pfBlockerNG Devel 2.2.1 upgrade fails to start pfb_dnsbl service



  • Hello,

    I upgraded to pfBlockerNG devel 2.2.1 tonight for the report graphs and extra visibility, and after wrangling with it for a while, I can't seem to figure out why pfb_dnsbl service won't start up. I'm not seeing anything in the logs as to why it won't start, any ideas on what might be wrong, or where i can check for more clues?



  • @mcampbell Did you uninstall the previous version (with or without keep settings checked, I would not recommend to keep your settings, but start from scratch). You could read this one https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/



  • At first I did not, I was actually following that same article, but missed that step. I later did uninstall, and reinstall. That didn't work, so I completely uninstalled and removed settings, then installed again, adding settings back in manually, but that didn't help either.



  • @mcampbell Try a reboot of pfSense



  • Did you ran a Force Reload All and inspect the log?
    Anything in the System Logs? Resolver Logs?



  • Qinn, I did try a reboot, but pfb_dnsbl still will not start up. The service pfb_filter and DNS Resolver does start up properly though. I have a pfblockerng widget on the pfsense home page. It registers the blocks occurring for the IP based blocks, but does not register any of the dnsbl statistics ( they are listed, but stay at zero).

    RonpfS, I did reload all and watched the output as it went along. There's no indications of any failures, as it says it does everything successfully. Below is the output. As for the system logs, and resolver logs, I don't see any alerts regarding pfblockerng in it. Resolver logs show that resolver can't resolve anything. Looking through DNS Resolver's config page, I see every option checked, port 53, all interfaces selected, system domain local zone type settings set to transparent, and there is one custom option: server:include: /var/unbound/pfb_dnsbl.*conf

     UPDATE PROCESS START [ 08/12/18 13:48:20 ]
    
    ===[  DNSBL Process  ]================================================
    
     Loading DNSBL Statistics... completed
     Loading DNSBL Whitelist... completed
    
    [ EasyList ]			 Reload [ 08/12/18 13:48:21 ] . completed ..
      Whitelist: ad.doubleclick.net|amazon-adsystem.com|entrecard.s3.amazonaws.com|googleads.g.doubleclick.net|googletagservices.com|imasdk.googleapis.com|ltassrv.com.s3.amazonaws.com|partner.googleadservices.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      16200    15646      0          8          0          15638                
      ----------------------------------------------------------------------
    
    [ Adaway ]			 Reload [ 08/12/18 13:48:23 ] . completed ..
      Whitelist: aax-us-east.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|ad.doubleclick.net|admarvel.s3.amazonaws.com|campaign-tapad.s3.amazonaws.com|google-analytics.com|googleads.g.doubleclick.net|html5adkit.plusmo.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|s.amazon-adsystem.com|s0.2mdn.net|strikeadcdn.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      409      409        5          13         0          391                  
      ----------------------------------------------------------------------
    
    [ D_Me_ADs ]			 Reload . completed ..
      Whitelist: admarvel.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|entrecard.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|pagead.l.google.com|partnerad.l.google.com|video-stats.video.google.com|yab-adimages.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      2703     2703       443        10         0          2250                 
      ----------------------------------------------------------------------
    
    [ D_Me_Tracking ]		 Reload [ 08/12/18 13:48:24 ] . completed ..
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      34       34         6          0          0          28                   
      ----------------------------------------------------------------------
    
    [ hpHosts_ATS ]			 Reload . completed ..
      Whitelist: a6522.s3-website-us-east-1.amazonaws.com|aax-eu-rtb.amazon-adsystem.com|aax-eu.amazon-adsystem.com|aax-fe-sin.amazon-adsystem.com|aax-fe.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|ad-creatives-public.commondatastorage.googleapis.com|ad.doubleclick.net|admarvel.s3.amazonaws.com|ads.google.com|ads_ad_center.s3.amazonaws.com|adstracking.s3-website-us-west-1.amazonaws.com|advice-ads.s3.amazonaws.com|advrts.s3.amazonaws.com|adzerk-www.s3.amazonaws.com|airpushmarketing.s3.amazonaws.com|analytics.google.com|analyticsengine.s3.amazonaws.com|applab-sdk.amazon.com|arabmistress.s3.amazonaws.com|blamads-assets.s3.amazonaws.com|bo-videos.s3.amazonaws.com|c.amazon-adsystem.com|cadreon.s3.amazonaws.com|campaign-tapad.s3.amazonaws.com|cd-ladsp-com.s3.amazonaws.com|cdn.doubleverify.com|ce2-dev-trk.s3.amazonaws.com|ce2-dev.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|cloudfront-labs.amazonaws.com|com.djinnworks.sdm.s3.amazonaws.com|convertglobal.s3.amazonaws.com|demandmedia.s3.amazonaws.com|deskwww.s3.amazonaws.com|device-metrics-us-2.amazon.com|ec2-54-171-97-32.eu-west-1.compute.amazonaws.com|ec2-54-225-149-4.compute-1.amazonaws.com|ec2-54-235-183-132.compute-1.amazonaws.com|epowernetworktrackerimages.s3.amazonaws.com|evs-hosted-14facd241e1c08.s3.amazonaws.com|fls-eu.amazon-adsystem.com|fls-eu.amazon.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|forumwarz.s3.amazonaws.com|gateways.s3.amazonaws.com|getbarometer.s3.amazonaws.com|getsidecar.s3.amazonaws.com|gfaf-banners.s3.amazonaws.com|gg.google.com|google-analytics.com|googleads.g.doubleclick.net|googleadservices.com|googletagmanager.com|homad-global-configs-eu-fra.schneevonmorgen.com.s3.amazonaws.com|html5adkit.plusmo.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|id.google.com|immassets.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|inpref.s3-external-3.amazonaws.com|inpref.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|ir-de.amazon-adsystem.com|ir-jp.amazon-adsystem.com|ir-na.amazon-adsystem.com|kkastatic.s3.amazonaws.com|kraken-measurements.s3.amazonaws.com|livechat.s3.amazonaws.com|loved-by.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|mads.amazon-adsystem.com|magnify360-cdn.s3.amazonaws.com|matchbin-assets.s3.amazonaws.com|myadserve.s3-website-us-east-1.amazonaws.com|news-whistleout.s3.amazonaws.com|nxa-ls.s3.amazonaws.com|optimizely.s3.amazonaws.com|pagead2.googleadservices.com|partner.googleadservices.com|ps-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-images.amazon.com|rcm.amazon.com|rich-agent.s3.amazonaws.com|s.amazon-adsystem.com|s0.2mdn.net|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|sdsbucket.s3.amazonaws.com|spyhunter-download.s3.amazonaws.com|ssl.google-analytics.com|strikeadcdn.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|trafficads.s3-website-us-west-1.amazonaws.com|tree-pixel-log.s3.amazonaws.com|twitter-badges.s3.amazonaws.com|v.amazon-adsystem.com|vice-ads.s3.amazonaws.com|video-stats.video.google.com|whistleout.s3.amazonaws.com|wms-eu.amazon-adsystem.com|wms-fe.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|ws.amazon.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|yc-ads.s3.amazonaws.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      45751    45748      2267       115        0          43366                
      ----------------------------------------------------------------------
    
    [ Cameleon ]			 Reload [ 08/12/18 13:48:33 ] . completed ..
      Whitelist: 4.afs.googleadservices.com|aax-eu.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax.amazon-adsystem.com|ad.doubleclick.net|adwords.google.com|c.amazon-adsystem.com|cdn.doubleverify.com|fls-eu.amazon-adsystem.com|fls-na.amazon-adsystem.com|google-analytics.com|googleads.g.doubleclick.net|ir-de.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|pagead-googlehosted.l.google.com|pagead2.googleadservices.com|partner.googleadservices.com|ps-eu.amazon-adsystem.com|ps-us.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-images.amazon.com|rcm-na.amazon-adsystem.com|rcm.amazon.com|s.amazon-adsystem.com|s0.2mdn.net|ssl.google-analytics.com|tags.tiqcdn.com|video-stats.video.google.com|wms-eu.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      20567    20567      5943       39         0          14585                
      ----------------------------------------------------------------------
    
    [ SBL_ADs ]			 Reload [ 08/12/18 13:48:36 ] . completed ..
      Whitelist: aax-cpm.amazon-adsystem.com|aax.amazon-adsystem.com|admarvel.s3.amazonaws.com|ads.amazon.com|ads.google.com|ads5.iphone.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|c.amazon-adsystem.com|entrecard.s3.amazonaws.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|googleadservices.com|interactive-assets.s3.amazonaws.com|ir-na.amazon-adsystem.com|ltassrv.com.s3.amazonaws.com|mads.amazon-adsystem.com|pagead.l.google.com|partnerad.l.google.com|ps-us.amazon-adsystem.com|rcm-cn.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-na.amazon-adsystem.com|s.amazon-adsystem.com|s0.2mdn.net|video-stats.video.google.com|wms-fe.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-fe.amazon-adsystem.com|ws-na.amazon-adsystem.com|yab-adimages.s3.amazonaws.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      4553     4553       4031       34         0          488                  
      ----------------------------------------------------------------------
    
