• Database GeoIP [ GeoIP.Dat ] not found. Reputation function terminated.

    7
    0 Votes
    7 Posts
    932 Views
    Sergei_ShablovskyS

    @johnpoz said in Database GeoIP [ GeoIP.Dat ] not found. Reputation function terminated.:

    Even if I knew - I wouldn't to be honest.. Anything that helps someone stay on of EOL product is counter productive.. You should of moved off 2.3.x two years ago when it was announced it was going to be EOL in a year, etc.

    Ok, agree with You. :)

    Try to shift pfSense to another server as fast as possible.

  • pfBlockerNG specific port access...

    6
    0 Votes
    6 Posts
    3k Views
    T

    @BBcan177 I have a rule ordering problem. When pfblockerng is enabled my ports that I don't intend to have open are suddenly open is this an issue with rule order my rules are one allow rule for a few ips and then the pfblocker block followed by allow rules from pfsense? Would the alias type rules resolve this issue?

  • Pfblocker Issue

    1
    0 Votes
    1 Posts
    178 Views
    No one has replied
  • PfblockerNG with MultiWAN

    3
    0 Votes
    3 Posts
    743 Views
    S

    Yes, it worked finally, but not as you described. I had both ethernet and wifi turned On and one interface had direct access to the internet, therefore, was bypassing the PfBlockerNG.

    Now I ran into another problem. :)
    Everything is working fine, except that one PC is able to bypass PFBlocker. I do not know how but I checked directly and also did Nslookup but it's getting through. All the other workstations are getting blocked except one.

    This is the firewall rule screenshot
    25521629-221e-4d17-b6ee-be1d8464bb60-image.png

    Screenshot of NGAlert showing blocked site access from other PC
    ed30728e-3c6c-46d1-955d-5b63e2112f57-image.png

    Nslookup screenshot from the rouge PC
    8419eb6f-0874-4572-99a7-be567b06a391-image.png
    From the other PC it shows 10.10.10.1. So its getting blocked there

  • Not able to block youtube using pfblockerng with customlist.

    9
    0 Votes
    9 Posts
    5k Views
    NollipfSenseN

    @Gertjan said in Not able to block youtube using pfblockerng with customlist.:

    @NollipfSense said in Not able to block youtube using pfblockerng with customlist.:

    clients are natted on pfSense's LAN

    Throw away the firmware in these natting devices and put pfSense in place.

    True, natting after pfSense hides a lot of info.

    In my case, the natting is before pfSense...(the king of my LAN is the new Mikrotik RB450x4); so, I'll have to monitor IP > Firewall > Connections to see when the AppleTV YouTube app is talking to DNS. Yes, my system is double natted...seems okay with it as pfSense is king of my WAN.

  • pfBlockerNG-devel IPv4 whitelist

    5
    0 Votes
    5 Posts
    662 Views
    NollipfSenseN

    Here's the video that Gertjan mentioned: https://www.youtube.co/watch?v=g0KOcfGicjM

    However, if you want to administer your box, I am not sure adding the mobile public IP to whitelist will accomplish what you're seeking without special WAN firewall rule. You could use SSH as per here: https://www.youtube.com/watch?v=lDqRIu2zhoQ
    However, you won't have the WebGUI. So, as Gertjan suggested and recommended, VPN is the best option especially since you already installed OpenVPN.

  • How to block all websites - pfblockerng

    3
    0 Votes
    3 Posts
    239 Views
    GertjanG

    @NollipfSense : I guess that he (tries to) ask(s) how to make a very restrictive LAN : only some sites can be visited by the LAN clients, and nothing else.
    Not sure, though....

  • Not blocking the world

    5
    0 Votes
    5 Posts
    683 Views
    E

    If there was an option for the auto IP rules to block first then allow (block/reject/pass/match) then the idea of default deny would be a lot more accessible. Currently the auto rules are all some variety of pass/match/block/reject. So if I want to block some top spammers then allow geo regions all in pfblocker followed by a pfsense default deny rule it isnt automatically possible. Maybe thats a feature @BBcan177 can add someday. Block outgoing by default, allow what is needed.

  • pfblockerng-devel error: Unknown Not listed!

