PFblockNG Devel not logging or blocking domains



  • since January 9 2020 my pfBlockerNG devel has been broken. I only have 2 aliases for the pfb_pri1_V4 & pfb_pri2_V4 are the only ones working. I have trying checking for error logs but i see nothing. I will appreciate any help. I have tried everything, deleting and reseting the log files, deleting the /var/unbound files, forcing reloading, installing and uninstalling, and refreshing kernel pfsense files. nothing worked.

    Screen Shot 2020-03-13 at 5.56.13 PM.png Screen Shot 2020-03-13 at 6.11.35 PM.png



  • @antoni777 Just want for you to confirm that your pfSense device is the only source to resolve DNS request...that's the way it works.



  • @NollipfSense

    Good afternoon,

    This is the only network device I have, no other dns resolvers. Everything else ( APs & switch are behind)

    V/r



  • @antoni777

    I also reduced the feeds to the bare minimum. And verified they still active.



  • @antoni777 said in PFblockNG Devel not logging or blocking domains:

    @antoni777

    I also reduced the feeds to the bare minimum. And verified they still active.

    Here is some good reading for using DNSBL in pfBlocker. It also has some good info on how to configure DNSBL in pfBlocker: https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/



  • @antoni777 said in PFblockNG Devel not logging or blocking domains:

    This is the only network device I have, no other dns resolvers. Everything else ( APs & switch are behind)

    What I mean is your DNS is 192.168.1.1 or whatever custom IP you chose for LAN plus a LAN firewall rule. All devices on your network must have 192.168.1.1 or whatever custom IP for DNS.

    Screen Shot 2020-03-14 at 3.44.37 PM.png



  • @NollipfSense
    I have different DNS IPs defined in the DHCP settings per network. I use the Clean Browsing DNS servers to block all adult sites for the for the family. i use defaults for all devices in the network. so they get their dns setting from the PfSense DHCP. Do i need a firewall rule per network still to define the DNS?



  • @antoni777 said in PFblockNG Devel not logging or blocking domains:

    Do i need a firewall rule per network still to define the DNS?

    Yes...that way you restrict all LAN devices to use pfSense via port 53 to resolve DNS request. You can use other DNS service on pfSense such as in my case I use OpenDNS.

    Screen Shot 2020-03-14 at 9.18.19 PM.png



  • @NollipfSense I'm not well versed with firewall rules yet. In the rule do i need to specify the virtual IP of the PfBlockerNG dns?



  • @antoni777 That's why I post the LAN firewall rule about...you can copy and set the rule like that...pay attention to the destination port...be sure it's port 53 from and to... pfSense will use your LAN IP.



  • Good morning,

    My apologies it took some time to get back on this issue. I created the rules the ads are gone but the count still showing nothing. I reloaded the package. Should i reinstall it? Also browsing is taking a long time when compared as it was before without the firewall rules.

    thanks for your patience.
    V/r



  • @antoni777 said in PFblockNG Devel not logging or blocking domains:

    Good morning,

    My apologies it took some time to get back on this issue. I created the rules the ads are gone but the count still showing nothing. I reloaded the package. Should i reinstall it? Also browsing is taking a long time when compared as it was before without the firewall rules.

    thanks for your patience.
    V/r

    Not sure why your browsing experience is slow...should not affect that. You could surely reinstall the package; however, before you do ensure that you check the box to keep settings.
    Screen Shot 2020-03-22 at 8.00.47 PM.png



  • UPDATE PROCESS START [ 03/27/20 09:54:27 ]

    ===[ DNSBL Process ]================================================

    Missing DNSBL stats and/or Unbound DNSBL conf file - Rebuilding

    Loading DNSBL Whitelist... completed

    [ EasyList ] Downloading update .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    1586 1586 0 0 0 1586

    [ EasyPrivacy ] Downloading update [ 03/27/20 09:54:29 ] .. 200 OK.

