pfBlockerNG

• N

  Bypassing DNSBL for specific IPs
  • Ns8h  

  13
  1
  Votes
  13
  Posts
  5642
  Views

  H

  @yeleek Please note, if you do an update, disable and re-enable DNSBL that line will be modified again back to the standard entry. You will need to check each time and remove any leading "server:" to ensure your expected behavior works as expected. Just an FYI as it caught me out and is now part of my standard checks following any modifications to the configuration of my pfSense @ kevinmitky I am doing exactly what you described. I have my dnsbl view as the subnets and am specifying specific hosts on those subnets to bypass. These are Roku's devices that had news feeds that used block sites and I made a choice to allow it access for the convenience. Ensuring the host specific acl was before the subnet based ones was something I just do based on my background, but if you don't have it in that order, maybe that's an area to check. That and having to clear any host DNS caches made this a little more time consuming to test if I screwed up the config on pfSense :-)
• 

  Support pfBlockerNG development!
  • ivor  

  3
  2
  Votes
  3
  Posts
  3701
  Views

  A

  I can not wait to see how he is going to do the mass import for IP4 and DNSBL, I hope its just a simple text doc you can just upload just like you would a backup file on Ublock extension. Looking forward to it. I may have to get some more Ram lol only got 8 gig and I bet doing mass list imports will hit the Ram hard. Great work hope it's coming along well ;) Great job.
• K

  Thanks BBCAN177 !
  • Koent  

  5
  1
  Votes
  5
  Posts
  2726
  Views

  S

  As pointed out to me in another post. https://forum.pfsense.org/index.php?topic=139634.0
• 

  PfBlockerNG v2.1 w/TLD
  • BBcan177  

  123
  0
  Votes
  123
  Posts
  54234
  Views

  J

  Hi Thanks for this wonderful package and it helps me a lot. Do you have an updated list of torrent sites or movie downloading sites like yts? I can't block the whole YTS sites after enabling TLD and adding this to Blacklist. Anyone please.. Thank you
• 

  PfBlockerNG v2.0 w/DNSBL
  • BBcan177  

  1070
  0
  Votes
  1070
  Posts
  474186
  Views

  M

  @anttechs said in PfBlockerNG v2.0 w/DNSBL: Many thanks ;) You're welcome I disabled TLD because I had .com and most of the others in there Yeap, that would be it! Cheers
• W

  PfBlockerNG
  • wbennett77  

  1189
  0
  Votes
  1189
  Posts
  425582
  Views

  

  @BrettC: Hi, one thing i am noticing with pfBlockerNG is that it may be missing an end-double quote on its shell commands? No the quote is used in the grep command to find an exact match starting with the first quotation mark in the line…  The 502 error is being worked on...  The upcoming release doesn't seem to be affected by this and will hopefully be released shortly... Stay tuned!
• G