    [ Yoyo ]			 Reload [ 08/12/18 13:48:37 ] . completed ..
      Whitelist: adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|analytics.google.com|clientmetrics-pa.googleapis.com|digital-ads.s3.amazonaws.com|entrecard.s3.amazonaws.com|google-analytics.com|googleadservices.com|pagead.l.google.com|partnerad.l.google.com|video-stats.video.google.com|www-google-analytics.l.google.com|yab-adimages.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      2621     2621       2298       14         0          309                  
      ----------------------------------------------------------------------
    
    [ StevenBlack ]			 Reload [ 08/12/18 13:48:38 ] . completed ..
      Whitelist: 4.afs.googleadservices.com|aan.amazon.com|aax-cpm.amazon-adsystem.com|aax-eu-rtb-adx.amazon-adsystem.com|aax-eu-rtb.amazon-adsystem.com|aax-eu-test.amazon-adsystem.com|aax-eu-test1.amazon-adsystem.com|aax-eu-test2.amazon-adsystem.com|aax-eu-test3.amazon-adsystem.com|aax-eu.amazon-adsystem.com|aax-fe-pek.amazon-adsystem.com|aax-fe-sin-rtb-adx.amazon-adsystem.com|aax-fe-sin-rtb.amazon-adsystem.com|aax-fe-sin.amazon-adsystem.com|aax-fe.amazon-adsystem.com|aax-opf-us-east.amazon-adsystem.com|aax-us-east-rtb-adx.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east-test.amazon-adsystem.com|aax-us-east-test1.amazon-adsystem.com|aax-us-east-test2.amazon-adsystem.com|aax-us-east-test3.amazon-adsystem.com|aax-us-east-test4.amazon-adsystem.com|aax-us-east-test5.amazon-adsystem.com|aax-us-east-test6.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx-rtb-adx.amazon-adsystem.com|aax-us-pdx-rtb.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|aax-vx-eu-dub.amazon-adsystem.com|aax-vx-eu-eu-west-1.amazon-adsystem.com|aax-vx-fe-pdx.amazon-adsystem.com|aax-vx-fe-us-west-2.amazon-adsystem.com|aax-vx-us-iad.amazon-adsystem.com|aax-vx-us-pdx.amazon-adsystem.com|aax-vx-us-us-east-1.amazon-adsystem.com|aax-vx-us-us-west-2.amazon-adsystem.com|aax.amazon-adsystem.com|aax.amazon.amazon-adsystem.com|ad.doubleclick.net|adagiobanner.s3.amazonaws.com|admarvel.s3.amazonaws.com|adserver-clarium-446793891.us-east-1.elb.amazonaws.com|adservers-users-1-1251423768.us-east-1.elb.amazonaws.com|adservice.google.com|adservices.google.com|adtago.s3.amazonaws.com|advice-ads.s3.amazonaws.com|adzerk.s3.amazonaws.com|alb-prod-invenio-1916515004.us-west-2.elb.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|analytics.google.com|anvato-api-config.s3.amazonaws.com|api-ntv-elb-1185445618.us-east-1.elb.amazonaws.com|appsflyer-web-1810875176.eu-west-1.elb.amazonaws.com|appsflyer-web-2-1926050047.eu-west-1.elb.amazonaws.com|appsflyer-web-3-1052820924.eu-west-1.elb.amazonaws.com|appsflyer-web-4-962407740.eu-west-1.elb.amazonaws.com|appsflyer-web-5-2093104013.eu-west-1.elb.amazonaws.com|assoc-msdk-cn.amazon-adsystem.com|assoc-msdk-eu.amazon-adsystem.com|assoc-msdk-fe.amazon-adsystem.com|assoc-msdk-metrics-us.amazon-adsystem.com|assoc-msdk-us.amazon-adsystem.com|beacon-17-537698933.us-east-1.elb.amazonaws.com|btf-analytics.s3.amazonaws.com|bugsnag.appstore.a2z.com|builds.aca.bugsnag.appstore.a2z.com|builds.bugsnag.appstore.a2z.com|builds.firetv.bugsnag.appstore.a2z.com|c.amazon-adsystem.com|campaign-tapad.s3.amazonaws.com|cctldtest.google-analytics.com|cdn-a.amazon-adsystem.com|cdn-c.amazon-adsystem.com|cdn-d.amazon-adsystem.com|cdn-s.amazon-adsystem.com|cdn-t.amazon-adsystem.com|cdn-z.amazon-adsystem.com|cdn.doubleverify.com|cdn.installationsafe.net.s3.amazonaws.com|clientmetrics-pa.googleapis.com|cookiesync-mynativeplatform-347915877.us-east-1.elb.amazonaws.com|da-cdn.amazon-adsystem.com|da-v-eu.amazon-adsystem.com|da-v-fe.amazon-adsystem.com|da-v-na.amazon-adsystem.com|da-v-sin.amazon-adsystem.com|dashboard.1p.bugsnag.appstore.a2z.com|dashboard.aca.bugsnag.appstore.a2z.com|dashboard.bugsnag.appstore.a2z.com|dashboard.firetv.bugsnag.appstore.a2z.com|dataswitch-ads-75496044.us-east-1.elb.amazonaws.com|dcs-edge-va6-802167536.us-east-1.elb.amazonaws.com|device-fingerprintdb-v1.s3.amazonaws.com|device-metrics-us-2.amazon.com|device-metrics-us.amazon.com|digital-ads.s3.amazonaws.com|dra-eu.amazon-adsystem.com|dra.amazon-adsystem.com|dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com|ec2-13-58-215-234.us-east-2.compute.amazonaws.com|ecommstats.s3.amazonaws.com|entrecard.s3.amazonaws.com|exitsplash.s3.amazonaws.com|feedads.googleadservices.com|fls-cn.amazon-adsystem.com|fls-eu.amazon-adsystem.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|fls-na.amazon.com|google-analytics.com|googleads.g.doubleclick.net|googleadservices.com|googletagservices.com|gx-in-f109.1e100.net|hooks.1p.bugsnag.appstore.a2z.com|hooks.aca.bugsnag.appstore.a2z.com|hooks.bugsnag.appstore.a2z.com|hooks.firetv.bugsnag.appstore.a2z.com|html5adkit.plusmo.s3.amazonaws.com|htmlads.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|imasdk.googleapis.com|inneractive-assets.s3.amazonaws.com|insight-760077375.us-east-1.elb.amazonaws.com|ir-br.amazon-adsystem.com|ir-ca.amazon-adsystem.com|ir-cn.amazon-adsystem.com|ir-de.amazon-adsystem.com|ir-es.amazon-adsystem.com|ir-fr.amazon-adsystem.com|ir-in.amazon-adsystem.com|ir-it.amazon-adsystem.com|ir-jp.amazon-adsystem.com|ir-mx.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|load.s3.amazonaws.com|localhost.localdomain|log-c-907025318.us-east-1.elb.amazonaws.com|logger-prod-us-east-1-vpc-alb-1251201355.us-east-1.elb.amazonaws.com|m4.afs.googleadservices.com|mads-eu.amazon-adsystem.com|mads-fe.amazon-adsystem.com|mads.amazon-adsystem.com|mads.amazon.com|mas-sdk.amazon-adsystem.com|matchbin-assets.s3.amazonaws.com|metrics-collector-1584522448.us-east-1.elb.amazonaws.com|mimageads.googleadservices.com|mimageads1.googleadservices.com|mimageads2.googleadservices.com|mimageads3.googleadservices.com|mimageads4.googleadservices.com|mimageads5.googleadservices.com|mimageads6.googleadservices.com|mimageads7.googleadservices.com|mimageads8.googleadservices.com|mimageads9.googleadservices.com|mobileanalytics.us-east-1.amazonaws.com|mobileanalytics.us-east-2.amazonaws.com|mobileanalytics.us-west-1.amazonaws.com|mobileanalytics.us-west-2.amazonaws.com|mondoads.s3.amazonaws.com|mpartner.googleadservices.com|mu-in-f167.1e100.net|ncads.s3.amazonaws.com|nginx-ad-stacka-1467818758.us-east-1.elb.amazonaws.com|notify.1p.bugsnag.appstore.a2z.com|notify.aca.bugsnag.appstore.a2z.com|notify.bugsnag.appstore.a2z.com|notify.firetv.bugsnag.appstore.a2z.com|pagead-googlehosted.l.google.com|pagead.l.google.com|pagead2.googleadservices.com|partner.googleadservices.com|partnerad.l.google.com|partners-1732315393.us-east-1.elb.amazonaws.com|pixel-use201-lighttpd-elb-1612913623.us-east-2.elb.amazonaws.com|privacycollector-production-457481513.us-east-1.elb.amazonaws.com|production-adserver-666328397.us-east-1.elb.amazonaws.com|propixel7-768394228.us-east-1.elb.amazonaws.com|ps-eu.amazon-adsystem.com|ps-jp.amazon-adsystem.com|ps-us.amazon-adsystem.com|rcm-cn.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-images.amazon.com|rcm-na.amazon-adsystem.com|rcm.amazon.com|replicated.aca.bugsnag.appstore.a2z.com|replicated.firetv.bugsnag.appstore.a2z.com|rpc-tapjoy-com-lb-1378811527.us-east-1.elb.amazonaws.com|rumcollector-lb-304223083.us-east-1.elb.amazonaws.com|s-beta-opf.amazon-adsystem.com|s-beta.amazon-adsystem.com|s.amazon-adsystem.com|s0.2mdn.net|sejs.moatads.com|sessions.aca.bugsnag.appstore.a2z.com|sessions.bugsnag.appstore.a2z.com|sessions.firetv.bugsnag.appstore.a2z.com|slate-ad-scripts.s3.amazonaws.com|somoreq-track-west-1951866777.us-west-1.elb.amazonaws.com|springclick-ads.s3.amazonaws.com|spyhunter-download.s3.amazonaws.com|ssl.google-analytics.com|static-shareaholic.s3.amazonaws.com|strikeadcdn.s3.amazonaws.com|sync.cmedia.s3.amazonaws.com|tags.tiqcdn.com|tapjoy-com-lb-vpc-332546193.us-east-1.elb.amazonaws.com|thepiratebay.org|tps.doubleverify.com|tracker-sp-elb-1474841806.us-east-1.elb.amazonaws.com|tracking-prod-public-2025738748.us-east-1.elb.amazonaws.com|tracking.opencandy.com.s3.amazonaws.com|uedata.amazon.com|upload.1p.bugsnag.appstore.a2z.com|upload.aca.bugsnag.appstore.a2z.com|upload.bugsnag.appstore.a2z.com|upload.firetv.bugsnag.appstore.a2z.com|v-eu-preprod.amazon-adsystem.com|v-eu.amazon-adsystem.com|v-preprod.amazon-adsystem.com|v.amazon-adsystem.com|vaes-eu-preprod.amazon-adsystem.com|vaes-eu.amazon-adsystem.com|vaes-fe-preprod.amazon-adsystem.com|vaes-fe.amazon-adsystem.com|vaes-na-preprod.amazon-adsystem.com|vaes-na.amazon-adsystem.com|vaes-preprod.dub.amazon-adsystem.com|vaes-preprod.iad.amazon-adsystem.com|vaes-preprod.pdx.amazon-adsystem.com|vaes.amazon-adsystem.com|vaes.dub.amazon-adsystem.com|vaes.iad.amazon-adsystem.com|vaes.iad.preprod.amazon-adsystem.com|vaes.pdx.amazon-adsystem.com|vaes.pdx.preprod.amazon-adsystem.com|video-stats.video.google.com|viewerstats.docstoc.com.s3.amazonaws.com|vml1.s3.amazonaws.com|vpc-prod-adsdk-lb-0-564898962.us-east-1.elb.amazonaws.com|wms-cn.amazon-adsystem.com|wms-eu.amazon-adsystem.com|wms-fe.amazon-adsystem.com|wms-in.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-cn.amazon-adsystem.com|ws-ea.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-fe.amazon-adsystem.com|ws-in.amazon-adsystem.com|ws-na.amazon-adsystem.com|www-google-analytics.l.google.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|www.partner.googleadservices.com|www.thepiratebay.org|yab-adimages.s3.amazonaws.com|yx-in-f108.1e100.net|z-eu.amazon-adsystem.com|z-fe.amazon-adsystem.com|z-in.amazon-adsystem.com|z-na.amazon-adsystem.com|znaptag-us.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      71981    71981      17256      274        0          54451                
      ----------------------------------------------------------------------
    
