Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfblockerng DNSBL not going to the block page

    Scheduled Pinned Locked Moved pfBlockerNG
    6 Posts 3 Posters 615 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      Dennis0612
      last edited by

      The redirection is successful, and blocked traffic is being directed to 10.10.10.1. However, instead of displaying the block page, the login page for pfSense is appearing. I have spent about an hour searching Google for a solution but haven't found much. I would greatly appreciate any help. I will upload any necessary settings to assist with troubleshooting.
      Screenshot 2024-08-16 152451.png
      Screenshot 2024-08-16 153728.png
      Screenshot 2024-08-16 152736.png

      GertjanG S 2 Replies Last reply Reply Quote 0
      • GertjanG Offline
        Gertjan @Dennis0612
        last edited by Gertjan

        @Dennis0612

        This :

        f69d90b4-919c-4010-a121-ac231b0ba89d-image.png

        is a major issue.

        [ and scrap the rest ]

        I was miss reading.

        When you point your browser to 10.10.10.1, what do you see ?

        I see this :

        eaf4e287-2e55-4e75-8409-c5ee3c553f4a-image.png

        => something like 10.10.10.1 is blocking itself ^^

        10.10.10.1 is not and can not be the GUI, who listining on 192.168.34.1 - your LAN.

        Btw : this "DNSBL Webserver" page only works well when you visit sites on the internet using http.
        Bad news, and you know it : these do not exist anymore. Google has stopped indexing them for years now.
        Most browser will emit big warning messages that you are visiting a web site using non encrypted traffic.

        Now : do the 1+1= ? test.

        What happens when you want to visit www.facebook.com
        and you have www.facebook.com on your DNSBL list.

        Do you think you'll see the image I've shown above ?
        I'll rephrase :
        Do you think that your browser who want to go to www.facebook.com, and receives an answer from "10.10.10.1" (or pfsense0.yourlocalhomedoman.tld with a self signed cert) will accept this answer from 10.10.10.1 without dropping a huge error message on the screen ?
        As this is pure Man In The Middle attack. And that's bad.

        So, you probably ask yourself : is this "DNSBL Webserver" page functionality use-full ?
        Noop, not at all. It worked well when everybody was http - and that's not the case anymore.
        https can't be redirected. You don't want it to be redirected. Like never.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        D 1 Reply Last reply Reply Quote 0
        • S Offline
          SteveITS Rebel Alliance @Dennis0612
          last edited by

          @Dennis0612 Is 10.10.10.0/24 an interface on pfSense? It needs to be unused.

          Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
          Upvote πŸ‘ helpful posts!

          D 1 Reply Last reply Reply Quote 0
          • D Offline
            Dennis0612 @Gertjan
            last edited by Dennis0612

            @Gertjan
            Thanks for the reply. I fixed the redirection by changing the pfblocker dnsbl listening ports. They were conflicting. After I did this I noticed the DNSBL server would just not start. So I went and forcefully started it with a command and received an output of β€œ libssl.so.30" not found, required by "pkg" so I did some googling and upgraded to 2.7.2 from 2.7.0 and this fixed the issue. Now everything is working how it should be. I know it’s not really useful I just wanted to mess around with it for fun.

            GertjanG 1 Reply Last reply Reply Quote 0
            • D Offline
              Dennis0612 @SteveITS
              last edited by

              @SteveITS Thanks for the reply. The redirection ended up being causes by conflicting ports. I have it working normally now.

              1 Reply Last reply Reply Quote 0
              • GertjanG Offline
                Gertjan @Dennis0612
                last edited by

                @Dennis0612 said in Pfblockerng DNSBL not going to the block page:

                β€œ libssl.so.30" not found, required by "pkg" so I did some googling and upgraded to 2.7.2 from 2.7.0 and this fixed the issue

                Classic.
                You've installed and/or upgrades pfSense packages without updating / upgrading pfSense fist.
                That breaks things.

                As soon as you decide to stay behind with pfSense, like keeping 2.7.0 while 2.7.2 is out, you can't / shouldn't update, install, upgrade packages anymore.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • GertjanG Gertjan referenced this topic on
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.