@SteveITS You are correct I did not see that. but either way it would not have worked as I was having a driver issue with RealTek NIC's switched to Intel's and most if not all errors in the log(s) are gone. Beside because of the NIC error GEOIP never got install correctly. it never downloaded the file(s) or database so either way I would have gotten a 401 or 404

One other rabbit I had to chase was Firewall Maximum Table Entries issue had to increase it from 40000 to 4000000 to stop the allocation error messages, got that resolve. from the log I was at 798000 with all the GEOIP and other stuff selected. Once I learn what I need and what is just my insanity I change it.

I believe I am up and running have no ideal of how protected I am. Still learning how to interpret the logs. I see allot of blocks, and allot of pass but the pass are from loopback and DNS (53) and a few others but the passes are only out going. from what I can tell all inbound are blocked and blocked even on the open ports I specified to be open ( special rule ) to allow only a specific range of IP's to pass to those ports, same as the Zywall USG20-VPN but as the Zywall GUI was easier, but limited. pFsense is more granular, but seem more effect. Kinda of like the Cisco PIX, it just understanding the syntax (pFsense) and the flow. I think I am getting there.

This forum is great, getting support for the Zywall (well I'll be nice) is like pulling your teeth out with pliers. The cost kept going up but the option kept going down. I have been paying for 1 GB for almost 2 years but because of the Zywall I was like getting 300 MBPS. Bought the USG60 to only find out it was not any better in throughput and the only way for ! GB was the buy business class, and the the VPN clients and the the Content Filter and then the Anti-Spam, but those are yearly cost and not one time license. Most of the License(s) on my Zywall were expired, just to expensive to maintain. I got the Zywall because of work, needed to be secure,

Well anyway sorry for rambling on, but this forum rocks. Easy to get answers and very informative.

I thank you
Dark Knight out.

@atlantakid I found how to add my URL but it is not reading it with "Update or Reload" from my local server, I can tell since I am watching the apache2 logs and there is not entry for reading that page!!,

I had to go to the Firewall / pfBlockerNG / IP / IPv4, click on PRI3 and at then I can add to the bottom of the list.

Looks like it can only pfsense can only look outside on open internet for the LIST and I have to figure out how to NAT that server request inward onto the LAN, I am getting this Error
Failed to connect to 192.168.3.31 port 80 after 15017 ms: Timeout was reached Retry [2] in 5 seconds...

Oh, all my formats are on AUTO, so I'll have to find out which list has GeoIP format.... :-(

So I have to go through all the non-custom lists? This could take while, and I don't know what to look for. Maybe there is a keyword like GEO-something?

EDIT: there might be an easier way, I just sift through the update.log of pfblocker and discard lists that show something like "Classifying repeat offenders by GeoIP".

EDIT2: Oh, the reputation functions dmax and pmax use GeoIP! I turned these on a week ago or so.... Embarrassing, I should have made the connection!

Thanks @Bob-Dig , I am confident that turning reputation off is the solution.

Will report back if I am wrong.. ✌

@mcury I see. Thanks.

@clevercompiler Hi, I switched to the devel version, but that didn't help. It ran for 6 hours or so, I am still getting notifications of crashes.

Thanks anyway,
Mario.

@yquirion I was surprised as well and was hoping it did not change my configuration which it did not. I was not aware about querying the database so I learned a very nice thing from you as well.

@meelek Thanks for the report. This will be fixed in the next version. Problem was that it was validating for Domain name which failed to validate just TLDs.

@bob-dig
I tryed to disabled all lists but Wa still not working.
And yes, no logging about the call blocks.
So you're disconnect from wifi every time you make or receive a call? I hope in a solution.

Ah, sorry if I misunderstood.

re: network alias, that can be one IP by using a /32 mask.

@alek said in pfBlockerNG blocking SMTP:

No ?

That's the easy / easier way.

Have a look at this list : Youtube Netgate everything you always wanted to know, and more.
There is a Muti WAN video. There is a video about VIP, Carps, etc.

The videos are old, but still very valid and very informative. It's a guy from Netgate talking about Netgate/pfSense.

@marco-42 Welcome

@rvjr said in IPv6 list generated IPv4 rule:

ok, that's weird. No I'm using the standard pfBlockerNG 2.1.4_26 on pfSense 21.05.2-RELEASE. I'll try switching the list action and see if that makes any difference.

Your problem is that you are using an old unsupported version of pfBlockerNG. The maintainer of pfBlockerNG, @BBcan177, does not recommend the use of that old version. The -devel version has been in use for 2 to 3 years now and is very stable and the only version currently being updated.

Make sure that the box is checked to save your current settings and then uninstall your current version of pfBlockerNG 2.1.4.26 and then install the -devel version 3.1.0_1. This should take care of the issues you are seeing, if not, post back to the forum and someone will help you.

@rvjr On pfSense unbound generally restarts. See
https://redmine.pfsense.org/issues/5413

@bob-dig said in IP logs are not being created/populated:

It is odd that this problem still exists for so long now. Sure, it is just an Package but it is the most important one in my book.

Yeah, @BBcan177 is likely a busy gentleman, but I’m sure a new build will surface eventually.

But pfBlockerNG is much more than “just a package”. I’ll bet you pfBlockerNG is BY FAR the most used package on pfSense. In fact I’d highly recommend Netgate to find the currency needed to purchase the talents of bbcan177 and the pfBlockerNG name, and start including it as a bulitin feature of pfsense. With the same development/maintenance and continuity as pfSense itself.

Without pfBlockerNG, pfSense would be a much much less relevant product.