Unable to get DNSBL to work using pfBlockerNG

kiekar · Mar 2, 2017, 8:41 PM

Hello and thank you for your support. I made some screen shots of the logs but unfortunately I think it's still not working. For one thing I still see o packets on the widget.

When you browse to the VIP you should see 1x1px GIF.

I only see a blank screen on the edge and EI browser and a black screen on chrome when I enter in the browser 10.10.10.1.

I'm not quite sure what to make from the logs below.
.

RonpfS · Mar 2, 2017, 8:52 PM

The Alerts Tab will only show one blocked access for repeated blocks.
DNSBL.log will log all accesses.

You have to make sure that you lan devices use pfSense resolver for DNS resolution. Check the DNS configuration on the LAN devices.

To test, go to Firewall / pfBlockerNG / Log Browser / DNSBL files and test with some domain names that are listed in there.

kiekar · Mar 2, 2017, 9:16 PM

I selected from the adaway.txt file: www.smartadserver.com and entered it in the browser where by the site loaded.

Could the issue stem from me using PIA (Private Internet Access). I'm using DHCP static mappings.

RonpfS · Mar 2, 2017, 9:27 PM

So this Device does NOT use pfSense DNS Resolver for address resolution.
Leave the field empty as suggested

"Note: leave blank to use the system default DNS servers - this interface's IP if DNS Forwarder or Resolver is enabled, otherwise the servers configured on the General page. "

kiekar · Mar 2, 2017, 9:59 PM

Looks like it's working now I see more alerts now and the counter for the widget is increasing. The only anoyence is I have my antiviruis popping up. I do have one concern thow is may have a DNS leak now since I'm not using there DNS servers. I will need to do some tests

Can I have easylist and DNSBL working together?

RonpfS · Mar 2, 2017, 10:02 PM

@kiekar:

Can I have easylist and DNSBL working together?

Yes you can.

kiekar · Mar 2, 2017, 10:05 PM

Ok will try easylist. Once again thanks for your support, much appreciated.

RonpfS · Mar 2, 2017, 10:18 PM

@kiekar:

I do have one concern thow is may have a DNS leak now since I'm not using there DNS servers. I will need to do some tests

If you tests show DNS leaks, try configuring DNS resolver in Forwarding mode.

kiekar · Mar 4, 2017, 3:01 AM

Well I'm Back,

Unfortunately I'm unable to get both DNSBL and PIA working togeather. As soon as I remove the DNS Server IP address from the DHCP Static mapping page, I get a DNS Leak when testing but the DNSBL is working perfectly. I tried enabling forwarding mode on DNS Resolver and adding the PIA DNS Server IP addresses to the DNS server settings at System / General Setup page but again still had the DNS leak when testing. Any other ideas would be much appreciated.

Regards

RonpfS · Mar 4, 2017, 3:27 AM

You should probably open a Topic in the DHCP and DNS forum now as DNS leaks don't come from DNSBL.

micropone · Mar 20, 2017, 10:04 PM

dont worry i'm in the same boat… after i updated to 2.3.3 all my list stopped working..i cant figure it out... none of my config changed... now i see porn and stupid ads...