Hello first time poster looking for some help
I have at home and work PFsense with PFblockerNG installed. for GeoIP blocking
it seems after sometime or a reboot all traffic is blocked and disabling the GeoIP settings bring the internet traffic back.
at work we had some major know countries blocked then the issues started happening after we went to just north america just Deny inbound allow all outbound traffic
at home it the same since day one of installing it
if someone has any experience and can help I would be greatly Thankful
Tom has a good video explaining setup of pfBlockerNG. I gave up on DNSBL because of DoH, but I do use the IP and GeoIP filtering for home pfsense firewall. I ran into GeoIP blocking issues initially as well. Had to create a whitelist under IPv4 and watch the Reports/Alerts. Moved my whitelist to the top of the IPv4 Summary. My whitelist contains networks using CIDRs instead of host IPs. At first, I was enterring whitelist networks under the “IPv4 Custom_List” section of my whitelist. Later, I figured out how to create my one whitelist feed locally using the “Command Prompt” and “Edit File” function under “Diagnostics”. If you read the Guidelines note under IPv4 Source Definitions, it will give you a clue on how to create your own feed locally on the machine that you are running pfSense on. Basically, reference to /var/local/www/myfeeds/mywhitelist.txt. Doing this, I can manage my white list using a spreadsheet, export it to a text file in the proper format, and then upload it to /var/local/www/myfeeds/mywhitelist.txt. You can move it around locally and create local directors using the command prompt and you can even browse to it and edit it using the Edit File fuction.
As for changes made in pfBlockerNG and then things getting blocked after reboot, I suspect that you haven’t done an Update after you make your pfBlockerNG changes. Your changes won’t go into affect until an update is performed. The update runs on a cron schedule and at reboot. Your changes won’t get into pfsense until an update has run. The update basically updates the IP feeds you have selected, including the whitelist in my case, and then rebuilds the firewall rules. I use floating rules as Tom suggests. I suggest that you also make note of the “Firewall ‘Auto’ Rule Order” under the pfBlockerNG “IP” menu item. Rule order matters. I have my order set to process my pfB_Pass first, followed by pfB_Block, then pfSense Block(WAN)/Reject(LAN), then pfSense PASS/Match. Hope this helps. Cheers