Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG-devel feedback

    Scheduled Pinned Locked Moved pfBlockerNG
    102 Posts 26 Posters 100.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Hugovsky
      last edited by

      after upgrade to latest _17, I can't open 10.10.10.1 with browser. pfBlocker seems to be working and logging fine but can't get the 10.10.10.1 page. Is it normal?

      BBcan177B 1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator @Veldkornet
        last edited by

        @veldkornet said in pfBlockerNG-devel feedback:

        On my dashboard, DNSBL always has a yellow icon and says
        DNSBL is out of sync. Perform a force reload to correct.

        Although I’ve already done a force reload a few times...
        Also, unrelated to the above, would it be possible to allow the ability to choose your own certificate for DNSBL so that you don’t get certificate errors for the https page?

        For the Sync issue: Typically this is caused by having multiple feeds with the same "Header/Label" name. Every Header needs to be unique. Also can be caused if you have a duplicated Feed.

        For the Certificate errors, you can fix this in pfBlockerNG-devel, see here:
        https://forum.netgate.com/topic/136302/is-hiding-dnsbl-alerts-without-whitlisting-possible

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        VeldkornetV 1 Reply Last reply Reply Quote 0
        • BBcan177B
          BBcan177 Moderator @Hugovsky
          last edited by

          @hugovsky said in pfBlockerNG-devel feedback:

          after upgrade to latest _17, I can't open 10.10.10.1 with browser. pfBlocker seems to be working and logging fine but can't get the 10.10.10.1 page. Is it normal?

          Any errors in the system.log when you restart the service?

          What happens if you try to start it from the shell?

          /usr/local/etc/rc.d/pfb_filter.sh restart

          Also check the pfblockerng.log for any errors.

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          • H
            Hugovsky
            last edited by Hugovsky

            system log:

            Oct 7 17:18:32 	check_reload_status 		Syncing firewall
Oct 7 17:18:32 	php_pfb 		[pfBlockerNG] filterlog daemon started
Oct 7 17:18:32 	php-fpm 	960 	[pfBlockerNG] Restarting firewall filter daemon
Oct 7 17:18:32 	check_reload_status 		Reloading filter
Oct 7 17:18:31 	check_reload_status 		Syncing firewall
Oct 7 17:18:31 	check_reload_status 		Syncing firewall
Oct 7 17:18:29 	php 		[pfBlockerNG] DNSBL parser daemon started

            pfblockerng.log after stop/start of pfBlocker in GUI:

            **Saving configuration [ 10/07/18 17:16:23 ]**
Reloading Unbound Resolver..... completed [ 10/07/18 17:16:24 ]
DNSBL update [ 1147610 | PASSED  ]... completed [ 10/07/18 17:16:25 ]
Removing DNSBL Unbound custom option
------------------------------------------------------------------------
Saving DNSBL config changes.VIP address configured. Widget Packet statistics reset.
Stop Service DNSBL

** DNSBL Disabled **

** Stopping firewall filter daemon **

**Saving configuration [ 10/07/18 17:17:57 ]**

Configuring DNSBL... completed
Reloading Unbound Resolver..... completed [ 10/07/18 17:18:27 ]
DNSBL update [ 1147610 | PASSED  ]... completed [ 10/07/18 17:18:28 ]
Adding DNSBL Unbound server:include option
------------------------------------------------------------------------
Saving new DNSBL web server configuration to port [ 9081 and 9443 ]
Saving DNSBL config changes.VIP address configured. Widget Packet statistics reset.

Restarting DNSBL Service

** Restarting firewall filter daemon **

            using /usr/local/etc/rc.d/pfb_filter.sh restart it's a no go too.

            I has using 2.4.4 beta from 04 september before and pfblocker _12 and it was working. I've updated pfblocker to _17 and lost the block page. Upgraded pfsense to latest beta 2.4.5. Didn't solved it.

            1 Reply Last reply Reply Quote 0
            • BBcan177B
              BBcan177 Moderator
              last edited by BBcan177

              @hugovsky said in pfBlockerNG-devel feedback:

              I has using 2.4.4 beta from 04 september before and pfblocker _12 and it was working. I've updated pfblocker to _17 and lost the block page. Upgraded pfsense to latest beta 2.4.5. Didn't solved it.