    ------------------------------------------------------------------------
    Assembling DNSBL database... completed [ 08/12/18 13:48:53 ]
    TLD:
     Blocking full TLD/Sub-Domain(s)... |xxx| completed
    TLD analysis.. completed [ 08/12/18 13:49:24 ]
    TLD finalize...........
     ----------------------------------------
     Original    Matches    Removed    Final     
     ----------------------------------------
     131506      46838      58151      73355     
     -----------------------------------------
    TLD finalize... completed [ 08/12/18 13:49:33 ]
    
    Saving DNSBL database... completed
    Reloading Unbound Resolver..... completed [ 08/12/18 13:49:41 ]
    DNSBL update [ 73355 | PASSED  ]... completed
    ------------------------------------------------------------------------
    Restarting DNSBL Service
    
    ===[  GeoIP Process  ]============================================
    
    
    ===[  IPv4 Process  ]=================================================
    
    [ Abuse_DYRE_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      6        6          6           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Feodo_BadIPs_v4 ]		 Reload [ 08/12/18 13:49:42 ] . completed ..
      Empty file, Adding '10.1.10.2' to avoid download failure.
      ------------------------------
      Original Master     Final     
      ------------------------------
      0        1          1           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Feodo_Block_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      1498     1498       1498        [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_IPBL_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      315      315        315         [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_SSLBL_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      55       54         54          [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_Zeus_v4 ]		 Reload [ 08/12/18 13:49:43 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      104      103        103         [ Pass ] 
      -----------------------------------------------------------------
    
    [ BBC_C2_v4 ]			 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      183      166        166         [ Pass ] 
      -----------------------------------------------------------------
    
    [ CINS_army_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      15000    15000      15000       [ Pass ] 
      -----------------------------------------------------------------
    
    [ ET_Block_v4 ]			 Reload [ 08/12/18 13:49:45 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      2422     828        828         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ET_Comp_v4 ]			 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      699      630        630         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ISC_1000_30_v4 ]		 Reload [ 08/12/18 13:49:46 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      8004     239        239         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ISC_Block_v4 ]		 Reload [ 08/12/18 13:49:47 ] . completed ..
      Empty file, Adding '10.1.10.2' to avoid download failure.
      ------------------------------
      Original Master     Final     
      ------------------------------
      0        0          0           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Spamhaus_Drop_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      828      1          1           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Spamhaus_eDrop_v4 ]		 Reload [ 08/12/18 13:49:48 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      115      105        105         [ Pass ] 
      -----------------------------------------------------------------
    
    [ Talos_BL_v4 ]			 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      1470     1384       1384        [ Pass ] 
      -----------------------------------------------------------------
    
    
    ===[  IPv6 Process  ]=================================================
    
    
    ===[  Aliastables / Rules  ]==========================================
    
    No changes to Firewall rules, skipping Filter Reload
    
     Updating: pfB_PRI1_v4
    no changes.
    
    
    Archiving Aliastable folder
    
    
    Archiving selected pfBlockerNG files.
    
    ===[  Kill States  ]==================================================
    
    Firewall state(s) validation for [ 154 ] IPv4 address(es)...
    No matching states found
    
    ======================================================================
    
    ===[ FINAL Processing ]=====================================
    
       [ Original IP count   ]  [ 30699 ]
    
       [ Final IP Count  ]  [ 20330 ]
    
    
    ===[ Deny List IP Counts ]===========================
    
       20331 total
       15000 /var/db/pfblockerng/deny/CINS_army_v4.txt
        1498 /var/db/pfblockerng/deny/Feodo_Block_v4.txt
        1384 /var/db/pfblockerng/deny/Talos_BL_v4.txt
         828 /var/db/pfblockerng/deny/ET_Block_v4.txt
         630 /var/db/pfblockerng/deny/ET_Comp_v4.txt
         315 /var/db/pfblockerng/deny/Abuse_IPBL_v4.txt
         239 /var/db/pfblockerng/deny/ISC_1000_30_v4.txt
         166 /var/db/pfblockerng/deny/BBC_C2_v4.txt
         105 /var/db/pfblockerng/deny/Spamhaus_eDrop_v4.txt
         103 /var/db/pfblockerng/deny/Abuse_Zeus_v4.txt
          54 /var/db/pfblockerng/deny/Abuse_SSLBL_v4.txt
           6 /var/db/pfblockerng/deny/Abuse_DYRE_v4.txt
           1 /var/db/pfblockerng/deny/Spamhaus_Drop_v4.txt
           1 /var/db/pfblockerng/deny/ISC_Block_v4.txt
           1 /var/db/pfblockerng/deny/Feodo_BadIPs_v4.txt
    
