This is an old revision of the document!

PFSense - pfBlockerNG - Troubleshooting - DNS slow or unresponsive

Increase the Firewall Maximum Table Entries.

Navigate to System →Advanced → Firewall & NAT.

In Firewall Advanced:

NOTE: This value defines the maximum number of entries that can exist inside of address tables used by the firewall.

These entries include blocked addresses, bogons, aliases, ssh/GUI lockout records, hosts blocked by Suricata / Snort alerts, and so on.

By default this is 200,000 entries; which is usually way too low.

Reload pfBlockerNG

Navigate to Firewall → pfBlockerNG → Update.