              When you ran that command from the shell, did it report any errors?
              As a note, the pfb_filter is for IP not DNSBL... The DNSBL service is pfb_dnsbl.

              I am also not sure what you mean by "lost the block page?"

              Run the following and report the output:

              ls -lah /var/log/filter.log

              ps auxww | grep pfb

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • H
                Hugovsky
                last edited by

                I've also noted that the percentage of domains blocked is at 100%

                0_1538930091068_test.png

                1 Reply Last reply Reply Quote 0
                • BBcan177B
                  BBcan177 Moderator
                  last edited by

                  @hugovsky said in pfBlockerNG-devel feedback:

                  I've also noted that the percentage of domains blocked is at 100%

                  Click the trashcan Icon in the Packet column to reset it... The widget wrench also contains some other tunables.

                  "Experience is something you don't get until just after you need it."

                  Website: http://pfBlockerNG.com
                  Twitter: @BBcan177  #pfBlockerNG
                  Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                  1 Reply Last reply Reply Quote 0
                  • H
                    Hugovsky
                    last edited by Hugovsky

                    "Block page" it's the page you see when you go drectly to 10.10.10.1, the vip ip.

                    Cleared the stats and "block percentage" is ok now.

                    ls -lah /var/log/filter.log:

                    [2.4.5-DEVELOPMENT][root@firewall]/root: ls -lah /var/log/filter.log
-rw-------  1 root  wheel   195K Oct  7 17:16 /var/log/filter.log

                    ps auxww | grep pfb:

                    [2.4.5-DEVELOPMENT][root@firewall]/root: ps auxww | grep pfb
root    38351   0.0  0.0   10392   7340  -  S    17:18      0:02.08 /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf
root    38455   0.0  0.2   50880  38640  -  I    17:18      0:01.77 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc dnsbl
root    38468   0.0  0.2   50880  38216  -  I    17:18      0:00.26 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc index
root    38796   0.0  0.2   50880  38632  -  S    17:18      0:00.78 /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc queries
root    44777   0.0  0.0    6564   2456  0  S+   17:38      0:00.00 grep pfb
root    48602   0.0  0.0    4340   1956  0  S    17:21      0:00.35 /usr/local/sbin/clog_pfb -f /var/log/filter.log
root    48774   0.0  0.2   50880  38208  0  I    17:21      0:00.25 /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog
                    BBcan177B 1 Reply Last reply Reply Quote 0
                    • BBcan177B
                      BBcan177 Moderator @Hugovsky
                      last edited by BBcan177

                      @hugovsky

                      What does this report:

                      ls -la /usr/local/bin/php*

                      Try the following:

                      rm /usr/local/bin/php_pfb

                      And then restart the pfb_filter service.

                      "Experience is something you don't get until just after you need it."

                      Website: http://pfBlockerNG.com
                      Twitter: @BBcan177  #pfBlockerNG
                      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                      1 Reply Last reply Reply Quote 0
                      • H
                        Hugovsky
                        last edited by Hugovsky

                        ls -lah /usr/local/bin/php*:

                        [2.4.5-DEVELOPMENT][root@firewall]/root: ls -lah /usr/local/bin/php*
-rwxr-xr-x  2 root  wheel   4.6M Sep 20 13:18 /usr/local/bin/php
-rwxr-xr-x  1 root  wheel   4.6M Sep 20 13:18 /usr/local/bin/php-cgi
-rwxr-xr-x  1 root  wheel   2.7K Sep 20 13:18 /usr/local/bin/php-config
-rwxr-xr-x  2 root  wheel   4.6M Sep 20 13:18 /usr/local/bin/php_pfb
-rwxr-xr-x  1 root  wheel   4.4K Sep 20 13:18 /usr/local/bin/phpize

                        Did what you sugested and no diference.

                        1 Reply Last reply Reply Quote 0
                        • H
                          Hugovsky
                          last edited by Hugovsky

                          Also noted that pfBlocker doesn't log my direct connection to 10.10.10.1. It used to.