    ====================[ Empty Lists w/10.1.10.2 ]==================
    
    Feodo_BadIPs_v4.txt
    ISC_Block_v4.txt
    
    ===[ DNSBL Domain/IP Counts ] ===================================
    
       73355 total
       35827 /var/db/pfblockerng/dnsbl/StevenBlack.txt
       15602 /var/db/pfblockerng/dnsbl/EasyList.txt
       10922 /var/db/pfblockerng/dnsbl/hpHosts_ATS.txt
        8115 /var/db/pfblockerng/dnsbl/Cameleon.txt
        2046 /var/db/pfblockerng/dnsbl/D_Me_ADs.txt
         457 /var/db/pfblockerng/dnsbl/SBL_ADs.txt
         300 /var/db/pfblockerng/dnsbl/Yoyo.txt
          58 /var/db/pfblockerng/dnsbl/Adaway.txt
          27 /var/db/pfblockerng/dnsbl/D_Me_Tracking.txt
           1 /var/db/pfblockerng/dnsbl/DNSBL_TLD.txt
    
    ====================[ IPv4/6 Last Updated List Summary ]==============
    
    May 27	06:58	Spamhaus_eDrop_v4
    Jul 18	05:15	Abuse_DYRE_v4
    Aug 10	00:22	Spamhaus_Drop_v4
    Aug 10	00:30	ET_Block_v4
    Aug 10	00:30	ET_Comp_v4
    Aug 12	13:15	BBC_C2_v4
    Aug 12	13:19	CINS_army_v4
    Aug 12	13:30	Abuse_SSLBL_v4
    Aug 12	13:31	ISC_Block_v4
    Aug 12	13:35	Talos_BL_v4
    Aug 12	13:40	Abuse_IPBL_v4
    Aug 12	13:46	Feodo_BadIPs_v4
    Aug 12	13:46	Feodo_Block_v4
    Aug 12	13:46	Abuse_Zeus_v4
    Aug 12	13:47	ISC_1000_30_v4
    
    ====================[ DNSBL Last Updated List Summary ]==============
    
    Jul 31	2015	D_Me_Tracking
    Mar 9	2016	D_Me_ADs
    Jan 20	2018	Adaway
    Mar 18	05:51	Cameleon
    Aug 8	09:37	hpHosts_ATS
    Aug 11	04:29	Yoyo
    Aug 12	09:17	SBL_ADs
    Aug 12	13:40	EasyList
    Aug 12	13:45	StevenBlack
    ===============================================================
    
    Database Sanity check [  PASSED  ]
    ------------------------
    Masterfile/Deny folder uniq check
    Deny folder/Masterfile uniq check
    
    Sync check (Pass=No IPs reported)
    ----------
    
    Alias table IP Counts
    -----------------------------
       20331 total
       20331 /var/db/aliastables/pfB_PRI1_v4.txt
           0 /var/db/aliastables/pfB_DNSBLIP.txt
    
    pfSense Table Stats
    -------------------
    table-entries hard limit  2000000
    Table Usage Count         23580
    
     UPDATE PROCESS ENDED [ 08/12/18 13:49:58 ]
    
    


  • @mcampbell Do you have Logging enabled for the DSNBL tables ?
    Do you see something in dnsbl.log?



  • RonpfS, as far as I can tell, logging is enabled, but dnsbl.log is empty.



  • Are you asking if I can browse to that url literally? or is VIP supposed to be replaced by something?



  • @mcampbell
    Ping the VIP , traceroute the VIP, try to open to http://VIP ?
    VIP being the Virtual IP Address configured in DNSBL tab.
    Also check the NAT and FW Rules related to the VIP.

    Also try to open one of the blocked domains from your list.



  • no, the vip is not reachable. When I go to Firewall -> Virtual IPs, it is listed there. Additionally, there are autogenerated rules in the floating section that allow connections to the vip ip. So I assume that means that the firewall is not preventing it, it just doesn't have any service running to receive it.



  • @mcampbell And you have DNSBL enabled ?

    Maybe disable pfblockerNG, uninstall, install again, Force Reload All



  • yes, DNSBL is enabled in Firewall -> pfblockerNG -> DNSBL. I've already uninstalled pfblockerNG, making sure keep settings was not selected, and reinstalled, and manually put settings back in, and rebooted pfsense for good measure. Do you feel that doing that again may help?



  • @mcampbell No need to reconfigure from scratch. Disable it, keep settings, uninstall, install.
    Take a look at the uninstall and install logs.
    Enable, Force Reload ALL



  • Also, tried going to a url in one of the DNSBL lists, and it just times out, but nothing about it shows up in statistics.



  • @mcampbell Once you have uninstalled pfBlockerNG, take a look at the Services tab to make sure no pfBlockerNG services are still there.



  • Problem appears to be the same. I did as you asked, disabled pfblockerNG, checked the status of the services and found both pfb_dnsbl and pfb_filter disabled, then uninstalled, confirmed that both services were missing from the service list, and then reinstalled it, enabled, and did a force reload all. pfb_dnsbl still won't start up. But pfb_filter loads up just fine. Below are reinstall logs and reload logs, again, don't see any errors in them.

    Reinstall logs:

    Updating pfSense-core repository catalogue...
    pfSense-core repository is up to date.
    Updating pfSense repository catalogue...
    pfSense repository is up to date.
    All repositories are up to date.
    Checking integrity... done (0 conflicting)
    The following 9 package(s) will be affected (of 0 checked):
    
    New packages to be INSTALLED:
    	pfSense-pkg-pfBlockerNG-devel: 2.2.1 [pfSense]
    	lighttpd: 1.4.48_1 [pfSense]
    	lua52: 5.2.4 [pfSense]
    	whois: 5.2.17 [pfSense]
    	GeoIP: 1.6.11 [pfSense]
    	iprange: 1.0.3 [pfSense]
    	grepcidr: 2.0 [pfSense]
    	pecl-intl: 3.0.0_11 [pfSense]
    	icu: 60.2_1,1 [pfSense]
    
    Number of packages to be installed: 9
    
    The process will require 53 MiB more space.
    [1/9] Installing lua52-5.2.4...
    [1/9] Extracting lua52-5.2.4: ......... done
    [2/9] Installing icu-60.2_1,1...
    [2/9] Extracting icu-60.2_1,1: .......... done
    [3/9] Installing lighttpd-1.4.48_1...
    ===> Creating groups.
    Using existing group 'www'.
    ===> Creating users
    Using existing user 'www'.
    [3/9] Extracting lighttpd-1.4.48_1: .......... done
    [4/9] Installing whois-5.2.17...
    [4/9] Extracting whois-5.2.17: .......... done
    [5/9] Installing GeoIP-1.6.11...
    [5/9] Extracting GeoIP-1.6.11: .......... done
    [6/9] Installing iprange-1.0.3...
    [6/9] Extracting iprange-1.0.3: ..... done
    [7/9] Installing grepcidr-2.0...
    [7/9] Extracting grepcidr-2.0: ..... done
    [8/9] Installing pecl-intl-3.0.0_11...
    [8/9] Extracting pecl-intl-3.0.0_11: .......... done
    [9/9] Installing pfSense-pkg-pfBlockerNG-devel-2.2.1...
    [9/9] Extracting pfSense-pkg-pfBlockerNG-devel-2.2.1: .......... done
    Saving updated package information...
    done.
    Loading package configuration... done.
    Configuring package components...
    Loading package instructions...
    Custom commands...
    Executing custom_php_install_command()...
    Downloading MaxMind GeoIP databases. This may take a minute...
     GeoIP.dat... done.
     GeoIPv6.dat... done.
     GeoLite2-Country-CSV.zip... done.
    Downloading MaxMind GeoIP databases... done.
    Converting MaxMind GeoIP databases for pfBlockerNG.
     This may take a few minutes...
    Creating pfBlockerNG Continent PHP files...
    Adding pfBlockerNG Widget to the Dashboard...
    Remove any existing and create links for Firewall filter executables... done.
    Creating Firewall filter service... done.
    Remove any existing and create link for DNSBL lighttpd executable... done.
    Creating DNSBL service... done.
    Creating DNSBL web server config ... done.
    Creating DNSBL Certificate... done.
    Re-starting DNSBL Service... done.
    Upgrading Adv. Inbound firewall rule settings ... no changes required ... done.
    Upgrading OpenVPN/IPSec interface selections... no changes required ... done.
    Upgrading EasyList/Easyprivacy category settings... no changes required ... done.
    Upgrading Proofpoint/ET IQRisk settings... no changes required ... done.
    Upgrading General Tab -> IP Tab settings... no changes required ... done.
    Upgrading pfBlockerNGSuppress Alias -> IPv4 Suppression Customlist... no changes required ... done.
    Custom commands completed ... done.
    Executing custom_php_resync_config_command()...done.
    Menu items... done.
    Services... done.
    Writing configuration... done.
    Message from lua52-5.2.4:
    
    ===>   NOTICE:
    
    The lua52 port currently does not have a maintainer. As a result, it is
    more likely to have unresolved issues, not be up-to-date, or even be removed in
    the future. To volunteer to maintain this port, please create an issue at:
    
    https://bugs.freebsd.org/bugzilla
    
    More information about port maintainership is available at:
    
    https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port
    Message from GeoIP-1.6.11:
    
    GeoIP does not ship with the actual data files. You must download
    them yourself! Please run:
    # /usr/local/bin/geoipupdate.sh
    >>> Cleaning up cache... done.
    Success
    