  File Download/Speed Test Locks Up pfSense
  • Grunt0307  

  2
  0
  Votes
  2
  Posts
  13
  Views

  G

  I assume the below will be useful, it's the summary information from my last full update: 69724 total 40061 /var/db/pfblockerng/deny/Alienvault_v4.txt 14250 /var/db/pfblockerng/deny/CINS_army_v4.txt 6181 /var/db/pfblockerng/deny/BDS_TOR_v4.txt 5174 /var/db/pfblockerng/deny/DNSBLIP_v4.txt 1465 /var/db/pfblockerng/deny/ET_Comp_v4.txt 847 /var/db/pfblockerng/deny/ET_Block_v4.txt 558 /var/db/pfblockerng/deny/ISC_1000_30_v4.txt 441 /var/db/pfblockerng/deny/Abuse_Feodo_C2_v4.txt 332 /var/db/pfblockerng/deny/Abuse_IPBL_v4.txt 134 /var/db/pfblockerng/deny/BBC_C2_v4.txt 107 /var/db/pfblockerng/deny/Abuse_Zeus_v4.txt 96 /var/db/pfblockerng/deny/Spamhaus_eDrop_v4.txt 72 /var/db/pfblockerng/deny/Abuse_SSLBL_v4.txt 5 /var/db/pfblockerng/deny/ISC_Block_v4.txt 1 /var/db/pfblockerng/deny/Spamhaus_Drop_v4.txt ====================[ Empty Lists w/127.1.7.7 ]================== Spamhaus_Drop_v4.txt ===[ DNSBL Domain/IP Counts ] =================================== 577637 total 169469 /var/db/pfblockerng/dnsbl/hpHosts_EMD.txt 117809 /var/db/pfblockerng/dnsbl/hpHosts_FSA.txt 115592 /var/db/pfblockerng/dnsbl/hpHosts_PSH.txt 31567 /var/db/pfblockerng/dnsbl/AntiSocial_BD.txt 25522 /var/db/pfblockerng/dnsbl/MDS.txt 17979 /var/db/pfblockerng/dnsbl/hpHosts_PUP.txt 17508 /var/db/pfblockerng/dnsbl/Shallalist_spyware.txt 8709 /var/db/pfblockerng/dnsbl/Shallalist_adv.txt 8376 /var/db/pfblockerng/dnsbl/hpHosts_PHA.txt 8306 /var/db/pfblockerng/dnsbl/hpHosts_ATS.txt 7548 /var/db/pfblockerng/dnsbl/Abuse_URLBL.txt 6456 /var/db/pfblockerng/dnsbl/Spam404.txt 6054 /var/db/pfblockerng/dnsbl/SWC.txt 4708 /var/db/pfblockerng/dnsbl/Cameleon.txt 4410 /var/db/pfblockerng/dnsbl/Shallalist_adv_v4.ip 3916 /var/db/pfblockerng/dnsbl/CoinBlocker_All.txt 2532 /var/db/pfblockerng/dnsbl/SFS_Toxic_BD.txt 2523 /var/db/pfblockerng/dnsbl/MDS_Immortal.txt 2377 /var/db/pfblockerng/dnsbl/EasyPrivacy.txt 1983 /var/db/pfblockerng/dnsbl/hpHosts_MMT.txt 1900 /var/db/pfblockerng/dnsbl/Abuse_DOMBL.txt 1707 /var/db/pfblockerng/dnsbl/SBL_ADs.txt 1505 /var/db/pfblockerng/dnsbl/D_Me_ADs.txt 1335 /var/db/pfblockerng/dnsbl/Shallalist_spyware_v4.ip 1048 /var/db/pfblockerng/dnsbl/hpHosts_EXP.txt 1034 /var/db/pfblockerng/dnsbl/hpHosts_WRZ.txt 999 /var/db/pfblockerng/dnsbl/MDL.txt 941 /var/db/pfblockerng/dnsbl/EasyList.txt 894 /var/db/pfblockerng/dnsbl/Shallalist_tracker.txt 726 /var/db/pfblockerng/dnsbl/Yoyo.txt 698 /var/db/pfblockerng/dnsbl/BBC_DC2.txt 463 /var/db/pfblockerng/dnsbl/MVPS.txt 305 /var/db/pfblockerng/dnsbl/hpHosts_HFS.txt 268 /var/db/pfblockerng/dnsbl/hpHosts_GRM.txt 165 /var/db/pfblockerng/dnsbl/hpHosts_HJK.txt 96 /var/db/pfblockerng/dnsbl/EasyList_Adware.txt 61 /var/db/pfblockerng/dnsbl/Adaway.txt 