@stephenw10 thanks to explain how that works. I was amazed about how much old items are listed in that config.xml file I never had pfblocker set to save configuration and but in the config.xml it was set to save. When I reinstalled it to remove it it still was set to not safe, I had to manually set to no and it finally removed it.

@motivio said in Rest DNSBL Block Stats: Hi, How can I rest the "DNSBL Block Stats" of the pfBlockerNG? Thanks! There are two ways you can do this. Go to Firewall / pfBlockerNG and then click on Logs tab. In dropdown menu under Log/File selection select dnsbl.log and click on a trash can to remove. [image: 1681179062819-2750dc31-42f8-4348-991d-87bccd753836-image-resized.png] Go to Diagnostics / Command Prompt and type this into Execute Shell Command field: rm -rf /var/log/pfblockerng/dnsbl.log Click on yellow execute button and thats it. [image: 1681179208056-880a2ea4-af7f-47f1-861e-13b3206be784-image.png]

To update this post, I apparently posted it again later on and received a answer found in this thread... https://forum.netgate.com/topic/169870/dnsbl-reputation-404-error-solved/4?_=1647182583544

@the-other said in DNSBL Stops DNS Service (Solved): pfblockerng_dev (do not know about the other one) does NOT reload a list from servers if there are noch changes. It seems "smart" enough to recognize a change in the list. No changed list > no download (at least that's what the log says... I hope so, I'm not so sure. File attributes, size, last modified time stamp etc are needed before the file gets downloaded again. But : /usr/local/pkg/pfblockerng/pfblockerng.inc line 3373 : if (($fhandle = @fopen("{$file_dwn}.raw", 'w')) !== FALSE) { The local destination file is opened for writing - so initial file size date etc are lost : CURL doesn't cache by itself : the file can only be re downloaded at this stage. Also : /usr/local/pkg/pfblockerng/pfblockerng.inc line 170 : CURLOPT_FRESH_CONNECT => true Now read Is there a way to tell curl to not use cache edit : I forget something : most feeds are https://..... and default TLS web server caching is : no caching. So even if you, on the receiving side, are ok to receive a cached version, you still get the entire file again. Btw :less used download methods like rsync are version/date/time aware.

@90ninety If your looking to block adult domain names, you can also add one of the Chad Mayfield lists. They're under Firewall > pfBlockerNG > Feeds > Firebog_Other (all the way at the bottom of the feeds list). There are two you can choose from.

Amigos, a solução para o meu problema foi aumentar as entradas máximas da tabela do firewall no campo: System / Advanced / Firewall e NAT Mudei o valor padrão de 400000 para 800000, mas o valor fica a critério de cada um de acordo a sua necessidade.

There is a Sync Tab that enable you to XMLRPC Sync to other hosts. Another option is to copy/paste pfblockerNG settings from a config.xml to the other pfsense config.xml