TLD processing with pfBlockerNG-devel v3.1.0_4

Leonardo 2

Dear Community,

I included UT1 feed to block adult sites and enabled Wildcard Blocking (TLD) option with Unbound python mode.

I tried some tests to understand how pfBlockerNG manage domains and sub-domains.

In the UT1 adult's list there is domains like you..orn.com or animalyou..orn.com and gratisyou..orn.com and I expected all of these are managed il the same manner.

Instead only animalyou..orn.com is inserted in pfb_py_zone.txt, others in pfb_py_zone.txt.

As a result if I search for www.you..orn.com I not obtain the virtal-IP but the public IP and I can view the site.

There is a reason for this?

Thank you

mare

I have exact same problem

youp...n.com
po...hub.com

are blocked.

www.youp...n.com
www.po...hub.com

are accessible.
TLD enabled.

This is a big problem.

How do I fix this? Non-devel version worked without problem.

mare

Any suggestions or support? No other people with the same problem?

Gertjan

@leonardo-2 said in TLD processing with pfBlockerNG-devel v3.1.0_4:

In the UT1 adult's list there is

This list :

?

Read :

This is an Advanced process to determine if all Sub-Domains should be wildcard blocked for each listed Domain.
Click infoblock before enabling this feature! 
Definition: TLD -  represents the last segment of a domain name. IE: example.com (TLD = com), example.uk.com (TLD = uk.com)

When enabled and after all downloads for DNSBL Feeds have completed; TLD will process the Domains.
TLD uses a predetermined list of TLDs, to determine if the listed Domains should be wildcard blocked (Block all sub-Domains).
The predetermined TLD list can be found in  /usr/local/pkg/pfblockerng/dnsbl_tld

To exclude a TLD/Domain from the TLD process, add the TLD/Domain to the TLD Exclusion custom list:
• This only excludes the domain from the TLD process, it doesn't whitelist the domain.
• Only the specific Sub-Domains/Domains listed in the DNSBL Feeds will be blocked.
• A Force Reload - DNSBL, is required after manually adding to the TLD Exclusion

Note:  Whitelisting a "sub-Domain" for a TLD Blocked "Domain" in the Custom Domain Whitelist will not whitelist a TLD Wildcard Blocked domain!
    Either add the domain to the TLD Exclusion, or wildcard Whitelist the whole domain.

TLD Blacklist, can be used to block whole TLDs.  IE: xyz
When Enabling/Disabling this option, a Force Reload - DNSBL is required.

And when you and observe a force reload of pfblockerng-devel, do you see this :

Note the x's

My advise : when the x's show up, stop uisng "Wildcard Blocking (TLD)" or use smaller feed/lists.

@leonardo-2 said in TLD processing with pfBlockerNG-devel v3.1.0_4:

is inserted in pfb_py_zone.txt, others in pfb_py_zone.txt

That's just pfb_py_zone.txt ;)