58 /var/db/pfblockerng/dnsbl/Abuse_URLBL_v4.ip 48 /var/db/pfblockerng/dnsbl/Abuse_Zeus_BD.txt 19 /var/db/pfblockerng/dnsbl/D_Me_Tracking.txt 11 /var/db/pfblockerng/dnsbl/Shallalist_tracker_v4.ip 5 /var/db/pfblockerng/dnsbl/EasyList_v4.ip 5 /var/db/pfblockerng/dnsbl/Abuse_CW_C2.txt 1 /var/db/pfblockerng/dnsbl/EasyPrivacy_v4.ip 1 /var/db/pfblockerng/dnsbl/D_Me_Malv.txt 0 /var/db/pfblockerng/dnsbl/ISC_SDH.txt 0 /var/db/pfblockerng/dnsbl/D_Me_Malw.txt 0 /var/db/pfblockerng/dnsbl/Abuse_TC_C2.txt ====================[ IPv4/6 Last Updated List Summary ]============== Jun 18 07:01 Abuse_Zeus_v4 Jun 21 12:25 Spamhaus_Drop_v4 Jun 23 14:38 Spamhaus_eDrop_v4 Jun 23 23:29 ET_Block_v4 Jun 23 23:29 ET_Comp_v4 Jun 24 13:02 ISC_1000_30_v4 Jun 25 00:06 DNSBLIP_v4 Jun 25 14:48 CINS_army_v4 Jun 25 15:12 BBC_C2_v4 Jun 25 15:46 Alienvault_v4 Jun 25 15:55 Abuse_IPBL_v4 Jun 25 16:00 Abuse_Feodo_C2_v4 Jun 25 16:00 Abuse_SSLBL_v4 Jun 25 16:00 BDS_TOR_v4 Jun 25 16:00 ISC_Block_v4 ====================[ DNSBL Last Updated List Summary ]============== Jul 31 2015 D_Me_Tracking Mar 9 2016 D_Me_ADs Jan 19 2018 hpHosts_HFS Jan 20 2018 Adaway Mar 18 2018 Cameleon May 25 2018 hpHosts_EXP Nov 1 2018 hpHosts_HJK Nov 15 2018 hpHosts_GRM Nov 29 2018 MDS_Immortal Dec 30 03:10 hpHosts_MMT Feb 21 11:45 MDL May 24 17:05 hpHosts_WRZ May 31 22:27 Spam404 Jun 5 04:11 Yoyo Jun 8 12:01 UT1_ddos Jun 8 12:01 UT1_malware Jun 8 12:01 UT1_phishing Jun 8 12:01 UT1_publicite Jun 8 12:01 UT1_warez Jun 11 14:05 MVPS Jun 12 07:18 hpHosts_ATS Jun 12 09:23 hpHosts_EMD Jun 13 04:32 CoinBlocker_All Jun 15 00:01 Abuse_Zeus_BD Jun 18 17:08 MDS Jun 20 17:34 hpHosts_PHA Jun 21 00:47 SWC Jun 21 16:43 hpHosts_PUP Jun 24 07:41 SBL_ADs Jun 24 16:53 hpHosts_FSA Jun 24 17:14 hpHosts_PSH Jun 24 19:01 Shallalist_adv Jun 24 19:01 Shallalist_spyware Jun 24 19:01 Shallalist_tracker Jun 24 23:04 ISC_SDH Jun 24 23:12 BBC_DC2 Jun 24 23:17 AntiSocial_BD Jun 24 23:21 D_Me_Malw Jun 24 23:21 D_Me_Malv Jun 24 23:41 EasyPrivacy Jun 24 23:50 EasyList_Adware Jun 24 23:50 EasyList Jun 24 23:55 Abuse_DOMBL Jun 24 23:55 Abuse_CW_C2 Jun 24 23:59 SFS_Toxic_BD Jun 25 00:00 Abuse_URLBL Jun 25 00:00 Abuse_TC_C2 =============================================================== Database Sanity check [ PASSED ] ------------------------ Masterfile/Deny folder uniq check Deny folder/Masterfile uniq check Sync check (Pass=No IPs reported) ---------- Alias table IP Counts ----------------------------- 69724 total 40061 /var/db/aliastables/pfB_PRI2_v4.txt 18308 /var/db/aliastables/pfB_PRI1_v4.txt 6181 /var/db/aliastables/pfB_TOR_v4.txt 5174 /var/db/aliastables/pfB_DNSBLIP_v4.txt pfSense Table Stats ------------------- table-entries hard limit 400000 Table Usage Count 182125 UPDATE PROCESS ENDED [ 06/25/19 16:35:41 ]
• G