                          1 Reply Last reply Reply Quote 0
                          • VeldkornetV
                            Veldkornet @BBcan177
                            last edited by

                            @bbcan177 said in pfBlockerNG-devel feedback:

                            @veldkornet said in pfBlockerNG-devel feedback:

                            On my dashboard, DNSBL always has a yellow icon and says
                            DNSBL is out of sync. Perform a force reload to correct.

                            Although I’ve already done a force reload a few times...
                            Also, unrelated to the above, would it be possible to allow the ability to choose your own certificate for DNSBL so that you don’t get certificate errors for the https page?

                            For the Sync issue: Typically this is caused by having multiple feeds with the same "Header/Label" name. Every Header needs to be unique. Also can be caused if you have a duplicated Feed.

                            For the Certificate errors, you can fix this in pfBlockerNG-devel, see here:
                            https://forum.netgate.com/topic/136302/is-hiding-dnsbl-alerts-without-whitlisting-possible

                            For the sync issue, I went through all the feeds but I didn’t notice any duplicates in Feed or tag... is it possible that there’s a duplicate from the custom feed and the Easylist Shalla (for example)? Or is there another way to track it down?

                            FYI, I’m using most of these: https://firebog.net

                            BBcan177B RonpfSR 2 Replies Last reply Reply Quote 0
                            • BBcan177B
                              BBcan177 Moderator @Veldkornet
                              last edited by

                              @veldkornet

                              See the last part of the pfblockerng.log which will summarize all headers.

                              Failing that, uncheck "keep settings" and hit "save" in the general tab which will clear all downloaded files.

                              Follow that by rechecking "keep settings", save and a Force update.

                              "Experience is something you don't get until just after you need it."

                              Website: http://pfBlockerNG.com
                              Twitter: @BBcan177  #pfBlockerNG
                              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                              1 Reply Last reply Reply Quote 0
                              • RonpfSR
                                RonpfS @Veldkornet
                                last edited by

                                @veldkornet Look at https://forum.netgate.com/topic/130361/pfblockerng-devel-2-1-2/14

                                2.4.5-RELEASE-p1 (amd64)
                                Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                                Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                                1 Reply Last reply Reply Quote 1
                                • newyork10023N
                                  newyork10023 @BBcan177
                                  last edited by newyork10023

                                  @bbcan177 I am unclear as to the correct setting on Services -> DNS Resolver -> General Settings under Network Interfaces: it specifies "[IP Address] (pfB DNSBL - DO NOT EDIT)". Well, it got edited (and, indeed, again now). Should this entry be selected (i.e., highlighted/checked) or not? In general, do I want all local internal interfaces checked here including the pfB DNSBL one? Perhaps, the entry could be more "descriptive" than "Do not edit" (e.g., "Select to enable pfB DNSBL").

                                  1 Reply Last reply Reply Quote 0
                                  • VeldkornetV
                                    Veldkornet
                                    last edited by

                                    Speaking of the DNS Resolver, under the custom options, the following:

                                    include: /var/unbound/pfb_dnsbl.*conf

                                    As that looked wrong, I changed it to:

                                    include: /var/unbound/pfb_dnsbl*.conf

                                    Right, so now it works properly and picks up all of the config files, but now because of this, I get the following error:

                                    The following input errors were detected:

    The generated config file cannot be parsed by unbound. Please correct the following errors:
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'server.tag'
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'pfBlockerNG'
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: unknown keyword 'DNSBL'
    /var/unbound/pfb_dnsbl_lighty.conf:4: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword 'server.bind'
    /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:5: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:5: error: unknown keyword '0.0.0.0'
    /var/unbound/pfb_dnsbl_lighty.conf:5: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword 'server.port'
    /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:6: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:6: error: unknown keyword '8082'
    /var/unbound/pfb_dnsbl_lighty.conf:6: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword 'server.event-handler'
    /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:7: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:7: error: unknown keyword 'freebsd-kqueue'
    /var/unbound/pfb_dnsbl_lighty.conf:7: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword 'server.network-backend'
    /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:8: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:8: error: unknown keyword 'freebsd-sendfile'
    /var/unbound/pfb_dnsbl_lighty.conf:8: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword 'server.dir-listing'
    /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:9: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:9: error: unknown keyword 'disable'
    /var/unbound/pfb_dnsbl_lighty.conf:9: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword 'server.document-root'
    /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:10: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:10: error: unknown keyword '/usr/local/www/pfblockerng/www/'
    /var/unbound/pfb_dnsbl_lighty.conf:10: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword 'server.errorlog'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '|/usr/local/bin/php'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '-f'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword '/usr/local/pkg/pfblockerng/pfblockerng.inc'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: unknown keyword 'dnsbl'
    /var/unbound/pfb_dnsbl_lighty.conf:11: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword 'server.pid-file'
    /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:12: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:12: error: unknown keyword '/var/run/dnsbl.pid'
    /var/unbound/pfb_dnsbl_lighty.conf:12: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'server.modules'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_access'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_accesslog'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_fastcgi'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_rewrite'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword 'mod_openssl'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:13: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword 'server.indexfiles'
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword 'index.php'
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:14: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'mimetype.assign'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '.html'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'text/html'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '.gif'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword 'image/gif'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:15: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword 'url.access-deny'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '~'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword '.inc'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:16: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'fastcgi.server'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '.php'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'localhost'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'socket'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '/var/run/php-fpm.socket'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ','
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'broken-scriptfilename'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword 'enable'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:17: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword 'debug.log-condition-handling'
    /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:19: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:19: error: unknown keyword 'enable'
    /var/unbound/pfb_dnsbl_lighty.conf:19: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword 'accesslog.use-syslog'
    /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:20: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:20: error: unknown keyword 'disable'
    /var/unbound/pfb_dnsbl_lighty.conf:20: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword 'accesslog.format'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword 'INDEX!%r!%V!%h!%{Referer}i'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '*'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '%r'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '*'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: unknown keyword '%{User-Agent}i'
    /var/unbound/pfb_dnsbl_lighty.conf:21: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword 'accesslog.filename'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '|/usr/local/bin/php'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '-f'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword '/usr/local/pkg/pfblockerng/pfblockerng.inc'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: unknown keyword 'index'
    /var/unbound/pfb_dnsbl_lighty.conf:22: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '$HTTP['
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword 'scheme'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword ']'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '=='
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword 'http'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:24: error: unknown keyword '{'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword 'url.rewrite-once'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '.*'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword 'index.php'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:25: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:26: error: unknown keyword '}'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '$HTTP['
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword 'remoteip'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword ']'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '=~'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '.*'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:28: error: unknown keyword '{'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '$SERVER['
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword 'socket'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword ']'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '=='
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '0.0.0.0'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray ':'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '8443'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:29: error: unknown keyword '{'
    /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword 'ssl.engine'
    /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:30: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:30: error: unknown keyword 'enable'
    /var/unbound/pfb_dnsbl_lighty.conf:30: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword 'ssl.pemfile'
    /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:31: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:31: error: unknown keyword '/var/unbound/dnsbl_cert.pem'
    /var/unbound/pfb_dnsbl_lighty.conf:31: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:32: error: unknown keyword '}'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '$SERVER['
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword 'socket'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword ']'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '=='
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '10.10.10.1'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray ':'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '443'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:34: error: unknown keyword '{'
    /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword 'ssl.engine'
    /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:35: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:35: error: unknown keyword 'enable'
    /var/unbound/pfb_dnsbl_lighty.conf:35: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword 'ssl.pemfile'
    /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:36: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:36: error: unknown keyword '/var/unbound/dnsbl_cert.pem'
    /var/unbound/pfb_dnsbl_lighty.conf:36: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:37: error: unknown keyword '}'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '$HTTP['
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword 'host'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword ']'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '=~'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '.*'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:39: error: unknown keyword '{'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword 'url.rewrite-once'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '='
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '('
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '.*'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword '=>'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword 'index.php'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: stray '"'
    /var/unbound/pfb_dnsbl_lighty.conf:40: error: unknown keyword ')'
    /var/unbound/pfb_dnsbl_lighty.conf:41: error: unknown keyword '}'
    /var/unbound/pfb_dnsbl_lighty.conf:42: error: unknown keyword '}'
    read /var/unbound/test/unbound.conf failed: 268 errors in configuration file

                                    So first off, was it supposed to be .*conf? Or *.conf? Secondly, what's this pfb_dnsbl_lighty.conf file?

