Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNSBL custom_list not working as expected

    Scheduled Pinned Locked Moved
    pfBlockerNG
    3
    5
    167
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Overlord
      last edited by

      Hey guys

      I have several Domains I have to block.

      1. I created a DNSBL Group with Custom name and action "Unbound"
      2. I added only the entries under "DNSBL Custom_List" - I added the followed entries:
      • heise.de
      • heise.com
      • amazon.com
      • amazon.de
      • tarnkappe.info
      • yahoo.com
      1. I did a "DNSBL reload"

      So I expected that all should be blocked and the IP and webpage should be redirected to my pfSense. But it's not:

      • heise.de
        -- nslookup still on heise IP
        -- Webpage is loading
      • heise.com
        -- Ping redirected to 10.10.10.1
        -- Webpage redirected to pfSense pfBlocker DNSBL Page
      • amazon.de / amazon.com
        -- Ping redirected to 10.10.10.1
        -- Webpage redirected to pfSense pfBlocker DNSBL Page
      • tarnkappe.info
        -- nslookup still on tarnkappe IP
        -- Webpage is loading
      • yahoo.com
        -- Ping redirected to 10.10.10.1
        -- Webpage redirected to pfSense pfBlocker DNSBL Page

      So it's randomly. I tried to reload DNSBL two more times, but same result. I checked with my existing rules (like Easy List) and add the custom DNSBL_List there, but I had the same result. I tried another pfSense firewall (from another location) and I had the same result.

      Is the DNSBL Custom_List not working as expected, it is a bug or something?

      Greetz
      Ovrld

      S 1 Reply Last reply Reply Quote 0
      • provelsP
        provels
        last edited by provels

        Did you flush DNS before testing?
        You might want to precede the domain names with a leading " . " to include subdomains , i.e.,

        .amazon.com

        Peder

        MAIN - pfSense+ 24.03-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

        O 1 Reply Last reply Reply Quote 0
        • O
          Overlord @provels
          last edited by

          @provels
          Yes I did it all the time - just to be sure, because I did not understand why it's not working or working like this (randomly). And the list I would like to push inside has .for the subdomains. But to be sure if it's working like this, I added only a couple of random sites to test

          1 Reply Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @Overlord
            last edited by

            @Overlord said in DNSBL custom_list not working as expected:

            DNSBL reload

            Reload or force update?

            My experience was basically unrelated to your goal, but still odd...in order to get DNSBL SafeSearch to work, I found I had to create a bogus DNSBL group with something as a custom list, otherwise a pfB update wouldn't load the SafeSearch settings by itself.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            O 1 Reply Last reply Reply Quote 0
            • O
              Overlord @SteveITS
              last edited by Overlord

              @SteveITS
              I tried both - Update and Reload. I'm just wondering that not all of the domains in my list where blocked.

              Edit:
              I tried again. The first time nothing happened. I tried again a reload for all and then:

              -1th webpage got an certificate error "net::ERR_CERT_AUTHORITY_INVALID" (the certificate had the pfSense details inside)

              -all other webpages are working^^

              For me seems that this plugin/plugin is absolutely broken

              1 Reply Last reply Reply Quote 0
              • First post
                Last post