  Customizing Error Page
  • Grunt0307  

  17
  0
  Votes
  17
  Posts
  460
  Views

  R

  not work for me.
• 

  Make sure good connectivity from other countries
  • chudak  

  14
  0
  Votes
  14
  Posts
  138
  Views

  N

  You can drag the rules to suit, they are only re ordered when you add new rules or modify. Also you can define how they're added:- Or you could use pfBlockerNG to create aliases then roll your own firewall rules.
• A

  DNSBL Out of Sync after reloads/updates
  • aograin  

  8
  0
  Votes
  8
  Posts
  74
  Views

  A

  @BBcan177 Everything looked good and had the appropriate check box checked. I saved the existing DNS Resolver settings and that seemed to correct the issue. Didn't see anything in the logs that stood out. Saving DNSBL database... completed Reloading Unbound Resolver..... completed [ 06/18/19 20:40:10 ] DNSBL update [ 515852 | PASSED ]... completed Adding to existing Unbound custom options I'll consider this issue closed. Thank you for the support.
• F

  DNSBL, list dns calls not blocked
  • FlyingSnow  

  3
  0
  Votes
  3
  Posts
  38
  Views

  F

  @BBcan177 Thank you for the update! It looks nice. Keep up the good work!
• S

  Custom pfBlockerNG rule order
  • slim2016  

  8
  0
  Votes
  8
  Posts
  83
  Views

  S

  Just out of curiosity is not possible to place NAT/Port Forwarded rules to be placed in Floating Rules automatically or moved to floating rules?
• J

  export pfBlocker logs incl feed name via syslog.
  • jacol  

  5
  0
  Votes
  5
  Posts
  81
  Views

  J

  Hi BBcan177 Output below: Array ( [126.38.200.66] => <------- this is the WAN interface [10.67.11.1] => lan [10.67.14.1] => opt1 [192.168.4.1] => opt2 [10.2.2.1] => opt3 [149.232.195.165] => opt4 [113.150.207.208] => thebeach [10.67.11.18] => ts [10.67.11.133] => twitter [10.67.11.115] => unifi [10.67.11.106] => unimed [10.67.11.28] => vetmaster <------- this host defined under DNS resolver with Description [46.161.73.84] => <------- this host defined under DNS resolver with OUT Description [10.67.11.128] => [10.67.11.105] => [10.67.11.118] => [10.67.11.134] => [10.67.11.137:25] => } I had a host name defined under DNS resolver, But no REMARK, after I added a remark it seems to work correct. many thanks !
• A

  Download/Update Feeds Error
  • arian_0098  

  9
  0
  Votes
  9
  Posts
  166
  Views

  

  @arian_0098 said in Download/Update Feeds Error: cURL Error: 28 Something is causing the timeout on your box... In the pfSense Resolver increase the "Log Level" to "2", and then review the "resolver.log" for the timestamp of the next updates, and see if you see any clues... also check the pfSense system.log for the same timestamps...
• G

  Does anyone know what these threat alerts are in list BBcan177/MS-1?
  • guardian  

  2
  0
  Votes
  2
  Posts
  63
  Views

  

  @guardian said in Does anyone know what these threat alerts are in list BBcan177/MS-1?: It's pretty rare that I see anything from the list BBcan177/MS-1, but I saw a couple of alerts today. According to the source on github: https://gist.github.com/BBcan177/bf29d47ea04391cb3eb0/ the list was last active Apr 23, 2019, so maybe it's no longer current. The alerts were: (I added the whois below) 192.0.78.25:443 unknown (OrgName: Automattic, Inc) 205.185.216.10:443 map2.hwcdn.net (OrgName: Highwinds Network Group, Inc.) 192.0.78.25 was under a section headed by: https://twitter.com/benkow_ and 205.185.216.10 was under a section headed by: https://twitter.com/pancak3lullz but neither twitter feed showed anything obvious. I know this is one of BBCAN177's manually curated lists, so I'm hoping either @BBcan177 or someone else here on the forum can advise. From the Reports/Alerts Tab, click on the blue infoblock icon for Threat Source Lookups: https://dnslytics.com/ip/192.0.78.25 https://pulsedive.com/indicator/?iid=34202&ioc=MTkyLjAuNzguMjU= Some passive DNS Resolution for that IP: https://www.virustotal.com/gui/ip-address/192.0.78.25/relations This IP will be removed from the Feed. Also note, in the MS_? Feeds, when the source was from a tweet, the Tweet ID is listed as a comment. Some of the older entries didn't have this reference. For this IP: 205.185.216.10, it has a tweet reference: https://twitter.com/pancak3lullz/status/746040971675131906 https://dnslytics.com/ip/205.185.216.10 https://pulsedive.com/indicator/?iid=34167&ioc=MjA1LjE4NS4yMTYuMTA= Some passive DNS Resolution for that IP: https://www.virustotal.com/gui/ip-address/205.185.216.10/relations https://securitytrails.com/list/ip/205.185.216.10?page=1
• G

