pfBlockerNG DNSBL Categories not working

Gertjan

@RonpfS For DNSBL to be enabled, it should be enabled. Sounds stupid, but very true.

Btw : I selected this 'porn' thing, and saw this at the top of the page, after validating :

what this means is that the list is typically huge.
"tld" condition apply : like this one eats Gigabytes of memory. If memory starts to fail, the rest of the list will get ignored.

edit : the porn list contains 730 000 entries - it's huge.

[ Shallalist_porn ]		 Downloading update [ 06/03/20 07:29:29 ] .
  IDN converted: [ sendesık.com ]	 [ xn--sendesk-wfb.com ].
  ----------------------------------------------------------------------
  Orig.    Unique     # Dups     # White    # TOP1M    Final                
  ----------------------------------------------------------------------
  727947   727947     449        0          0          727498               
  ----------------------------------------------------------------------

Because my pfSEnse only contains 2 Gbytes of memory,I had this message :

TLD analysis..xxxxxxx completed [ 06/03/20 07:32:18 ]

  ** TLD Domain count exceeded. [ 150000 ] All subsequent Domains listed as-is **

TLD finalize......................

as explained. For this list you'll be needing something like 4 GBytes or even more.

When everything works, you would be able to :

@jayb1 said in pfBlockerNG DNSBL Categories not working:

For example "porn" but then obvious porn sites are not blocked.

Always keep in mind that pfBlockerNG has no brains ^^
It just download for you a list that should represent sites of a certain kind. IP addresses keep changing all the time. Especially if they contain a lot of arguable content (and a lot of publicity). The people that created the list are doing this manually, as AI can't classify the entire Internet. So, false hits always exist.

jayb1

@RonpfS Sorry, did realise there was a pfBlockerNG forum section. Happy for a mod to shift it.

Yes, I've run multiple forced updates and reloaded DNSBL.

DBNSL is enabled.

The logs show no errors. Just the usual from the forced update.

 UPDATE PROCESS START [ 06/03/20 16:17:34 ]

===[  DNSBL Process  ]================================================

 Loading DNSBL Statistics... completed
 Loading DNSBL SafeSearch...  disabled
 Loading DNSBL Whitelist... completed

Clearing all DNSBL Feeds completed
TLD:
TLD analysis no changes

Saving DNSBL database... completed
Reloading Unbound Resolver..... completed [ 06/03/20 16:17:40 ]
DNSBL update [ 0 | PASSED  ]... completed
------------------------------------------------------------------------

===[  GeoIP Process  ]============================================


===[  IPv4 Process  ]=================================================

[ Abuse_Feodo_C2_v4 ]		 exists.
[ Abuse_IPBL_v4 ]		 exists.
[ Abuse_SSLBL_v4 ]		 exists.
[ BBC_C2_v4 ]			 exists.
[ CINS_army_v4 ]		 exists.
[ ET_Block_v4 ]			 exists.
[ ET_Comp_v4 ]			 exists.
[ ISC_1000_30_v4 ]		 exists.
[ ISC_Block_v4 ]		 exists.
[ Spamhaus_Drop_v4 ]		 exists.
[ Spamhaus_eDrop_v4 ]		 exists.
[ Talos_BL_v4 ]			 exists.

===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload
No Changes to Aliases, Skipping pfctl Update

 UPDATE PROCESS ENDED

It is blocking from my computer when I check that log, but I assume this is the IPv4 ad blocking?

Jun 3 16:12:38,1770008388,igb1,LAN,block,4,17,UDP,192.168.128.109,212.178.154.174,51149,18183,out,NL,pfB_PRI1_v4,212.178.154.174,CINS_army_v4,D4B29AAE.static.ziggozakelijk.nl,JASON,null,-
Jun 3 16:12:38,1770008388,igb1,LAN,block,4,17,UDP,192.168.128.109,212.178.154.174,51149,18183,out,NL,pfB_PRI1_v4,212.178.154.174,CINS_army_v4,D4B29AAE.static.ziggozakelijk.nl,JASON,null,-

I did have other groups enabled and it wasn't working, so I removed them all to simplify it and narrow down the problem (didn't help!).

Thanks for your time helping, it's much appreciated.

RonpfS

That's IP blocking.

It looks like it doesn't enable DNSBL, do you use the DNS Resolver ?

jayb1

@Gertjan thanks for you response.

I have 4GB of memory and it doesn't seem to be stressing that out with only a few computers on the network.

It's not showing a Shallalist log...

Perhaps I just delete pfBlockerNG and start again?

jayb1

@RonpfS said in pfBlockerNG DNSBL Categories not working:

DNS Resolver

Yes, the DNS resolver is on.

Gertjan

Extra info : I activated that 'porn' list.
unbound (the Resolver) never ended reloading- restarting.
No more DNS :> no more surf. I had to remove it ....

RonpfS

Try to un-tick Keep Settings, disable pfblockerNG, save Settings this will clear the DB.
Uninstall, Install again, reconfigure, etc, remember to click on all

jayb1

@RonpfS said in pfBlockerNG DNSBL Categories not working:

Try to un-tick Keep Settings, disable pfblockerNG, save Settings this will clear the DB.
Uninstall, Install again, reconfigure, etc, remember to click on all

This worked. I have no idea what was wrong with the first config.

RonpfS

@jayb1

gurpreets

category filtering not working when I enter custom domain it works, could you please help me do block things category wise