Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL vs IPV4

    pfBlockerNG
    2
    2
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      presence_eternal
      last edited by

      Is there a guide or thread explaining the basic differences between DNSBL vs IPV4 rules?

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        There are feeds that have a list of malicious IPs and there are feeds that have a list of ADvert domains and/or Malicious domains…

        So with IP blocking, you will block the whole IP addresses.
        With DNSBL, you will block the DNS request to those domains but this could be circumvented by accessing the literal IP address (unless those IPs are blocked in an IP block list).

        Sometimes an IP can host several domains (sometimes hundreds..), so with an IP block it would block access to all the domains on that IP.... But blocking via Domain name, you are limiting the blocking to the known Domains only.

        There are plus and minuses for both.... I find it best to block and deal with the False positives as the appear. You can suppress a Blocked IP and/or create a Permit rule to allow a blocked IP before a block rule takes effect. With DNSBL you can whitelist a domain.

        YMMV

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.