    Whitelist: collector-cdn.github.com

    Orig. Unique # Dups # White # TOP1M Final

    2662 2660 0 1 0 2659

    [ Adaway ] Downloading update [ 03/27/20 09:54:38 ] .. 200 OK.
    Whitelist: 5726.bapi.adsafeprotected.com|6058.bapi.adsafeprotected.com|6063.bapi.adsafeprotected.com|6067.bapi.adsafeprotected.com|623.bapi.adsafeprotected.com|6539.bapi.adsafeprotected.com|707.bapi.adsafeprotected.com|7093.bapi.adsafeprotected.com|7202.bapi.adsafeprotected.com|7246.bapi.adsafeprotected.com|7250.bapi.adsafeprotected.com|7251.bapi.adsafeprotected.com|7882.bapi.adsafeprotected.com|8328.bapi.adsafeprotected.com|9.bapi.adsafeprotected.com|aax-us-east.amazon-adsystem.com|advertising.apple.com|amidt.adsafeprotected.com|amipm.adsafeprotected.com|anycast.dt.adsafeprotected.com|anycast.fw.adsafeprotected.com|anycast.pixel.adsafeprotected.com|api.adsafeprotected.com|appvast.adsafeprotected.com|banners.itunes.apple.com|bapi.adsafeprotected.com|bs.serving-sys.com|c.amazon-adsystem.com|ca.iadsdk.apple.com|cdn.adsafeprotected.com|cf.iadsdk.apple.com|control.kochava.com|cs.iadsdk.apple.com|daldt.adsafeprotected.com|dalpm.adsafeprotected.com|device-metrics-us-2.amazon.com|dt.adsafeprotected.com|fls-na.amazon.com|fw.adsafeprotected.com|fwapi.adsafeprotected.com|fwvc.adsafeprotected.com|iadmoo.apple.com|iadsdk.apple.com|imp.control.kochava.com|mads.amazon-adsystem.com|mobile-static.adsafeprotected.com|mobile.adsafeprotected.com|nyidt.adsafeprotected.com|nyipm.adsafeprotected.com|pixel.adsafeprotected.com|pm.adsafeprotected.com|px.moatads.com|s.amazon-adsystem.com|secure-gl.imrworldwide.com|sfw.adsafeprotected.com|sjedt.adsafeprotected.com|sjepm.adsafeprotected.com|spixel.adsafeprotected.com|static.adsafeprotected.com|su.iadsdk.apple.com|tr.iadsdk.apple.com|ut.iadsdk.apple.com|vast.adsafeprotected.com|vastpixel.adsafeprotected.com|video.adsafeprotected.com|vpaid.adsafeprotected.com|

    Orig. Unique # Dups # White # TOP1M Final

    12175 12174 202 66 0 11906

    [ Cameleon ] Downloading update .. 200 OK.
    Whitelist: 5726.bapi.adsafeprotected.com|6063.bapi.adsafeprotected.com|aax-eu.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax.amazon-adsystem.com|ads.sourceforge.net|bs.serving-sys.com|c.amazon-adsystem.com|cdn.adsafeprotected.com|dt.adsafeprotected.com|fls-eu.amazon-adsystem.com|fls-na.amazon-adsystem.com|fw.adsafeprotected.com|images-aud.sourceforge.net|ir-de.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|metrics.apple.com|pixel.adsafeprotected.com|pm.adsafeprotected.com|ps-eu.amazon-adsystem.com|ps-us.amazon-adsystem.com|px.moatads.com|rcm-eu.amazon-adsystem.com|rcm-na.amazon-adsystem.com|s.amazon-adsystem.com|secure-gl.imrworldwide.com|securemetrics.apple.com|spixel.adsafeprotected.com|static.adsafeprotected.com|wms-eu.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|z-na.amazon-adsystem.com|

    Orig. Unique # Dups # White # TOP1M Final

    20567 20567 1194 36 0 19337

    [ D_Me_ADs ] Downloading update [ 03/27/20 09:54:40 ] .. 200 OK.
    Whitelist: advertising.apple.com|amazon-adsystem.com|iadsdk.apple.com|pixel.adsafeprotected.com|qwapi.apple.com|

    Orig. Unique # Dups # White # TOP1M Final

    2701 2701 1019 5 0 1677

    [ D_Me_Tracking ] Downloading update [ 03/27/20 09:54:41 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    34 34 16 0 0 18