    Reload-All:

    
    ===[  DNSBL Process  ]================================================
    
     Loading DNSBL Statistics... completed
     Loading DNSBL Whitelist... completed
    
    [ EasyList ]			 Reload . completed ..
      Whitelist: ad.doubleclick.net|amazon-adsystem.com|entrecard.s3.amazonaws.com|googleads.g.doubleclick.net|googletagservices.com|imasdk.googleapis.com|ltassrv.com.s3.amazonaws.com|partner.googleadservices.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      16200    15646      0          8          0          15638                
      ----------------------------------------------------------------------
    
    [ Adaway ]			 Reload [ 08/12/18 15:13:15 ] . completed ..
      Whitelist: aax-us-east.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|ad.doubleclick.net|admarvel.s3.amazonaws.com|campaign-tapad.s3.amazonaws.com|google-analytics.com|googleads.g.doubleclick.net|html5adkit.plusmo.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|s.amazon-adsystem.com|s0.2mdn.net|strikeadcdn.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      409      409        5          13         0          391                  
      ----------------------------------------------------------------------
    
    [ D_Me_ADs ]			 Reload . completed ..
      Whitelist: admarvel.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|entrecard.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|pagead.l.google.com|partnerad.l.google.com|video-stats.video.google.com|yab-adimages.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      2703     2703       443        10         0          2250                 
      ----------------------------------------------------------------------
    
    [ D_Me_Tracking ]		 Reload [ 08/12/18 15:13:16 ] . completed ..
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      34       34         6          0          0          28                   
      ----------------------------------------------------------------------
    
    [ hpHosts_ATS ]			 Reload . completed ..
      Whitelist: a6522.s3-website-us-east-1.amazonaws.com|aax-eu-rtb.amazon-adsystem.com|aax-eu.amazon-adsystem.com|aax-fe-sin.amazon-adsystem.com|aax-fe.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|ad-creatives-public.commondatastorage.googleapis.com|ad.doubleclick.net|admarvel.s3.amazonaws.com|ads.google.com|ads_ad_center.s3.amazonaws.com|adstracking.s3-website-us-west-1.amazonaws.com|advice-ads.s3.amazonaws.com|advrts.s3.amazonaws.com|adzerk-www.s3.amazonaws.com|airpushmarketing.s3.amazonaws.com|analytics.google.com|analyticsengine.s3.amazonaws.com|applab-sdk.amazon.com|arabmistress.s3.amazonaws.com|blamads-assets.s3.amazonaws.com|bo-videos.s3.amazonaws.com|c.amazon-adsystem.com|cadreon.s3.amazonaws.com|campaign-tapad.s3.amazonaws.com|cd-ladsp-com.s3.amazonaws.com|cdn.doubleverify.com|ce2-dev-trk.s3.amazonaws.com|ce2-dev.s3.amazonaws.com|chartaca.com.s3.amazonaws.com|cloudfront-labs.amazonaws.com|com.djinnworks.sdm.s3.amazonaws.com|convertglobal.s3.amazonaws.com|demandmedia.s3.amazonaws.com|deskwww.s3.amazonaws.com|device-metrics-us-2.amazon.com|ec2-54-171-97-32.eu-west-1.compute.amazonaws.com|ec2-54-225-149-4.compute-1.amazonaws.com|ec2-54-235-183-132.compute-1.amazonaws.com|epowernetworktrackerimages.s3.amazonaws.com|evs-hosted-14facd241e1c08.s3.amazonaws.com|fls-eu.amazon-adsystem.com|fls-eu.amazon.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|forumwarz.s3.amazonaws.com|gateways.s3.amazonaws.com|getbarometer.s3.amazonaws.com|getsidecar.s3.amazonaws.com|gfaf-banners.s3.amazonaws.com|gg.google.com|google-analytics.com|googleads.g.doubleclick.net|googleadservices.com|googletagmanager.com|homad-global-configs-eu-fra.schneevonmorgen.com.s3.amazonaws.com|html5adkit.plusmo.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|id.google.com|immassets.s3.amazonaws.com|inneractive-assets.s3.amazonaws.com|inpref.s3-external-3.amazonaws.com|inpref.s3.amazonaws.com|interactive-assets.s3.amazonaws.com|ir-de.amazon-adsystem.com|ir-jp.amazon-adsystem.com|ir-na.amazon-adsystem.com|kkastatic.s3.amazonaws.com|kraken-measurements.s3.amazonaws.com|livechat.s3.amazonaws.com|loved-by.s3.amazonaws.com|ltassrv.com.s3.amazonaws.com|mads.amazon-adsystem.com|magnify360-cdn.s3.amazonaws.com|matchbin-assets.s3.amazonaws.com|myadserve.s3-website-us-east-1.amazonaws.com|news-whistleout.s3.amazonaws.com|nxa-ls.s3.amazonaws.com|optimizely.s3.amazonaws.com|pagead2.googleadservices.com|partner.googleadservices.com|ps-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-images.amazon.com|rcm.amazon.com|rich-agent.s3.amazonaws.com|s.amazon-adsystem.com|s0.2mdn.net|s3-tracking.synthasite.net.s3.amazonaws.com|sana.newsinc.com.s3.amazonaws.com|sdsbucket.s3.amazonaws.com|spyhunter-download.s3.amazonaws.com|ssl.google-analytics.com|strikeadcdn.s3.amazonaws.com|thetradedesk-tags.s3.amazonaws.com|trafficads.s3-website-us-west-1.amazonaws.com|tree-pixel-log.s3.amazonaws.com|twitter-badges.s3.amazonaws.com|v.amazon-adsystem.com|vice-ads.s3.amazonaws.com|video-stats.video.google.com|whistleout.s3.amazonaws.com|wms-eu.amazon-adsystem.com|wms-fe.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|ws.amazon.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|yc-ads.s3.amazonaws.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      45751    45748      2267       115        0          43366                
      ----------------------------------------------------------------------
    
    [ Cameleon ]			 Reload [ 08/12/18 15:13:25 ] . completed ..
      Whitelist: 4.afs.googleadservices.com|aax-eu.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax.amazon-adsystem.com|ad.doubleclick.net|adwords.google.com|c.amazon-adsystem.com|cdn.doubleverify.com|fls-eu.amazon-adsystem.com|fls-na.amazon-adsystem.com|google-analytics.com|googleads.g.doubleclick.net|ir-de.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|pagead-googlehosted.l.google.com|pagead2.googleadservices.com|partner.googleadservices.com|ps-eu.amazon-adsystem.com|ps-us.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-images.amazon.com|rcm-na.amazon-adsystem.com|rcm.amazon.com|s.amazon-adsystem.com|s0.2mdn.net|ssl.google-analytics.com|tags.tiqcdn.com|video-stats.video.google.com|wms-eu.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      20567    20567      5943       39         0          14585                
      ----------------------------------------------------------------------
    
    [ SBL_ADs ]			 Reload [ 08/12/18 15:13:29 ] . completed ..
      Whitelist: aax-cpm.amazon-adsystem.com|aax.amazon-adsystem.com|admarvel.s3.amazonaws.com|ads.amazon.com|ads.google.com|ads5.iphone.s3.amazonaws.com|adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|c.amazon-adsystem.com|entrecard.s3.amazonaws.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|googleadservices.com|interactive-assets.s3.amazonaws.com|ir-na.amazon-adsystem.com|ltassrv.com.s3.amazonaws.com|mads.amazon-adsystem.com|pagead.l.google.com|partnerad.l.google.com|ps-us.amazon-adsystem.com|rcm-cn.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-na.amazon-adsystem.com|s.amazon-adsystem.com|s0.2mdn.net|video-stats.video.google.com|wms-fe.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-fe.amazon-adsystem.com|ws-na.amazon-adsystem.com|yab-adimages.s3.amazonaws.com|z-na.amazon-adsystem.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      4553     4553       4031       34         0          488                  
      ----------------------------------------------------------------------
    
    [ Yoyo ]			 Reload [ 08/12/18 15:13:30 ] . completed ..
      Whitelist: adzerk.s3.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|analytics.google.com|clientmetrics-pa.googleapis.com|digital-ads.s3.amazonaws.com|entrecard.s3.amazonaws.com|google-analytics.com|googleadservices.com|pagead.l.google.com|partnerad.l.google.com|video-stats.video.google.com|www-google-analytics.l.google.com|yab-adimages.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      2621     2621       2298       14         0          309                  
      ----------------------------------------------------------------------
    