    7
    0 Votes
    7 Posts
    1k Views
    NollipfSenseN

    @RonpfS said in pfblockerng-devel error: Unknown Not listed!:

    So there is always a window of time when some files go missing from /var/db/pfblockerNG/deny/*.txt, the service will then report the feed as Not listed

    Okay, thank you for thoughtful explanation...awesome!

  • pfblocker and AD DNS

    7
    0 Votes
    7 Posts
    1k Views
    JeGrJ

    @riften said in pfblocker and AD DNS:

    I've got two Server 2016 VMs running a domain, both with DNS and DHCP on both. No DHCP on PFSense, only DNS Resolver configured. The IPs listed in PFSense in SYSTEM/GENERAL are all my chosen Internet resolvers (not my internal DNS, they are DNS over TLS Internet resolvers). All my clients have as their DNS, my two DNS servers only, and they get this from the DCs DHCP server and scope options. The DCs list each other as their DNS, and have the PFSense box as their forwarder (not conditional, just regular forwarder). If they can't resolve the request, they use the forwarder so port 53 TCP and UDP are allowed via a lan rule applied to an alias for both my DCs, to the lan interface on PFSENSE. All clients port 53 are blocked in PFSense on a rule below that allow rule, just to make sure they don't get directly out for any reason (say if they get infected with something and their DNS is hack-configured to something malicious). Once PFSense gets the request from my DCs, it then uses the configured DNS servers on the general tab, with the DNS over TLS settings set on the DNS Resolver section.

    And what does that have to do with the original question/problem? That's your workflow, OK. But that has potential problems / oversights as well. But besides, I don't get what you wanted to say/add to the topic with telling your setup.

    As an additional thought: only blocking udp/tcp53 isn't enough anymore. There are DoT resolvers for client OS' as well that could be used and with Windows (or applications) adding DoH support, that "Pandora's Box" will soon bring fun to all admins debugging DNS failings as well ;)

  • pfblockerng error: Unknown Not listed!

    24
    0 Votes
    24 Posts
    4k Views
    J

    @Gertjan ok, guys. will do

  • Firewall rules gets mixed up after a few minutes

    Moved
    10
    0 Votes
    10 Posts
    914 Views
    N

    This is noted and will experiment with this in the next few days when most people in the office are in their Christmas break. Thank you!!!

  • How to allow ip from my lan, using pfblocker?

    1
    0 Votes
    1 Posts
    94 Views
    No one has replied
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    4 Views
    No one has replied
  • DNSBL only working on DMZ NIC?

    13
    0 Votes
    13 Posts
    1k Views
    TAC57T

    7b5b7947-5c91-4b34-84ef-037a670f0787-image.png

    6239db17-333b-41bb-8f23-edab33a27662-image.png

  • Help - Memory allocation errors

    8
    0 Votes
    8 Posts
    3k Views
    awebsterA

    @kiokoman Aha, that makes much more sense! Thanks!

  • pfBlockerNG 2.2.5_27 cron update and traffic loss

    5
    0 Votes
    5 Posts
    579 Views
    A

    @Gertjan said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

    @asdjklfjkdslfdsaklj said in pfBlockerNG 2.2.5_27 cron update and traffic loss:

    As an aside, no, no issues with name resolution.

    Well, I'm still curious to know what the time is between "unbound stop" and "unbound started".

    None, given "Resolver Live Sync" is enabled.

  • pfBlockerNG Surprise

    3
    0 Votes
    3 Posts
    515 Views
    NollipfSenseN

    @viktor_g Yes, I know...I was just surprised to see a new display instead of a blank page. BBcan177 is so awesome...I remembered seeing a request for such display in a post recently, and he got it done...so cool!

  • Firewall rules sorting

    Moved
    5
    0 Votes
    5 Posts
    711 Views
    D

    @Derelict thank you!

  • Pfblocker DNSBL not working

    8
    0 Votes
    8 Posts
    1k Views
    NollipfSenseN

    @zaber01 I run both Squid for the antivirus only as well as pfBlockerNG; however, I do not use Squid's proxy server. I believe that's where you had the conflict. Your wanting to block sites is the purpose of install pfBlockerNG, specifically to prevent clients from accessing potential harmful sites.
    I would suggest spending sometime in this section of the forum learning more...we all had to do this.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.