    [ hpHosts_ATS ] Downloading update .. 200 OK.
    Whitelist: 5726.bapi.adsafeprotected.com|6058.bapi.adsafeprotected.com|6067.bapi.adsafeprotected.com|623.bapi.adsafeprotected.com|6539.bapi.adsafeprotected.com|707.bapi.adsafeprotected.com|7093.bapi.adsafeprotected.com|7202.bapi.adsafeprotected.com|7246.bapi.adsafeprotected.com|7250.bapi.adsafeprotected.com|7251.bapi.adsafeprotected.com|7882.bapi.adsafeprotected.com|8328.bapi.adsafeprotected.com|aax-eu-rtb.amazon-adsystem.com|aax-eu.amazon-adsystem.com|aax-fe-sin.amazon-adsystem.com|aax-fe.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax-us-west.amazon-adsystem.com|ads.sourceforge.net|adsafeprotected.com|advertising.apple.com|anycast.fw.adsafeprotected.com|anycast.pixel.adsafeprotected.com|autolinkmaker.itunes.apple.com|bs.serving-sys.com|c.amazon-adsystem.com|c.apple.com|collector-cdn.github.com|control.kochava.com|device-metrics-us-2.amazon.com|dt.adsafeprotected.com|fls-eu.amazon-adsystem.com|fls-fe.amazon-adsystem.com|fls-na.amazon-adsystem.com|fw.adsafeprotected.com|iadsdk.apple.com|images-aud.sourceforge.net|ir-de.amazon-adsystem.com|ir-jp.amazon-adsystem.com|ir-na.amazon-adsystem.com|mads.amazon-adsystem.com|metrics.apple.com|metrics.sourceforge.net|pivotal.github.com|pixel.adsafeprotected.com|ps-eu.amazon-adsystem.com|rcm-fe.amazon-adsystem.com|s.amazon-adsystem.com|secure-gl.imrworldwide.com|securemetrics.apple.com|sfw.adsafeprotected.com|spixel.adsafeprotected.com|static.adsafeprotected.com|v.amazon-adsystem.com|wms-eu.amazon-adsystem.com|wms-fe.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|z-na.amazon-adsystem.com|

    Orig. Unique # Dups # White # TOP1M Final

    45736 45733 8146 61 0 37526

    [ Yoyo ] Downloading update [ 03/27/20 09:54:43 ] .. 200 OK.
    Whitelist: adsafeprotected.com|amazon-adsystem.com|pixel.adsafeprotected.com|securemetrics.apple.com|

    Orig. Unique # Dups # White # TOP1M Final

    3274 3274 2226 4 0 1044

    [ Abuse_DOMBL ] Downloading update [ 03/27/20 09:54:44 ] .. 200 OK
    No Domains Found! Ensure only domain based Feeds are used for DNSBL!

    [ Abuse_URLBL ] Downloading update .. 200 OK
    No Domains Found! Ensure only domain based Feeds are used for DNSBL!

    [ BBC_DC2 ] Downloading update [ 03/27/20 09:54:45 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    471 469 0 0 0 469

    [ SWC ] Downloading update .. 200 OK
    IDN converted: [ secret.ɢoogle.com ] [ secret.ɢoogle.com ].
    Whitelist: aax-cpm.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax-us-pdx.amazon-adsystem.com|aax.amazon-adsystem.com|amazon-adsystem.com|anycast.dt.adsafeprotected.com|bs.serving-sys.com|c.amazon-adsystem.com|dra.amazon-adsystem.com|dt.adsafeprotected.com|fls-na.amazon-adsystem.com|fw.adsafeprotected.com|images-aud.sourceforge.net|ir-de.amazon-adsystem.com|ir-na.amazon-adsystem.com|localhost.localdomain|mads.amazon-adsystem.com|pixel.adsafeprotected.com|ps-us.amazon-adsystem.com|px.moatads.com|rcm-na.amazon-adsystem.com|static.adsafeprotected.com|wms-eu.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-ea.amazon-adsystem.com|ws-na.amazon-adsystem.com|z-na.amazon-adsystem.com|

    Orig. Unique # Dups # White # TOP1M Final

    14423 14402 3935 27 0 10440

    [ D_Me_Malv ] Downloading update [ 03/27/20 09:54:47 ] .. 200 OK.
    Whitelist: advertising.apple.com|amazon-adsystem.com|iadsdk.apple.com|pixel.adsafeprotected.com|qwapi.apple.com|

    Orig. Unique # Dups # White # TOP1M Final

    2735 2735 2729 5 0 1

    [ D_Me_Malw ] Downloading update .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    1 1 1 0 0 0

    [ ISC_SDH ] Downloading update [ 03/27/20 09:54:48 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    2288 2288 0 0 0 2288

    [ MDS ] Downloading update .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    26857 26857 30 0 0 26827

    [ MDS_Immortal ] Downloading update [ 03/27/20 09:54:50 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    3196 3196 566 0 0 2630

    [ MDL ] Downloading update [ 03/27/20 09:54:51 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    1104 1104 28 0 0 1076

