Sorry for my English.
I installed pfBockerNG-devel 3.0.0_16 and it blocks all porn sites It's good !
When the site is in http I see the pfBlockerNG page but when the site is in https I see an error page with code erreur : SSL_ERROR_INTERNAL_ERROR_ALERT.
Thanks for your help
Gertjan last edited by
The short answer : because no one** can break https = TLS.
If a web server want to connect to some 'p0rn-site-here.tld' and a web server, the one used by pfBlockerNG answers (because the DNS record matches a list) then the web browser tells you that that pfB web server, on your pfSense, does not have 'p0rn-site-here.tld' in it's certificate.
Which is understandable.
So, your web browser does not show the 'this site is blocked' page at all.
You might think : because 99,99 % of all traffic is https these days, is it useful to have this page 'this site is blocked' page being shown ?
Answer : of course not. It's something of the past. We see our browser telling us that 'there was an (cert !) issue'.
This is a TLS issue, not a pfBlockerNG issue ;)
** and the day some one breaks it, is the day that 'Internet' dies.
So if i understand it's not possible to display a web page displaying that the site is not allowed ?
fireodo last edited by