    [ StevenBlack ]			 Reload [ 08/12/18 15:13:31 ] . completed ..
      Whitelist: 4.afs.googleadservices.com|aan.amazon.com|aax-cpm.amazon-adsystem.com|aax-eu-rtb-adx.amazon-adsystem.com|aax-eu-rtb.amazon-adsystem.com|aax-eu-test.amazon-adsystem.com|aax-eu-test1.amazon-adsystem.com|aax-eu-test2.amazon-adsystem.com|aax-eu-test3.amazon-adsystem.com|aax-eu.amazon-adsystem.com|aax-fe-pek.amazon-adsystem.com|aax-fe-sin-rtb-adx.amazon-adsystem.com|aax-fe-sin-rtb.amazon-adsystem.com|aax-fe-sin.amazon-adsystem.com|aax-fe.amazon-adsystem.com|aax-opf-us-east.amazon-adsystem.com|aax-us-east-rtb-adx.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east-test.amazon-adsystem.com|aax-us-east-test1.amazon-adsystem.com|aax-us-east-test2.amazon-adsystem.com|aax-us-east-test3.amazon-adsystem.com|aax-us-east-test4.amazon-adsystem.com|aax-us-east-test5.amazon-adsystem.com|aax-us-east-test6.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx-rtb-adx.amazon-adsystem.com|aax-us-pdx-rtb.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|aax-vx-eu-dub.amazon-adsystem.com|aax-vx-eu-eu-west-1.amazon-adsystem.com|aax-vx-fe-pdx.amazon-adsystem.com|aax-vx-fe-us-west-2.amazon-adsystem.com|aax-vx-us-iad.amazon-adsystem.com|aax-vx-us-pdx.amazon-adsystem.com|aax-vx-us-us-east-1.amazon-adsystem.com|aax-vx-us-us-west-2.amazon-adsystem.com|aax.amazon-adsystem.com|aax.amazon.amazon-adsystem.com|ad.doubleclick.net|adagiobanner.s3.amazonaws.com|admarvel.s3.amazonaws.com|adserver-clarium-446793891.us-east-1.elb.amazonaws.com|adservers-users-1-1251423768.us-east-1.elb.amazonaws.com|adservice.google.com|adservices.google.com|adtago.s3.amazonaws.com|advice-ads.s3.amazonaws.com|adzerk.s3.amazonaws.com|alb-prod-invenio-1916515004.us-west-2.elb.amazonaws.com|alexa-sitestats.s3.amazonaws.com|amazon-adsystem.com|analytics.google.com|anvato-api-config.s3.amazonaws.com|api-ntv-elb-1185445618.us-east-1.elb.amazonaws.com|appsflyer-web-1810875176.eu-west-1.elb.amazonaws.com|appsflyer-web-2-1926050047.eu-west-1.elb.amazonaws.com|appsflyer-web-3-1052820924.eu-west-1.elb.amazonaws.com|appsflyer-web-4-962407740.eu-west-1.elb.amazonaws.com|appsflyer-web-5-2093104013.eu-west-1.elb.amazonaws.com|assoc-msdk-cn.amazon-adsystem.com|assoc-msdk-eu.amazon-adsystem.com|assoc-msdk-fe.amazon-adsystem.com|assoc-msdk-metrics-us.amazon-adsystem.com|assoc-msdk-us.amazon-adsystem.com|beacon-17-537698933.us-east-1.elb.amazonaws.com|btf-analytics.s3.amazonaws.com|bugsnag.appstore.a2z.com|builds.aca.bugsnag.appstore.a2z.com|builds.bugsnag.appstore.a2z.com|builds.firetv.bugsnag.appstore.a2z.com|c.amazon-adsystem.com|campaign-tapad.s3.amazonaws.com|cctldtest.google-analytics.com|cdn-a.amazon-adsystem.com|cdn-c.amazon-adsystem.com|cdn-d.amazon-adsystem.com|cdn-s.amazon-adsystem.com|cdn-t.amazon-adsystem.com|cdn-z.amazon-adsystem.com|cdn.doubleverify.com|cdn.installationsafe.net.s3.amazonaws.com|clientmetrics-pa.googleapis.com|cookiesync-mynativeplatform-347915877.us-east-1.elb.amazonaws.com|da-cdn.amazon-adsystem.com|da-v-eu.amazon-adsystem.com|da-v-fe.amazon-adsystem.com|da-v-na.amazon-adsystem.com|da-v-sin.amazon-adsystem.com|dashboard.1p.bugsnag.appstore.a2z.com|dashboard.aca.bugsnag.appstore.a2z.com|dashboard.bugsnag.appstore.a2z.com|dashboard.firetv.bugsnag.appstore.a2z.com|dataswitch-ads-75496044.us-east-1.elb.amazonaws.com|dcs-edge-va6-802167536.us-east-1.elb.amazonaws.com|device-fingerprintdb-v1.s3.amazonaws.com|device-metrics-us-2.amazon.com|device-metrics-us.amazon.com|digital-ads.s3.amazonaws.com|dra-eu.amazon-adsystem.com|dra.amazon-adsystem.com|dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com|ec2-13-58-215-234.us-east-2.compute.amazonaws.com|ecommstats.s3.amazonaws.com|entrecard.s3.amazonaws.com|exitsplash.s3.amazonaws.com|feedads.googleadservices.com|fls-cn.amazon-adsystem.com|fls-eu.amazon-adsystem.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|fls-na.amazon.com|google-analytics.com|googleads.g.doubleclick.net|googleadservices.com|googletagservices.com|gx-in-f109.1e100.net|hooks.1p.bugsnag.appstore.a2z.com|hooks.aca.bugsnag.appstore.a2z.com|hooks.bugsnag.appstore.a2z.com|hooks.firetv.bugsnag.appstore.a2z.com|html5adkit.plusmo.s3.amazonaws.com|htmlads.s3.amazonaws.com|iacpromotion.s3.amazonaws.com|imasdk.googleapis.com|inneractive-assets.s3.amazonaws.com|insight-760077375.us-east-1.elb.amazonaws.com|ir-br.amazon-adsystem.com|ir-ca.amazon-adsystem.com|ir-cn.amazon-adsystem.com|ir-de.amazon-adsystem.com|ir-es.amazon-adsystem.com|ir-fr.amazon-adsystem.com|ir-in.amazon-adsystem.com|ir-it.amazon-adsystem.com|ir-jp.amazon-adsystem.com|ir-mx.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|load.s3.amazonaws.com|localhost.localdomain|log-c-907025318.us-east-1.elb.amazonaws.com|logger-prod-us-east-1-vpc-alb-1251201355.us-east-1.elb.amazonaws.com|m4.afs.googleadservices.com|mads-eu.amazon-adsystem.com|mads-fe.amazon-adsystem.com|mads.amazon-adsystem.com|mads.amazon.com|mas-sdk.amazon-adsystem.com|matchbin-assets.s3.amazonaws.com|metrics-collector-1584522448.us-east-1.elb.amazonaws.com|mimageads.googleadservices.com|mimageads1.googleadservices.com|mimageads2.googleadservices.com|mimageads3.googleadservices.com|mimageads4.googleadservices.com|mimageads5.googleadservices.com|mimageads6.googleadservices.com|mimageads7.googleadservices.com|mimageads8.googleadservices.com|mimageads9.googleadservices.com|mobileanalytics.us-east-1.amazonaws.com|mobileanalytics.us-east-2.amazonaws.com|mobileanalytics.us-west-1.amazonaws.com|mobileanalytics.us-west-2.amazonaws.com|mondoads.s3.amazonaws.com|mpartner.googleadservices.com|mu-in-f167.1e100.net|ncads.s3.amazonaws.com|nginx-ad-stacka-1467818758.us-east-1.elb.amazonaws.com|notify.1p.bugsnag.appstore.a2z.com|notify.aca.bugsnag.appstore.a2z.com|notify.bugsnag.appstore.a2z.com|notify.firetv.bugsnag.appstore.a2z.com|pagead-googlehosted.l.google.com|pagead.l.google.com|pagead2.googleadservices.com|partner.googleadservices.com|partnerad.l.google.com|partners-1732315393.us-east-1.elb.amazonaws.com|pixel-use201-lighttpd-elb-1612913623.us-east-2.elb.amazonaws.com|privacycollector-production-457481513.us-east-1.elb.amazonaws.com|production-adserver-666328397.us-east-1.elb.amazonaws.com|propixel7-768394228.us-east-1.elb.amazonaws.com|ps-eu.amazon-adsystem.com|ps-jp.amazon-adsystem.com|ps-us.amazon-adsystem.com|rcm-cn.amazon-adsystem.com|rcm-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|rcm-images.amazon.com|rcm-na.amazon-adsystem.com|rcm.amazon.com|replicated.aca.bugsnag.appstore.a2z.com|replicated.firetv.bugsnag.appstore.a2z.com|rpc-tapjoy-com-lb-1378811527.us-east-1.elb.amazonaws.com|rumcollector-lb-304223083.us-east-1.elb.amazonaws.com|s-beta-opf.amazon-adsystem.com|s-beta.amazon-adsystem.com|s.amazon-adsystem.com|s0.2mdn.net|sejs.moatads.com|sessions.aca.bugsnag.appstore.a2z.com|sessions.bugsnag.appstore.a2z.com|sessions.firetv.bugsnag.appstore.a2z.com|slate-ad-scripts.s3.amazonaws.com|somoreq-track-west-1951866777.us-west-1.elb.amazonaws.com|springclick-ads.s3.amazonaws.com|spyhunter-download.s3.amazonaws.com|ssl.google-analytics.com|static-shareaholic.s3.amazonaws.com|strikeadcdn.s3.amazonaws.com|sync.cmedia.s3.amazonaws.com|tags.tiqcdn.com|tapjoy-com-lb-vpc-332546193.us-east-1.elb.amazonaws.com|thepiratebay.org|tps.doubleverify.com|tracker-sp-elb-1474841806.us-east-1.elb.amazonaws.com|tracking-prod-public-2025738748.us-east-1.elb.amazonaws.com|tracking.opencandy.com.s3.amazonaws.com|uedata.amazon.com|upload.1p.bugsnag.appstore.a2z.com|upload.aca.bugsnag.appstore.a2z.com|upload.bugsnag.appstore.a2z.com|upload.firetv.bugsnag.appstore.a2z.com|v-eu-preprod.amazon-adsystem.com|v-eu.amazon-adsystem.com|v-preprod.amazon-adsystem.com|v.amazon-adsystem.com|vaes-eu-preprod.amazon-adsystem.com|vaes-eu.amazon-adsystem.com|vaes-fe-preprod.amazon-adsystem.com|vaes-fe.amazon-adsystem.com|vaes-na-preprod.amazon-adsystem.com|vaes-na.amazon-adsystem.com|vaes-preprod.dub.amazon-adsystem.com|vaes-preprod.iad.amazon-adsystem.com|vaes-preprod.pdx.amazon-adsystem.com|vaes.amazon-adsystem.com|vaes.dub.amazon-adsystem.com|vaes.iad.amazon-adsystem.com|vaes.iad.preprod.amazon-adsystem.com|vaes.pdx.amazon-adsystem.com|vaes.pdx.preprod.amazon-adsystem.com|video-stats.video.google.com|viewerstats.docstoc.com.s3.amazonaws.com|vml1.s3.amazonaws.com|vpc-prod-adsdk-lb-0-564898962.us-east-1.elb.amazonaws.com|wms-cn.amazon-adsystem.com|wms-eu.amazon-adsystem.com|wms-fe.amazon-adsystem.com|wms-in.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-cn.amazon-adsystem.com|ws-ea.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-fe.amazon-adsystem.com|ws-in.amazon-adsystem.com|ws-na.amazon-adsystem.com|www-google-analytics.l.google.com|www.google-analytics.com|www.googleadservices.com|www.googletagmanager.com|www.googletagservices.com|www.partner.googleadservices.com|www.thepiratebay.org|yab-adimages.s3.amazonaws.com|yx-in-f108.1e100.net|z-eu.amazon-adsystem.com|z-fe.amazon-adsystem.com|z-in.amazon-adsystem.com|z-na.amazon-adsystem.com|znaptag-us.s3.amazonaws.com|
      ----------------------------------------------------------------------
      Orig.    Unique     # Dups     # White    # TOP1M    Final                
      ----------------------------------------------------------------------
      71981    71981      17256      274        0          54451                
      ----------------------------------------------------------------------
    