    [ MVPS ] Downloading update [ 03/27/20 09:54:52 ] .. 200 OK.
    Whitelist: 5726.bapi.adsafeprotected.com|6063.bapi.adsafeprotected.com|aax-eu.amazon-adsystem.com|aax-us-east-rtb.amazon-adsystem.com|aax-us-east.amazon-adsystem.com|aax.amazon-adsystem.com|bs.serving-sys.com|c.amazon-adsystem.com|cdn.adsafeprotected.com|dt.adsafeprotected.com|fls-eu.amazon-adsystem.com|fls-na.amazon-adsystem.com|fw.adsafeprotected.com|images-aud.sourceforge.net|ir-de.amazon-adsystem.com|ir-na.amazon-adsystem.com|ir-uk.amazon-adsystem.com|pixel.adsafeprotected.com|pm.adsafeprotected.com|ps-eu.amazon-adsystem.com|ps-us.amazon-adsystem.com|px.moatads.com|rcm-eu.amazon-adsystem.com|rcm-na.amazon-adsystem.com|s.amazon-adsystem.com|secure-gl.imrworldwide.com|spixel.adsafeprotected.com|static.adsafeprotected.com|wms-eu.amazon-adsystem.com|wms-na.amazon-adsystem.com|ws-eu.amazon-adsystem.com|ws-na.amazon-adsystem.com|z-na.amazon-adsystem.com|

    Orig. Unique # Dups # White # TOP1M Final

    10475 10475 9726 33 0 716

    [ Spam404 ] Downloading update [ 03/27/20 09:54:53 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    7066 7064 53 0 0 7011

    [ SFS_Toxic_BD ] Downloading update .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    11280 11276 1 0 0 11275

    [ AntiSocial_BD ] Downloading update [ 03/27/20 09:54:54 ] .. 200 OK.

    Orig. Unique # Dups # White # TOP1M Final

    34148 34148 47 0 0 34101

    Saving DNSBL database... completed


    Assembling DNSBL database... completed [ 03/27/20 09:54:56 ]
    Reloading Unbound Resolver..... completed
    DNSBL update [ 172587 | PASSED ]... completed
    Adding DNSBL Unbound server:include option

    ===[ GeoIP Process ]============================================

    ===[ IPv4 Process ]=================================================

    [ Abuse_Feodo_C2_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    1103 1103 1103 [ Pass ]

    [ Abuse_IPBL_v4 ] Downloading update .. 200 OK. completed ..
    Empty file, Adding '127.1.7.7' to avoid download failure.

    Original Master Final

    0 1 1 [ Pass ]

    [ Abuse_SSLBL_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    116 107 107 [ Pass ]

    [ BBC_C2_v4 ] Downloading update [ 03/27/20 09:54:57 ] .. 200 OK. completed ..

    Original Master Final

    203 181 181 [ Pass ]

    [ CINS_army_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    15000 15000 15000 [ Pass ]

    [ ET_Block_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    2026 943 943 [ Pass ]

    [ ET_Comp_v4 ] Downloading update [ 03/27/20 09:54:58 ] .. 200 OK. completed ..

    Original Master Final

    858 840 840 [ Pass ]

    [ ISC_1000_30_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    8004 880 880 [ Pass ]

    [ ISC_Block_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    21 6 6 [ Pass ]

    [ Spamhaus_Drop_v4 ] Downloading update [ 03/27/20 09:54:59 ] .. 200 OK. completed ..

    Original Master Final

    853 0 0 [ Pass ]

    [ Spamhaus_eDrop_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    101 93 93 [ Pass ]

    [ Talos_BL_v4 ] Downloading update .. 200 OK. completed ..

    Original Master Final

    1160 1141 1141 [ Pass ]

    ===[ Aliastables / Rules ]================================

    Firewall rule changes found, applying Filter Reload

    ** Restarting firewall filter daemon **

    ===[ FINAL Processing ]=====================================

    [ Original IP count ] [ 29444 ]

    [ Final IP Count ] [ 20295 ]

    ===[ Deny List IP Counts ]===========================

    20296 total
    15000 /var/db/pfblockerng/deny/CINS_army_v4.txt
    1141 /var/db/pfblockerng/deny/Talos_BL_v4.txt
    1103 /var/db/pfblockerng/deny/Abuse_Feodo_C2_v4.txt
    943 /var/db/pfblockerng/deny/ET_Block_v4.txt
    880 /var/db/pfblockerng/deny/ISC_1000_30_v4.txt
    840 /var/db/pfblockerng/deny/ET_Comp_v4.txt
    181 /var/db/pfblockerng/deny/BBC_C2_v4.txt
    107 /var/db/pfblockerng/deny/Abuse_SSLBL_v4.txt
    93 /var/db/pfblockerng/deny/Spamhaus_eDrop_v4.txt
    6 /var/db/pfblockerng/deny/ISC_Block_v4.txt
    1 /var/db/pfblockerng/deny/Spamhaus_Drop_v4.txt
    1 /var/db/pfblockerng/deny/Abuse_IPBL_v4.txt

