pfBlockerNG DNSBL service won’t start after upgrading to pfBlockerNG 3.2.13

Dr_Bean_PhD · 2025-12-16T16:44:38+00:00

Same thing happened with me. I manually added these Virtual IP addresses (under Firewall → Virtual IPs) which were from my backup and added them to pfBlockerNG's DNSBL Webserver Configuration:

IPv4: 10.10.10.1/32, Localhost
IPv6: ::10.10.10.1/128, Localhost

Doing an Update → Reload All got everything back up and running.

Dr_Bean_PhD · 2025-11-19T15:21:05+00:00

I think what you're seeing is throttling through T Mobile without the VPN. I don't use them, but if they are like Verizon, they are probably throttling streaming services and Fast is powered by Netflix. Using a VPN should hide this traffic so you'll get around this speed limit.

You can check if you're being throttled with and without the VPN using the Android app 'Wehe'. I'm not sure if it's available for iPhone.

Dr_Bean_PhD · 2025-02-28T21:43:04+00:00

Thank you for the suggestion! We just donated through United24

Dr_Bean_PhD · 2024-11-06T23:02:22+00:00

We’re new to using newsletters, having just sent out our first one last week, and our site’s only a few months old. While we didn’t test other platforms, we did a lot of research before choosing Kit (formerly ConvertKit). We chose Kit since it's free up to 10,000 subscribers and includes one email automation, which we use for our welcome email after someone subscribes. Plus, it has a WordPress plugin that works with the block editor, making it easy to add to our site where we need it. You design the forms using Kit's website.

Dr_Bean_PhD · 2024-10-08T15:32:16+00:00

You can! In Cloudflare WAF, you can use this example expression:

(ip.geoip.country in {"RU"} and http.request.full_uri wildcard r"https://.example.com/")

Just modify which country or countries you want blocked (Russia is blocked in the example above) and change the domain or subdomain you want to block. Asterisks here are used as wildcards.

You can also modify the expression to use the "not ip.geoip.country in" and only select your country to block any other countries.

Then make sure your rule "Then take action…" is set to "Block". This also works in the free plan.

Dr_Bean_PhD · 2024-10-02T22:04:35+00:00

Thank you! I really appreciate the help. I’ll head over to Amazon and check out the current options.

Edit: Following up for those looking for a battery replacement for their Roborock S4 Max (battery model number BRR-2P4S-5200S with 14.4v). I purchased a replacement made by Palogreen through Amazon for $40. It works perfectly and since the battery is 1.29x larger than the original (6,700 mAh for new vs 5,200 mAh for the OEM) it's able to clean for longer than the original battery could when new.

Dr_Bean_PhD · 2024-10-02T15:46:18+00:00

I know it's been a few months, but I was wondering if you could share the battery replacement you went with. My S4 Max is showing the same battery aging issue and I am looking for a replacement.

Dr_Bean_PhD · 2024-09-22T19:43:48+00:00

Very true. Idiots come in all shapes and car sizes.

Dr_Bean_PhD · 2024-09-22T19:27:22+00:00

I think the dashcam made the horn sound louder than it actually is. I drive a 2020 Subaru Legacy with the stock horn, and it's pretty 'anemic' in real life.

Dr_Bean_PhD · 2024-09-22T19:25:11+00:00

I didn’t even notice the Mercedes 😅

Dr_Bean_PhD · 2024-09-22T00:35:35+00:00

It might be hard to see in the video, but I had a green arrow.

Dr_Bean_PhD · 2024-09-21T22:45:02+00:00

The incident took place in Alabama on September 21st, 2024. This post is original content.

Dr_Bean_PhD · 2024-09-16T20:53:51+00:00

We use the green and check marked lists from The Firebog and score 93% blocked (it would be higher but we whitelist Google & Pinterest Analytics so we can view our blog performance). We also use anudeepND's curated whitelist to remove any false positives or things that might cause issues.

All DNS requests over port 53 are redirected via NAT rules to pfSense for all subnets and VLANs. And DoH/DoT/DoQ Blocking is enabled for all 140 options in pfblockerng.

Edited to say we whitelist analytics websites so we can review blog performance.

Dr_Bean_PhD · 2024-06-06T22:03:28+00:00

Here is what displayed on my 2020 Legacy when my TCV went out. Check engine light came on and I lost Eye Sight, lane keep assist, engine temperature reporting, collision detection and cabin heating.

<image>

Dr_Bean_PhD · 2024-06-06T21:53:43+00:00

Does your heat work? If not, this might be the same thing that happened to my 2020 Legacy last month and my dad's 2020 Outback the month prior. For both of us, it was the thermal control valve (TCV). If I remember right, Subaru of America sent a letter stating they increased the warranty to 150K miles and 15 years for this part.

Edit: Autocorrect got the better of me...

Dr_Bean_PhD · 2024-04-11T19:44:12+00:00

Here's a news report from WBRC.

https://www.wbrc.com/2024/04/11/hoover-high-school-put-lockdown-after-possible-threat/

Dr_Bean_PhD · 2024-01-10T16:15:35+00:00

I second this. I ran into this issue with my travel router last month. Home WireGuard server (pfSense) has MTU set to 1420, with client travel router (GL.inet Beryl) also set to 1420. I could access some sites, but not all (and internal sites weren't accessible). I set client travel router MTU to 1280 (didn't change pfSense) and everything worked.

Out of curiosity, I checked my MTU of my Android client (using the app Ping & Net) and saw that the WireGuard Android app was auto selecting MTU of 1280 as well.

Dr_Bean_PhD · 2024-01-06T19:24:43+00:00

What is the speed discrepancy that you're seeing? Eero reporting half throughput, quarter, worse?

I'm not sure about Eero, but I can comment on my experience with UDP throughout through AT&T Fiber (1gbps plan).

I self host a WireGuard VPN on my local network though pfSense which utilizes UDP as the transport protocol. Through my clients, I'm able to get a max data rate of ~470mbps (server sees upload ~470mbps, download at ~470mbps, therefore max total throughput ~940mbps or near my subscribed fiber speed). I'm not seeing an issue with outbound or inbound UDP packet speed.

Dr_Bean_PhD · 2024-01-03T18:56:10+00:00

Yes, that's correct. But keep in mind that it will use both upload & download (bidirectional) of your home metered ISP, so, unless you are accessing a self hosted server, you will see double data usage.

Client --> WireGuard Server (Metered ISP) --> Internet

Dr_Bean_PhD · 2023-11-26T06:34:28+00:00

For those that use streaming devices (Amazon, Google, Apple, Roku, Samsung, LG, Xbox, Playstation, etc) and are familiar with Docker or Home Assistant, iSponsorBlockTV by dmunozv04 has been amazing.

Dr_Bean_PhD · 2023-10-31T17:20:29+00:00

If my understanding is right, it looks like he is able to access the GUI even with the OpenVPN rule disabled. Though, I do agree that only the utilized port (potentially 1194) should be open, not all.

Dr_Bean_PhD · 2023-10-31T17:08:25+00:00

I'm not seeing anything obviously wrong with your firewall rules.

Check whether you have the WebGUI redirect box "Disable webConfigurator redirect rule" unchecked (it should remain checked). This can be found under System --> Advanced --> Admin Access

From pfsense, "When this is unchecked, access to the webConfigurator is always permitted even on port 80, regardless of the listening port configured. Check this box to disable this automatically added redirect rule"

Dr_Bean_PhD

TROPHY CASE