Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFSense w/ Unbound and PFBlockerNG-devel Fails to load some sites until reboot

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 625 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      CDTech
      last edited by

      I'm running PFSense using the DNS resolver, PFBlockerNG-devel and Suricata. I am having an issue where some sites will randomly fail to load on any device until the firewall is restarted. I have tried restarting the DNS resolver service and setting devices to use the google DNS however the only way to access the site is to use a VPN. I'm not sure where to go from here, so any help would be appreciated.

      NollipfSenseN 1 Reply Last reply Reply Quote 0
      • NollipfSenseN Offline
        NollipfSense @CDTech
        last edited by

        @CDTech You needed to update and reload pfBlockerNG-Devel ... restarting Unbound is not sufficient as you had discovered. Alternatively, you may reboot pfSense as you had discovered, worked. I take it you had added some sites to white list or suppression list.

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        1 Reply Last reply Reply Quote 0
        • C Offline
          CDTech
          last edited by

          @NollipfSense No, no changes from standard lists. Pfblocker logs don’t seem to show anything obvious that’s being blocked, just add domains that are unrelated to the sites I can’t access.

          1 Reply Last reply Reply Quote 0
          • Raffi_R Offline
            Raffi_
            last edited by

            @CDTech do you have Suricata running in ids (detection) or ips (protection) mode? If Suricata is blocking on alerts (legacy mode ips), then you can have a lot of sites "break" depending on how it's setup. Even if you disable Suricata, it won't solve the issue. You would have to disable suricata or switch to detection mode only and then go to the blocks tab and clear all blocks.

            C 1 Reply Last reply Reply Quote 0
            • C Offline
              CDTech @Raffi_
              last edited by

              @Raffi_ thanks for that. I've been advised to try disabling the pfblocker snort rules elsewhere som in trying that now. If it doesn't work I'll try this next :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.