  How to selectively bypass DNSBL
  • guardian  

  6
  0
  Votes
  6
  Posts
  81
  Views

  G

  @provels said in How to selectively bypass DNSBL: @guardian Blind squirrel finds nut! Pictures at 11! Sorry, but that one went over my head.
• J

  Selected Category from Shalla List
  • jeaman16  

  2
  0
  Votes
  2
  Posts
  47
  Views

  J

  Thanks Sir BBcan177 for wonderful sharing and creation. This concern is now resolve. For those newbie like me, please see below answer from Sir BBcan: "BBcan177 Its in the DNSBL Category Page... Enable Shallalist, and then click the checkboxes for the categories that you want to enable. Best to enable "TLD" option in the DNSBL Tab so that it wildcard blocks all domains/subdomains. Click on the blue infoblock icons for some more details for each option. Hope that helps get you started! A good tutorial: https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/ https://mitky.com/pfblockerng-pfsense-filter-specific-clients-computers-network/ Also check out Reddit: https://www.reddit.com/r/pfBlockerNG/" Thanks
• A

  Issues with resolving and no internet access..
  • AR15USR  

  14
  0
  Votes
  14
  Posts
  655
  Views

  A

  @BBcan177 Thanks for getting back. I am positive the site(s) are NOT in DNSBL, as I can eventually resolve them if I reload the browser page enough times. I will look through my rules. FYI I looked through the Resolver logs and did not see any errors. I am not using a proxy FYI.
• B

  pfBlocker only on specific ports
  • bose301s  

  13
  0
  Votes
  13
  Posts
  75
  Views

  

  @bose301s said in pfBlocker only on specific ports: would like to use the GeoIP lists to block bad traffic from my two open ports At the bottom of all GeoIP and IPv4/6 pages for each Alias/Group is "Advanced Inbound/Outbound Firewall Rule Settings" which you can use to refine the Auto Type rules to add Ports/Destination IPs etc.... or follow the other recommendations to use "Alias type" and manually create the rules as required.
• S

  DNSBL Enable TLD RAM/freezing issues
  • sjtorrie  

  6
  0
  Votes
  6
  Posts
  430
  Views

  S

  @sjtorrie I managed to add a SWAP to my install and this has seemed to of fixed my issues. I know this is a dated post but this may resolve your/others issues of locking up and the potential of using more DNSBLs. Regards
• 

  Unbound
  • Qinn  

  4
  0
  Votes
  4
  Posts
  159
  Views

  A

  @BBcan177 Same Issue ... No solution?
• I

  Fixing PfBlocker-NG weak cipher and DH Strength Vulnerabilities
  • isolatedvirus  

  12
  0
  Votes
  12
  Posts
  262
  Views

  

  @isolatedvirus said in Fixing PfBlocker-NG weak cipher and DH Strength Vulnerabilities: people doing this without knowing the implications Dude - heheheehheh you have no freaking IDEA!!! heheheeheh that is a freaking given!!
• B

  [SOLVED] /tmp/rules.debug:42 Cannot allocate memory
  • BigSnicker  

  5
  0
  Votes
  5
  Posts
  103
  Views

  B

  @BBcan177 Even better. ;-)
• G

  Solved - How can I block specific sites PFBlocker
  • gacpac  

  7
  0
  Votes
  7
  Posts
  118
  Views

  G

  Thankss
• D

  pfblocker only blocking content on half the computers on the network
  • dgall  

  4
  0
  Votes
  4
  Posts
  73
  Views

  

