• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PfBlockerng googleadservices

Scheduled Pinned Locked Moved pfBlockerNG
16 Posts 3 Posters 16.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C Offline
    cooLopke
    last edited by Feb 22, 2017, 4:07 PM Feb 22, 2017, 3:30 PM

    @BBcan177:

    First step is to make sure that your LAN device has its DNS settings only pointing to pfSense… This way all DNS requests are filtered. If you add a domain to the whitelist from the Alerts Tab, it takes effect immediately. Adding a domain manually to the whitelist, requires a "Force Reload - DNSBL"...

    Once you have whitelisted a Domain, your browser/os might still be caching the domain address... So you should clear the browser/os cache...

    There are others lists that can be added to DNSBL... More posted in the same thread...

    If you see an AD that gets thru, right-click on it, then select "inspect" and if its a domain as the src of the AD, then that can be added to a DNSBL Customlist to block it...

    Hello BBCan,

    Thanks for your reply.

    googleadservices.com is blocked by the hpHost_ads DNSBL Feed, however the advertising links are still appearing when I search something in google. If I click on inspect element, I see http://www.googleadservices.com/pagead/…..

    Any ideas? I don't have TLD enabled.

    Thanks in advance.

    edit: enabled TLD, still the same result, advertising elements appearing in google. Any help on this? When I click on the elements then it's a blank screen, so it's blocked, but the elements itself are still appearing.
    Also my DNS is pointing to pfsense + i've reloaded the DNS Feeds and forced the update + Cleared cache + I've also even rebooted pfsense.

    1 Reply Last reply Reply Quote 0
    • B Offline
      BBcan177 Moderator
      last edited by Feb 22, 2017, 4:14 PM

      example.com            (domain)
      www.example.com    (Sub-domain)…

      So without TLD, you have to block all variations..
      With TLD, if example.com is blocked, then all Sub-domains are also blocked…

      Did you run a    Force Reload - DNSBL    for the    TLD    change to take effect?

      "Experience is something you don't get until just after you need it."

      Website: http://pfBlockerNG.com
      Twitter: @BBcan177  #pfBlockerNG
      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

      1 Reply Last reply Reply Quote 0
      • C Offline
        cooLopke
        last edited by Feb 22, 2017, 4:22 PM

        @BBcan177:

        example.com            (domain)
        www.example.com    (Sub-domain)…

        So without TLD, you have to block all variations..
        With TLD, if example.com is blocked, then all Sub-domains are also blocked…

        Did you run a    Force Reload - DNSBL    for the    TLD    change to take effect?

        Force reload - DNSBL where can I find that? I can only find the restart service button in the services menu.
        edit: nevermind found the option. I'm curious if it works now =)

        1 Reply Last reply Reply Quote 0
        • B Offline
          BBcan177 Moderator
          last edited by Feb 22, 2017, 4:23 PM

          Update Tab… Then select "Reload", then select "DNSBL"

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          • C Offline
            cooLopke
            last edited by Feb 22, 2017, 4:36 PM Feb 22, 2017, 4:29 PM

            @BBcan177:

            Update Tab… Then select "Reload", then select "DNSBL"

            I've done this, I notice:

            Assembling database… completed
            Executing TLD
            TLD analysis. completed
            Finalizing TLD...  completed

            Original    Matches    Removed    Final

            70323      13753      38234      32089

            Validating database... Skipped [ 02/22/17 17:28:31 ]
            Reloading Unbound…. completed
            DNSBL update [ 32089 | PASSED  ]… completed

            However the ads of googleadservices.com (google shopping) are still appearing when I search in google :(. I don't understand. Browser cache cleared.

            edit: added googleadservices to TLD blacklist:

            Executing TLD
            Blocking full TLD/Sub-Domain(s)... |googleadservices|steepto| completed
            TLD analysis. completed

            After that I still notice the google shopping ads. However the steepto ads are not appearing, so that is working!

            1 Reply Last reply Reply Quote 0
            • B Offline
              BBcan177 Moderator
              last edited by Feb 22, 2017, 4:35 PM

              Run these commands to see whats listed in DNSBL:

              grep "googleadservices.com" /var/db/pfblockerng/dnsbl/*
              grep "googleadservices.com" /var/unbound/pfb_dnsbl.conf
              

              So with TLD enabled, and any list posting "googleadservices.com", it should be blocking all sub-domains…

              Try to ping those domains:

              ping googleadservices.com
              ping www.googleadservices.com
              

              If they are listed above, then they should reply back with the DNSBL VIP address…

              Check you settings to make sure your LAN device browser/OS is not caching the domain, and that you don't have another DNS server listed and causing the DNS request to be bypassed...

