Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG DNSBL service wont start

    Scheduled Pinned Locked Moved pfBlockerNG
    10 Posts 5 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blackops786187
      last edited by

      Hi,

      Ive installed PFblockerng and the pfBlockerNG DNSBL service will not start. I've re-installed it whilst disabling the keep settings option. I've done a force reload all and restarted pfsense and it wont start up

      dce5eea4-7543-4be5-b1e0-397787315422-image.png

      The weird thing is that once im connected onto my openvpn connection, ads are being blocked even when the DNSBL is disabled

      Can someone provide me with some further troubleshooting methods to solve this?

      Thanks

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hummmm.
        Can't see anything from here.

        You looked here :

        3a728829-f8bb-40a9-8fc3-88926509c615-image.png

        ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • B
          blackops786187
          last edited by blackops786187

          in the error.log im seeing this. (Certificate issue i think)

          **[ DNSBL_EasyList - EasyList ] Download FAIL [ 06/09/20 21:35:09 ]
          Firewall and/or IDS (Legacy mode only) are not blocking download.

          [ DNSBL_EasyList - EasyPrivacy ] Download FAIL [ 06/09/20 21:35:24 ]
          Firewall and/or IDS (Legacy mode only) are not blocking download.**

          this is the pfblocker log. Cant see any errors besides the lists not downloading

          https://pastebin.com/cM5eSys7

          1 Reply Last reply Reply Quote 0
          • T
            taz3146
            last edited by taz3146

            Same issue, Curl SSL errors out on 2.4.4 before update and continues on 2.4.5-p1. the difference here it keeps reusing the old list it already had from before 5/30/2020 and looks like it's been broken since that date. below is snip from the log

            [ easylistads ]
            			Previous download failed.	Re-attempt download
             UPDATE PROCESS START [ 06/10/20 20:00:01 ]
            
            ===[  DNSBL Process  ]================================================
            
            [ easylistads ]		 Downloading update . cURL Error: 60
            SSL certificate problem: certificate has expired Retry in 5 seconds...
            . cURL Error: 60
            SSL certificate problem: certificate has expired Retry in 5 seconds...
            . cURL Error: 60
            SSL certificate problem: certificate has expired Retry in 5 seconds...
            .. unknown http status code 
            
             [ DNSBL_easylistads - easylistads ] Download FAIL [ 06/10/20 20:00:17 ]
              Firewall and/or IDS are not blocking download.
            
              Restoring previously downloaded file
            

            EDIT** I just spotted the issue, look at the remote timestamp date, it appears the server had a date roll over issue, I seen it on some other lists also, which appear to have been fixed. 4 hours prior to that it synced and updated normally

            [ easylistads ]
              Remote timestamp: Thu, 01 Jan 1970 00:00:00 GMT
              Local  timestamp: Sat, 30 May 2020 07:51:04 GMT	Update found
             UPDATE PROCESS START [ 05/30/20 08:00:11 ]
            
            
            1 Reply Last reply Reply Quote 0
            • RonpfSR
              RonpfS
              last edited by

              Change the State of the URL to Flex

              2.4.5-RELEASE-p1 (amd64)
              Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
              Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

              Cool_CoronaC T 2 Replies Last reply Reply Quote 0
              • Cool_CoronaC
                Cool_Corona @RonpfS
                last edited by

                @RonpfS Doesnt work.

                1 Reply Last reply Reply Quote 0
                • RonpfSR
                  RonpfS
                  last edited by

                  Can you open that URL in your browser ?

                  2.4.5-RELEASE-p1 (amd64)
                  Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                  Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                  Cool_CoronaC 1 Reply Last reply Reply Quote 0
                  • T
                    taz3146 @RonpfS
                    last edited by

                    @RonpfS
                    good catch, that worked and the list updated. it fails initially, retries with flex ssl downgrade and succeeds 👍
                    I forgot that was even an option.
                    new snip of log below

                    [ easylistads ]		 Downloading update . cURL Error: 60
                    
                    [ ! ] Downgrading SSL settings (Flex) . 200 OK.
                    
                    1 Reply Last reply Reply Quote 0
                    • Cool_CoronaC
                      Cool_Corona @RonpfS
                      last edited by

                      @RonpfS Yes.

                      1 Reply Last reply Reply Quote 0
                      • B
                        blackops786187
                        last edited by

                        used flex to remove the download errors but the service refuses to start. im still getting adblocking on the vpn so it seems to be working but not sure if the functionality is impaired or not

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.