  So you know you are not alone https://forum.netgate.com/topic/143959/i-got-the-wrong-default-server
• C

  I got the wrong default server
  • Chasire  

  3
  0
  Votes
  3
  Posts
  71
  Views

  

  @Chasire said in I got the wrong default server: I got one from google (8.8.8.8). edit => you figured it out already : good Still, read on, for some tips to enforce pfSense DNS usage. Easy solution : You should install DNSBL on Google DNS systems ;) Better solution : When you assign "8.8.8.8" to some PC, it will "8.8.8.8" as it's DNS, thus completely bypassing pfSense. Makes sense, right ? nslookup tells you what DNS server it's using. Your PC's should do have "pfSense" as your it's only DNS "server". It should receive the DNS requests, and handle upon them. Using DNSBL if yo have that installed. So, yet another example of "use the default values and you would have been good". Btw : you could even place firewall rules on LAN(s) that permit TCP & UDP port 53 requests, destination "pfSense" - and block right after that rule any other DNS request to "anywhere". As discussed in the manual. That would force every device to use pfSense - and the DNS filtering - or : the device wouldn't have DNS anymore. IMHO : if you think that you have to filter your DNS, I would strongly advice you to take "8.8.8.8" out of the equation right away. Your situation is like this : "something happens that you don't like, and now world's biggest company is also aware of that". And who is 192.168.123.2 ?
• C

  Blocking lists not working
  • Chasire  

  7
  0
  Votes
  7
  Posts
  67
  Views

  C

  @NogBadTheBad I did, I have update reloaded my DNSBL and still got the same result. I run squid in pfsense. My webbrowser is in the proxy. I think that has something to do with the problem.
• 

  pfBlockerNG-devel (2.2.5_23) - Unknow reason
  • Pucho  

  2
  0
  Votes
  2
  Posts
  148
  Views

  A

  what ever list you added your domain to, make it primary in the settings. so it will be applied first. and mybe you can post this on reddit r/pfBlockerNG bbcan will reply to pretty fast.
• T

  Pfblocker DSNBL causing some sites to not resolve
  • themadsalvi  

  15
  0
  Votes
  15
  Posts
  225
  Views

  T

  @BBcan177 @RonpfSI was able to trace it down to an open source firmware(gargoyle router firmware) on my wireless router that was not playing nice with my pfsense box. I do not know exactly how, or why, but the domain information that is used to get the blocks on the report page was not being forwarded correctly(or something else equally weird) to the pfsense box. When I reverted to the stock firmware on the router, it immediately began to report the domain blocks on the reports tab in pfblocker. Was strange, and unexpected. I have to thank BBcan177 so much for taking time out of his busy schedule to teamviewer with me today to continue to troubleshoot this issue. Thank you RonpfS as well for helping me in this matter.
• M

  pfBlocker | error(s) loading rules: /tmp/rules.debug:32: cannot load /var/db/aliastables/pfB_NAmerica_v6.txt
  • MOdesty  

  1
  0
  Votes
  1
  Posts
  34
  Views

  No one has replied

• S

  PfBlockerNG Not Blocking Porn
  • seanpruitt  

  24
  0
  Votes
  24
  Posts
  13400
  Views

  Y

  @BBcan177 said in PfBlockerNG Not Blocking Porn: Blocking porn is really difficult with DNSBL… There are millions of domains .... This you can do: Enable the TLD option, and add "xxx" to the TLD Blacklist customlist.... Then it will block any domain in the "xxx" TLD... In EasyList, there are Adult Popups that are blocked, but that just removes the Adult AD popups, and not the Adult sites themselves... A Proxy will be the best option to filter that type of content... SquidBlacklist/UT1 have some Adult categories which list quite a few Adult domains... Its not foolproof either.... Just be careful about MITM SSL issues... I would recommend OpenDNS. By the way, on Google you can do this: http://www.google.com/preferences.
• S