    ====================[ Empty Lists w/127.1.7.7 ]==================

    Abuse_IPBL_v4.txt
    Spamhaus_Drop_v4.txt

    ===[ DNSBL Domain/IP Counts ] ===================================

    172587 total
    37526 /var/db/pfblockerng/dnsbl/hpHosts_ATS.txt
    34101 /var/db/pfblockerng/dnsbl/AntiSocial_BD.txt
    26827 /var/db/pfblockerng/dnsbl/MDS.txt
    19337 /var/db/pfblockerng/dnsbl/Cameleon.txt
    11906 /var/db/pfblockerng/dnsbl/Adaway.txt
    11275 /var/db/pfblockerng/dnsbl/SFS_Toxic_BD.txt
    10440 /var/db/pfblockerng/dnsbl/SWC.txt
    7011 /var/db/pfblockerng/dnsbl/Spam404.txt
    2659 /var/db/pfblockerng/dnsbl/EasyPrivacy.txt
    2630 /var/db/pfblockerng/dnsbl/MDS_Immortal.txt
    2288 /var/db/pfblockerng/dnsbl/ISC_SDH.txt
    1677 /var/db/pfblockerng/dnsbl/D_Me_ADs.txt
    1586 /var/db/pfblockerng/dnsbl/EasyList.txt
    1076 /var/db/pfblockerng/dnsbl/MDL.txt
    1044 /var/db/pfblockerng/dnsbl/Yoyo.txt
    716 /var/db/pfblockerng/dnsbl/MVPS.txt
    469 /var/db/pfblockerng/dnsbl/BBC_DC2.txt
    18 /var/db/pfblockerng/dnsbl/D_Me_Tracking.txt
    1 /var/db/pfblockerng/dnsbl/D_Me_Malv.txt
    0 /var/db/pfblockerng/dnsbl/D_Me_Malw.txt
    0 /var/db/pfblockerng/dnsbl/Abuse_URLBL.txt
    0 /var/db/pfblockerng/dnsbl/Abuse_DOMBL.txt

    ====================[ IPv4/6 Last Updated List Summary ]==============

    Feb 6 02:59 Spamhaus_eDrop_v4
    Mar 20 17:59 Spamhaus_Drop_v4
    Mar 25 23:30 ET_Block_v4
    Mar 25 23:30 ET_Comp_v4
    Mar 27 06:57 ISC_Block_v4
    Mar 27 07:42 ISC_1000_30_v4
    Mar 27 09:04 Talos_BL_v4
    Mar 27 09:17 BBC_C2_v4
    Mar 27 09:20 CINS_army_v4
    Mar 27 09:50 Abuse_SSLBL_v4
    Mar 27 09:50 Abuse_Feodo_C2_v4
    Mar 27 09:54 Abuse_IPBL_v4

    ====================[ DNSBL Last Updated List Summary ]==============

    Jul 31 2015 D_Me_Tracking
    Mar 18 2018 Cameleon
    Oct 21 17:47 MDS_Immortal
    Nov 19 04:19 hpHosts_ATS
    Jan 22 06:15 MDL
    Jan 31 20:37 D_Me_ADs
    Feb 26 22:08 SWC
    Mar 4 16:42 MDS
    Mar 14 18:00 MVPS
    Mar 18 10:27 Adaway
    Mar 23 04:14 AntiSocial_BD
    Mar 24 13:42 Yoyo
    Mar 27 03:57 ISC_SDH
    Mar 27 09:00 SFS_Toxic_BD
    Mar 27 09:17 BBC_DC2
    Mar 27 09:21 D_Me_Malw
    Mar 27 09:21 D_Me_Malv
    Mar 27 09:51 EasyList
    Mar 27 09:51 EasyPrivacy
    Mar 27 09:54 Abuse_DOMBL
    Mar 27 09:54 Abuse_URLBL
    Mar 27 09:54 Spam404

    Database Sanity check [ PASSED ]

    Masterfile/Deny folder uniq check
    Deny folder/Masterfile uniq check

    Sync check (Pass=No IPs reported)

    Alias table IP Counts

    20296 total
    20296 /var/db/aliastables/pfB_PRI1_v4.txt
    0 /var/db/aliastables/pfB_PS_v4.txt

    pfSense Table Stats

    table-entries hard limit 400000
    Table Usage Count 226

    UPDATE PROCESS ENDED [ 03/27/20 09:55:01 ]



  • I still get nothing, In the post above i always get the same error , "Missing DNSBL stats and/or Unbound DNSBL conf file - Rebuilding"

    V/r

    Tony


Log in to reply