    ------------------------------------------------------------------------
    Assembling DNSBL database... completed [ 08/12/18 15:13:45 ]
    TLD:
     Blocking full TLD/Sub-Domain(s)... |xxx| completed
    TLD analysis.. completed [ 08/12/18 15:14:16 ]
    TLD finalize...........
     ----------------------------------------
     Original    Matches    Removed    Final     
     ----------------------------------------
     131506      46838      58151      73355     
     -----------------------------------------
    TLD finalize... completed [ 08/12/18 15:14:26 ]
    
    Saving DNSBL database... completed
    Reloading Unbound Resolver..... completed [ 08/12/18 15:14:33 ]
    DNSBL update [ 73355 | PASSED  ]... completed
    ------------------------------------------------------------------------
    Restarting DNSBL Service
    
    ===[  GeoIP Process  ]============================================
    
    
    ===[  IPv4 Process  ]=================================================
    
    [ Abuse_DYRE_v4 ]		 Reload [ 08/12/18 15:14:34 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      6        6          6           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Feodo_BadIPs_v4 ]		 Reload . completed ..
      Empty file, Adding '10.1.10.2' to avoid download failure.
      ------------------------------
      Original Master     Final     
      ------------------------------
      0        1          1           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Feodo_Block_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      1498     1498       1498        [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_IPBL_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      315      315        315         [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_SSLBL_v4 ]		 Reload [ 08/12/18 15:14:35 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      55       54         54          [ Pass ] 
      -----------------------------------------------------------------
    
    [ Abuse_Zeus_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      104      103        103         [ Pass ] 
      -----------------------------------------------------------------
    
    [ BBC_C2_v4 ]			 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      179      164        164         [ Pass ] 
      -----------------------------------------------------------------
    
    [ CINS_army_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      15000    15000      15000       [ Pass ] 
      -----------------------------------------------------------------
    
    [ ET_Block_v4 ]			 Reload [ 08/12/18 15:14:37 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      2422     828        828         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ET_Comp_v4 ]			 Reload [ 08/12/18 15:14:38 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      699      630        630         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ISC_1000_30_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      8004     239        239         [ Pass ] 
      -----------------------------------------------------------------
    
    [ ISC_Block_v4 ]		 Reload [ 08/12/18 15:14:39 ] . completed ..
      Empty file, Adding '10.1.10.2' to avoid download failure.
      ------------------------------
      Original Master     Final     
      ------------------------------
      0        0          0           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Spamhaus_Drop_v4 ]		 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      828      1          1           [ Pass ] 
      -----------------------------------------------------------------
    
    [ Spamhaus_eDrop_v4 ]		 Reload [ 08/12/18 15:14:40 ] . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      115      105        105         [ Pass ] 
      -----------------------------------------------------------------
    
    [ Talos_BL_v4 ]			 Reload . completed ..
      ------------------------------
      Original Master     Final     
      ------------------------------
      1467     1381       1381        [ Pass ] 
      -----------------------------------------------------------------
    
    
    ===[  IPv6 Process  ]=================================================
    
    ===[  Aliastables / Rules  ]================================
    
    Firewall rule changes found, applying Filter Reload
    
    
    Archiving Aliastable folder
    
    
    Archiving selected pfBlockerNG files.
    
    
    ** Restarting firewall filter daemon **
    
    ===[ FINAL Processing ]=====================================
    
       [ Original IP count   ]  [ 30692 ]
    
       [ Final IP Count  ]  [ 20325 ]
    
    
    ===[ Deny List IP Counts ]===========================
    
       20326 total
       15000 /var/db/pfblockerng/deny/CINS_army_v4.txt
        1498 /var/db/pfblockerng/deny/Feodo_Block_v4.txt
        1381 /var/db/pfblockerng/deny/Talos_BL_v4.txt
         828 /var/db/pfblockerng/deny/ET_Block_v4.txt
         630 /var/db/pfblockerng/deny/ET_Comp_v4.txt
         315 /var/db/pfblockerng/deny/Abuse_IPBL_v4.txt
         239 /var/db/pfblockerng/deny/ISC_1000_30_v4.txt
         164 /var/db/pfblockerng/deny/BBC_C2_v4.txt
         105 /var/db/pfblockerng/deny/Spamhaus_eDrop_v4.txt
         103 /var/db/pfblockerng/deny/Abuse_Zeus_v4.txt
          54 /var/db/pfblockerng/deny/Abuse_SSLBL_v4.txt
           6 /var/db/pfblockerng/deny/Abuse_DYRE_v4.txt
           1 /var/db/pfblockerng/deny/Spamhaus_Drop_v4.txt
           1 /var/db/pfblockerng/deny/ISC_Block_v4.txt
           1 /var/db/pfblockerng/deny/Feodo_BadIPs_v4.txt
    
    ====================[ Empty Lists w/10.1.10.2 ]==================
    
    Feodo_BadIPs_v4.txt
    ISC_Block_v4.txt
    
    ===[ DNSBL Domain/IP Counts ] ===================================
    
       73355 total
       35827 /var/db/pfblockerng/dnsbl/StevenBlack.txt
       15602 /var/db/pfblockerng/dnsbl/EasyList.txt
       10922 /var/db/pfblockerng/dnsbl/hpHosts_ATS.txt
        8115 /var/db/pfblockerng/dnsbl/Cameleon.txt
        2046 /var/db/pfblockerng/dnsbl/D_Me_ADs.txt
         457 /var/db/pfblockerng/dnsbl/SBL_ADs.txt
         300 /var/db/pfblockerng/dnsbl/Yoyo.txt
          58 /var/db/pfblockerng/dnsbl/Adaway.txt
          27 /var/db/pfblockerng/dnsbl/D_Me_Tracking.txt
           1 /var/db/pfblockerng/dnsbl/DNSBL_TLD.txt
    
