Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfblockerNG 2.0.17 woes

    Scheduled Pinned Locked Moved
    pfBlockerNG
    2
    3
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pftdm007
      last edited by

      Hello all,

      Since I upgraded to latest version of pfblockerNG and pfsense I noticed pfblockerNG no longer works as it should.

      First issue (to be confirmed it is):
      I am pretty sure I had several aliases under ipv4 and each alias had several lists.  Now I just noticed that all lists are grouped under a single alias and most of the lists have the same identifiers (or whatever the last column on the right is used for).  Since I am not 100% sure the lists were separated in multiple aliases I cannot confirm this as an issue but I wonder if this will work???

      Second issue:
      I am also using DNSBL, I managed to create several feeds each pointing to a text file stored on a remote server on LAN.  pfblockerNG does not report problems to retrieve these lists.  The issue is that in my lists I am using web adresses without the "www." part.  For example

      oracle.com
instagram.com
pinterest.com
virtualbox.com
dailymail.co.uk
liveleak.com
somalinet.com

      If I remember correctly, I had to truncate the "www." otherwise pfblockerNG wouldn't work with the adresses.  Anyways now, pfblockerNG blocks the sites, but if I add the "www." part in the browser's address bar, the website is no longer blocked by pfblockerNG.

      For example, in one feed I have "facebook.com".  If I enter "facebook.com" in a web browser, I get a blank page with a single white pixel at the center (I assume pfblockerNG works).  If I enter "www.facebook.com", it just loads no problem.  I confirm this is true for everything in my feeds.  I tried adding an entry such as "www.facebook.com" in my feed source, but I still can access the site.

      Third issue:
      There are a few sites in my DNSBL feeds that I can access although they are in my DNSBL feeds.  For example pinterest.com even if it is added in my feeds as "pinterest.com".

      I am not sure how to debug this or if this is due to misconfig or a corruption between upgrades??

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Ensure that you are using a unique Header/Label for each List in the IPv4 tab.

        DNSBL will block only the listed Domain, and not any Sub-Domains… So if www.example.com is listed, then that is what gets blocked, and not example.com (and vice-versa)....

        The new pending 2.1.1 version will have TLD feature which will allow for the blocking of the entire Domain/Sub-Domains...

        See this thread:
        https://forum.pfsense.org/index.php?topic=115357.0

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • P
          pftdm007
          last edited by

          BBCan177 you're quick to reply!!!  THanks!

          Yes I have modified the headers/labels (thats the name I was searching for…) to be unique ones.

          Is it just normal for me to find all my lists under a single Alias named "CustomBlockedLists"??  I really do not remember to have merged everything like that, unless I was drunk?  :o

          Looking forward to the TLD feature in pfblockerNG!!  This will save us from entering multiple domains, and simplify things...

          Thanks again!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post