardware threads " with 2 GB.
Four or five classic feeds ( DNSBL ).

Here you can see memory and system resources (yep, another way to 'log' outside the box).

pfSense freezes ? I don't recall freezing mine on me ...

@Aqualinx You may want to disable pfBlockerNG to make sure the firewall option is set to auto as below.
Screen Shot 2020-02-06 at 2.58.54 PM.png

@Le_Bleu

Block the ISP via their ASN number.

AS details for 240e:f7:4f01:c::3 :-

route6: 240E::/24
descr: China Telecom
origin: AS4134
mnt-by: MAINT-CT-GNOC
changed: dougd@chinatelecom.cn 20180820 #08:22:54Z
source: RADB

route6: 240e::/20
descr: CHINANET-IPv6-ROUTE
origin: AS4134
mnt-by: MAINT-CHINANET
last-modified: 2018-08-21T08:05:25Z
source: APNIC

Monday, 3 February 2020 at 18:41:09 Greenwich Mean Time

Screenshot 2020-02-03 at 18.43.10.png