    ====================[ IPv4/6 Last Updated List Summary ]==============
    
    May 27	06:58	Spamhaus_eDrop_v4
    Jul 18	05:15	Abuse_DYRE_v4
    Aug 10	00:22	Spamhaus_Drop_v4
    Aug 10	00:30	ET_Block_v4
    Aug 10	00:30	ET_Comp_v4
    Aug 12	13:46	Abuse_Zeus_v4
    Aug 12	14:16	BBC_C2_v4
    Aug 12	14:19	CINS_army_v4
    Aug 12	14:31	ISC_Block_v4
    Aug 12	14:45	Abuse_SSLBL_v4
    Aug 12	14:55	Abuse_IPBL_v4
    Aug 12	15:00	Feodo_BadIPs_v4
    Aug 12	15:00	Feodo_Block_v4
    Aug 12	15:00	ISC_1000_30_v4
    Aug 12	15:00	Talos_BL_v4
    
    ====================[ DNSBL Last Updated List Summary ]==============
    
    Jul 31	2015	D_Me_Tracking
    Mar 9	2016	D_Me_ADs
    Jan 20	2018	Adaway
    Mar 18	05:51	Cameleon
    Aug 8	09:37	hpHosts_ATS
    Aug 11	04:29	Yoyo
    Aug 12	09:17	SBL_ADs
    Aug 12	13:40	EasyList
    Aug 12	13:45	StevenBlack
    ===============================================================
    
    Database Sanity check [  PASSED  ]
    ------------------------
    Masterfile/Deny folder uniq check
    Deny folder/Masterfile uniq check
    
    Sync check (Pass=No IPs reported)
    ----------
    
    Alias table IP Counts
    -----------------------------
       20326 total
       20326 /var/db/aliastables/pfB_PRI1_v4.txt
           0 /var/db/aliastables/pfB_DNSBLIP.txt
    
    pfSense Table Stats
    -------------------
    table-entries hard limit  2000000
    Table Usage Count         3250
    
     UPDATE PROCESS ENDED [ 08/12/18 15:14:49 ]
    


  • Just to give additional screenshots: 0_1534102330860_3420ae53-1e57-4057-94db-5e3be07ee937-image.png
    0_1534102387533_65e012a8-b6e7-4eff-874f-cea5e57d095d-image.png

    There's a lot of entries in dns resolver like this:
    0_1534102601273_62764b22-af4c-46c2-9dfd-35788e1b79b0-image.png



  • And when you disable DNSBL, does the resolver works fine ?
    Maybe post your Resolver configuration.

    How much memory on the box? Check the memory usage with Diagnostics System Activity and Status Monitoring.

    To keep the configuration and clear the database:

    • Disable PfBlockerNG and Keep Settings, save.

    • Enable PfBlockerNG and Keep Settings, save

    • Force Reload All.



  • 2gb of ram:
    0_1534116719304_9ac5e6c0-ed8e-4887-a1a7-082c0a98e142-image.png

    DNS Resolver config (when pfblockerNG is running):
    0_1534115729398_bf6c7b66-ea27-428f-a2d1-33d015ca19c3-image.png
    0_1534115802876_3813a965-90fc-4048-ba7f-9453dc7e22b4-image.png
    0_1534115864211_21c810a5-d682-4c07-8317-b7bc32bba033-image.png



  • forgot to mention that I restarted dns resolver with pfblockerNG disabled, and the errors in resolving stopped showing up in the logs... maybe it was because nothing else uses it, not sure.



  • @bbcan177 said in PfBlockerNG v2.0 w/DNSBL:

    pfSense has two types of DNS Services

    • DNS Forwarder

    • DNS Resolver

    If you plan on using the DNSBL feature, you will need to use the DNS Resolver for your DNS queries, the DNS Forwarder is not an option for DNSBL. Its probably best to ensure that the DNS Resolver is working before using DNSBL.

    The DNS Resolver is developed by NLnet Labs and is named 'Unbound'. It is a validating, recursive and caching DNS resolver. https://www.unbound.net/index.html

    Some recommendations:

    • The DNS Resolver can also be used in 'Forwardering mode'; however its best to not use this 'Forwarding mode' and keep it in 'resolver mode' as this will query the Root DNS servers for the DNS queries instead of relying on an ISPs DNS etc…

    • If you use the 'DNS Resolver Forwarder mode', only configure 'DNSSEC' if the configured DNS servers support DNSSEC. The enabling of 'DNSSEC' to harden your DNS security is highly recommended.

    • Disable the two "DHCP registrations" checkboxes, unless you really require those options.

    Here is a good primer about the DNS Resolver (Unbound) https://calomel.org/unbound_dns.html

    Disable DHCP Registrations as every new lease will restart Unbound
    Static registration will restart unbound on DHCP services modification.



  • @mcampbell said in pfBlockerNG Devel 2.2.1 upgrade fails to start pfb_dnsbl service:

    2gb of ram:

    Well this isn't much memory for DNSBL usage.
    You are also using RAM Disk for /var and /tmp, so they are competing for RAM with unbound when a Reload or Cron update is running.



  • I never had a problem with it before on the non devel version of pfblockerNG. I was using the standard version of pfblockerNG for months without issues--except when trying to use the the Amazon app on my phone on the network--it was constantly giving errors. My desire for greater visibility into what exactly was being blocked is what prompted me to upgrade to the devel version. Unless you're saying the new version is that much more memory intensive? At any rate, I can probably upgrade the ram without much issues... it's a little bookshelf type PC, but it should support up to 4GB of RAM.



  • @mcampbell Maybe it's an idea to reinstall the 2.2.1 develop and only enable DNSBL_ADs in DNSBL (certianly not TLD) and the force an update (my 2 cents),

    btw what's your pfSense version?


  • Moderator

    Check the pfSense system log and the resolver.log for any error messages. For unbound, suggest to increase the Adv setting "Log Verbosity" to "2".

    You can also run the following command to see if it reports and errors:

    /usr/local/etc/rc.d/pfb_dnsbl.sh restart
    


  • @Qinn , when I uninstalled everything, including settings, it still wasn't starting up, even with no settings loaded. I would think it should start up then. 2.4.3-RELEASE-p1 is what I'm currently on, though when I started this venture, I was on 2.4.3.

    @BBcan177 , thanks for the advice, I will definitely try those out. I am linux savvy, so I know my way around on the linux side of things, but wasn't sure where the scripts ran on pfsense. I will happily try it out.



  • it already bore unexpected fruit:

    [2.4.3-RELEASE][root@pfsense.home]/usr/local/etc/rc.d: ./pfb_dnsbl.sh restart
    2018-08-14 21:35:14: (network.c.313) can't bind to socket: 10.1.10.2:443 Can't assign requested address
    

    I don't believe anything is bound to that IP. Worth trying a different one?



  • Holy smokes, tried 3 or 4 very different IPs within the 10.x.x.x subnet, all ones that are not being used by my pfsense for any of its networks, before I finally decided to try 10.254.254.254. That did it! it's actually running. No idea why it wasn't working with any of the others... I'll take it though. Thanks everyone for helping me out!

    0_1534297986033_7c402917-6da3-4992-b6c7-353714676b71-image.png


  • Moderator

    What does this report? What IP range did you use for Openvpn? You don't need to stay in the 10 range... Can also try 192.168 or any other private IP range (RFC1918)

    ifconfig
    


  • So it looks like the openvpn range had the range it was last configured for, but not some of the others that had failed.

    [2.4.3-RELEASE][root@pfsense.home]/root: ifconfig | grep inet
            inet6 fe80::224:b2ff:fedf:a196%bge0 prefixlen 64 scopeid 0x1
            inet 73.82.108.146 netmask 0xfffffe00 broadcast 255.255.255.255
            inet6 fe80::2e0:66ff:fe6a:c58f%bge1 prefixlen 64 scopeid 0x2
            inet 10.10.0.1 netmask 0xffffff00 broadcast 10.10.0.255
            inet 10.254.254.254 netmask 0xffffffff broadcast 10.254.254.254
            inet6 ::1 prefixlen 128
            inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
            inet 127.0.0.1 netmask 0xff000000
            inet6 fe80::2e0:66ff:fe6a:c58f%bge1.2 prefixlen 64 scopeid 0x7
            inet 10.1.0.1 netmask 0xffffff00 broadcast 10.1.0.255
            inet6 fe80::2e0:66ff:fe6a:c58f%bge1.5 prefixlen 64 scopeid 0x8
            inet 10.2.0.1 netmask 0xffffff00 broadcast 10.2.0.255
            inet6 fe80::224:b2ff:fedf:a196%ovpns1 prefixlen 64 scopeid 0x9
            inet 10.2.10.1 --> 10.2.10.2  netmask 0xffffffff
            inet6 fe80::224:b2ff:fedf:a196%ovpns2 prefixlen 64 scopeid 0xa
            inet 10.1.10.1 --> 10.1.10.2  netmask 0xffffffff
    

    I think that my choice works out fine though, 10.254.254.254 is way out of the way.