I'm trying to use the same GeoIP alias file " domain_whitelist_v4" in a DNSBL Group Feed source definition to not take action/block on.
The URL I set of the DNSBL group feed source definition is https://127.0.0.1:443/pfblockerng/pfblockerng.php?pfb=pfB_domain_whitelist_v4.txt
I have the action set to "Disabled" instead of Unbound.
I figure that If I update the GeoIP alias "domain_whitelist_v4" section, that I do not have to then also update the DNSBL Whitelist section too since their (DNSBL & GeoIP) are both referencing the same domain name list (domain_whitelist_v4). Instead I have to update in 2 places for domain reachability sometimes depending if its also being blocked via GeoIP
Ideally, I don't want to remove all filtering for some clients, but instead I'd like to update one alias file that covers both DNSBL (permit) and GeoIP (permit)
I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension.
Looking forward to it.
I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard.
It would be really cool if it could automatically update the blocked TLDs based on the spamhaus statistics (https://www.spamhaus.org/statistics/tlds/) on a regular schedule. I realize that this may be more difficult than it sounds as I cant seem to find a spamhaus TLD feed, just a website. But if we dont dream then it will never happen!
Even if you had the RAM space so you could use xx zillion size DNS lists, you still do not want to do this. Other problems will pop up.
Python is already much faster as when tpfBlockerng-devel reloads unbound, but, still loading every host name in a xx xxx xxxx size file will take time. Time needed for every domain name lookup.
Some times is just easier to not to deal deal with the lists : I'll propose, for once, an external resolver like OpenDNS. Get an account with them, and activate the options you want, and have them deal with it.
And even that will no be a permanent solution. The porn lovers on your LAN will figure out that XyXyXVPN can help them, and you won't be able to see anything any more.
The best solution would be : don't give porn lovers access to your network ;)
And also : as long as it is porn, it isn't guns, knives, cocaine, human trade etc.
The block is for the kids, I don't want them to stumble across anything. While we are activley involved in teaching what is OK to look at and what isn't, accidents happen. We do have search engine safe mode forced as well.
I have considered having a VLAN set up for their devices and forcing a family safe DNS.
@steveits thats what it is. It was the OISD feed. Once removed the error went away and I now see my custom list being used as well solving another issue i posted.
This feels like a bug as the memory was never reaching close to 4GB (4100 Max). There should still be plenty of memory available for the OISD feed. @BBcan177 can chime in if he has free cycles.
So just the list containing a bunch of obsolete domains?
Not sure how many domains in that list are obsolete, and if that was the issue, however, what led me to actually remove the list is the fact that there are tons of legit domains in that list that pfBlocker was blocking. If you check the list, you will see asus.com and sony.com in there. And there is absolutely no reason to blacklist those sites. They are legit.
Then I thought this was actually a whitelist that i was using as blacklist, but then you find all those porn sites in there and tons of other entries that are present in legit block lists. Its a mess.
;; QUESTION SECTION:
;v10.events.data.microsoft.com. IN A
;; ANSWER SECTION:
v10.events.data.microsoft.com. 3600 IN CNAME global.asimov.events.data.trafficmanager.net.
global.asimov.events.data.trafficmanager.net. 3600 IN CNAME onedscolprdwus11.westus.cloudapp.azure.com.
onedscolprdwus11.westus.cloudapp.azure.com. 3600 IN A 184.108.40.206
@anna-count It's probably expected.
I guess the question would be "Why would you want to block a point to point?" but that's just a guess.
I use /31's for my VPN connections so pfSense does work with them but pfBlocker probably does not.
Just a guess though.
@gertjan Thanks again. Since I dont have 2.6 running but am interested once the problems I have are resolved allow me to ask whether with 2.6 it will find the ASN number (as 2.5.2 did) as I type in the domain name. Or do I have to go and find the ASN number first. Parry
@provels It depends on whether one leaves the tab open as I do and how often one post to the site. If one goes to more when logged into account Settings and privacy > Ads preference > Interest, you could see thousands of interest Twitter Algorithm selected base on one's interaction with each tweet. I even selected that I don't want to see ads. So, there is a browser container add on from Github to prevent cookie snooping.
I've looked at the the wonderful pfB reports for dnsbl but not sure how we can obtain the same data to be emailed out on a daily basis.
pfBlocker might write this into log files. You can use the mailreport package to send the log to you.
mailreport also lets you apply a filter to the file, so you can limit the lines to the actual date or to specific errors or whatever you want.
I tried this with the dnsbl.log and switched off VIP mode to NULL (0.0.0.0) which logs it into the file. However, I am seeing LARGE discrepancies between what the report shows for a 24 hour period vs what the log shows when I parse it. I even wrote a simple script to give me some data from the log and in fact do use the email reporting tool for that output but once again huge differences.