  Updated to pfBlockerNG-devel 2.2.5_23
  • silentnomad  

  3
  0
  Votes
  3
  Posts
  182
  Views

  S

  @RonpfS Thanks for that. Looking good!
• G

  pfblockerng not blocking https sites
  • greyv  

  2
  0
  Votes
  2
  Posts
  77
  Views

  G

  forgot to mention im using the devel release and i have tld enabled. found another thread that mentioned pinging the site should return the dnsbl vip address. when i ping www.pornhub.com i get back their actual address. when i ping pornhub.com i get back 0.0.0.0 . this is not the dnsbl vip address. any help would be great . thanks
• K

  Page works but refresh or “next page” hits DNSBL - only on iPad
  • keyser  

  9
  0
  Votes
  9
  Posts
  77
  Views

  K

  Well yes, ofcourse it works if I disable DNSBL, and it also works if I whitelist e1151.e12.akamaiedge.net (which is my current workaround). I know pfb_dnsbl.conf is created at update time, but currently the akamai entry is included in the config because it is present in the SBL_ADs feed (Hence my need to whitelist it). So I still don’t quite get what you are reffering to - as far as I can tell it is an Apple issue because iOS the second time around decides to lookup the original A record (akamai) for which www.anandtech.com is a CNAME. It seems my PC continues to lookup www.anandtech.com.
• Z

  DNSBL as content filter on a single NIC pfSense?
  • zonda  

  7
  0
  Votes
  7
  Posts
  173
  Views

  J

  @BBcan177 thanks for your reply. I solved the resolving of clients myself, when the pfSense appliance is not inline (e.g. router/firewall), you have to specifically allow access to the DNS Resolver to allow for DNS requests from outside (menu: Services \ DNS Resolver \ Access Lists). You might be right for the redirection page (I am on 2.4.4-p3), it does not show a page. The client webbrowser just hangs. As @zonda describes the reporting of DNSBL stats does not work either. So there is still some work to do. Anyone got reporting to work on a pfSense appliance that is not inline, but installed locally on the network with one interface (LAN) only?
• A

  Allowing AWS inbound using IPV4 Alias
  • automate  

  5
  0
  Votes
  5
  Posts
  48
  Views

  A

  @BBcan177 Fantastic thank you!
• S

  pfblockerng blocking chase.com shopping redirects... how to fix?
  • sho1sho1sho1  

  9
  0
  Votes
  9
  Posts
  224
  Views

  

  Anything that is blocked is visible in the Alerts Tab. You will need to view the reports tab while browsing to see what is getting blocked. You can whitelist from the Reports Tab. Also in pfBlockerNG-devel there is a lock/unlock icon that you can use to temporarily whitelist a domain to help determine if that domain is causing your issue. Keep in mind that you might need to clear the OS/Browser cache to remove any existing blocked domains.
• F

  IP Block Firewall Rules?
  • fvultee  

  5
  0
  Votes
  5
  Posts
  82
  Views

  

  @fvultee When you created PRI2-4, Alias did you enable the individual Feeds? and set the "Action" setting?
• M

  pfBlockerNG HTTPS Error
  • mark.mora  

  2
  0
  Votes
  2
  Posts
  90
  Views

  

  @mark-mora See this thread: https://www.reddit.com/r/pfBlockerNG/comments/azwpu2/dnsbl_webserver_https/
• T

  DNSBL not working, even with Resolver active
  • themadsalvi  

  5
  1
  Votes
  5
  Posts
  114
  Views

  E

  I did some troubleshooting and I honestly don't know exactly what the issue was but here is a list of steps I took to get it working again: General Setup Set loopback address on top followed by DNS IP(s) or leave everything blank if only using Unbound DNS Server Override unchecked Disable DNS Forwarder unchecked DNS Resolver Network Interfaces > only select local ints including LAN. DNS Query Forwarding unchecked DHCP Registration checked Static DHCP checked DHCP Server set your DNS Server to the LAN's IP int On each of your DHCP Clients Renew lease or perform a network reset On each of your Static Clients Use the IP int as DNS address