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • B Offline
                BBcan177 Moderator
                last edited by Feb 22, 2017, 4:39 PM

                edit: added googleadservices to TLD blacklist:

                Executing TLD
                Blocking full TLD/Sub-Domain(s)… |googleadservices|steepto| completed
                TLD analysis. completed

                You don't want to add domains to the TLD Blacklist… The TLD Blacklist is used to block a TLD... like "ru" or "cn" or "top" or "pw" etc...

                If you want to add Domains to be blocked... you can add them to a DNSBL Group - Customlist at the bottom of any DNSBL Group page...

                "Experience is something you don't get until just after you need it."

                Website: http://pfBlockerNG.com
                Twitter: @BBcan177  #pfBlockerNG
                Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                1 Reply Last reply Reply Quote 0
                • C Offline
                  cooLopke
                  last edited by Feb 22, 2017, 4:56 PM

                  @BBcan177:

                  edit: added googleadservices to TLD blacklist:

                  Executing TLD
                  Blocking full TLD/Sub-Domain(s)… |googleadservices|steepto| completed
                  TLD analysis. completed

                  You don't want to add domains to the TLD Blacklist… The TLD Blacklist is used to block a TLD... like "ru" or "cn" or "top" or "pw" etc...

                  If you want to add Domains to be blocked... you can add them to a DNSBL Group - Customlist at the bottom of any DNSBL Group page...

                  Ok, I'll do that. Thanks. Ok, so steepto is working, If I ping to googleadservices.com I get the DNSBL VIP address. So that's working. I'll grep the output later, because I don't have that mucht time at the moment.

                  Now I noticed the elements in google are from www.google.be itself, so probably that's why it isn't blocked I guess? However when I click on the link it redirects to googleadservices.com which results in a blank screen. So I guess there is no possible way to remove those ads in google search? If I use the ublock origin plugin in google chrome, it is blocking the advertising links, so I thought it would also work with pfBlockerNG.

                  1 Reply Last reply Reply Quote 0
                  • C Offline
                    cooLopke
                    last edited by Feb 23, 2017, 6:46 AM

                    @BBcan177:

                    Run these commands to see whats listed in DNSBL:

                    grep "googleadservices.com" /var/db/pfblockerng/dnsbl/*
                    grep "googleadservices.com" /var/unbound/pfb_dnsbl.conf
                    

                    So with TLD enabled, and any list posting "googleadservices.com", it should be blocking all sub-domains…

                    Try to ping those domains:

                    ping googleadservices.com
                    ping www.googleadservices.com
                    

                    If they are listed above, then they should reply back with the DNSBL VIP address…

                    Check you settings to make sure your LAN device browser/OS is not caching the domain, and that you don't have another DNS server listed and causing the DNS request to be bypassed...

                    This is the output for the 1st command:

                    /var/db/pfblockerng/dnsbl/yoyo.txt:local-data: "googleadservices.com 60 IN A 10.10.10.1"
                    

                    The second command:

                    local-zone: "googleadservices.com" redirect local-data: "googleadservices.com 60 IN A 10.10.10.1"
                    

                    I think everyting is ok, If I ping I get a reply of the 10.10.10.1 interface (DNSBL VIP address), but I guess it's because the elements are from google itself. I also have it with adaway on my mobile phone, only with adblock plugins the advertising links are not appearing. How can the adblock plugins determine that, don't they work the same way?

                    Thanks for your help BB.

                    1 Reply Last reply Reply Quote 0
                    • B Offline
                      BBcan177 Moderator
                      last edited by Feb 28, 2017, 2:51 AM

                      @cooLopke:

                      So I guess there is no possible way to remove those ads in google search?

                      DNSBL can't manipulate the Web page like a browser extension. So when you see (AD) in Google search, clicking on those may result in a blank page since DNSBL may be blocking those domains.

                      "Experience is something you don't get until just after you need it."

                      Website: http://pfBlockerNG.com
                      Twitter: @BBcan177  #pfBlockerNG
                      Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                      1 Reply Last reply Reply Quote 0
                      16 out of 16
                      • First post
                        16/16
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                        This community forum collects and processes your personal information.
                        consent.not_received