                                    BBcan177B 1 Reply Last reply Reply Quote 0
                                    • BBcan177B
                                      BBcan177 Moderator @Veldkornet
                                      last edited by

                                      @veldkornet said in pfBlockerNG-devel feedback:

                                      So first off, was it supposed to be .*conf? Or *.conf? Secondly, what's this pfb_dnsbl_lighty.conf file?

                                      No this is not the correct way. Moving the asterisk as you did will include other temporary files that are in that folder.

                                      You seem to have some other issue with the Resolver configuration.

                                      Goto the pfSense DNS Resolver and increase the log verbosity to 2, and then review the resolver.log for additional clues.

                                      "Experience is something you don't get until just after you need it."

                                      Website: http://pfBlockerNG.com
                                      Twitter: @BBcan177  #pfBlockerNG
                                      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                                      1 Reply Last reply Reply Quote 0
                                      • Y
                                        yorke
                                        last edited by

                                        Hi all
                                        Everything was working fine no changes have been made but for the last couple days
                                        i have been getting the errors listed below
                                        DNSBL OUT OF SYNC
                                        *** DNSBL update [ 1308990 ] [ 1308991 ] ... OUT OF SYNC ! *** [ 10/10/18 17:52:40 ]
                                        followed listed instructions above to try and correct the errors with no luck
                                        DNSBL log attach

                                        Also getting
                                        domain/ referer feed
                                        iadsdk.apple.com [ Unknown ] Unknown
                                        DNSBL-HTTPS | Unknown Unknown
                                        ocsp.digicert.com [ Unknown ] Unknown
                                        www.youtube.com [ Unknown ] Unknown
                                        DNSBL-HTTPS | Unknown Unknown
                                        DNSBL-HTTPS | Unknown Unknown
                                        liveupdate.symantec.com [ Unknown ] Unknown

                                        Another
                                        disable log under floating rules doesn’t not seem to work for me, i created
                                        ipv4 list disable logs for that list and global log is also disable but the rules
                                        is still being created with log enable.
                                        0_1539269924600_DNSBL.txt

                                        1 Reply Last reply Reply Quote 0
                                        • BBcan177B
                                          BBcan177 Moderator
                                          last edited by

                                          @yorke

                                          The sync is off by one, so its not critical in the sense that its still going to block the domains listed. There is a disrepancy of the number of domains listed in the Unbound DB vs the /dnsbl/ folder.

                                          I'd suggest a Force Reload and see if that fixes it.

                                          "Experience is something you don't get until just after you need it."

                                          Website: http://pfBlockerNG.com
                                          Twitter: @BBcan177  #pfBlockerNG
                                          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                                          1 Reply Last reply Reply Quote 0
                                          • XentrkX
                                            Xentrk @BBcan177
                                            last edited by Xentrk

                                            @bbcan177
                                            I started seeing the SQLite3 error myself:

                                            Warning: SQLite3::exec(): database disk image is malformed in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3931 
Warning: SQLite3::exec(): database disk image is malformed in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 3934 
Warning: SQLite3::query(): Unable to prepare statement: 11, database disk image is malformed in /usr/local/www/widgets/widgets/pfblockerng.widget.php on line 297

                                            I first noticed it today when logging on to check for updates. The message appeared after the update.

                                            2.4.5-DEVELOPMENT (amd64)
Current Base System: 2.4.5.a.20181025.0115
built on Thu Oct 25 01:16:47 EDT 2018
FreeBSD 11.2-RELEASE-p4
pfBlockerNG	2.2.5_17

                                            I read thru the posts on how to fix. Just wanted to know know if there is any information you want before I take action.

                                            pfSense 2.4.4_2 | Intel i5-3450 @ 3.10GHz  | AES-NI enabled |  pfBlockerNG | Snort
                                            Blog Site: https://x3mtek.com || GitHub: https://github.com/Xentrk

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.