Unable to get DNSBL to work using pfBlockerNG

kiekar

Hello and thank you for your support. I made some screen shots of the logs but unfortunately I think it's still not working. For one thing I still see o packets on the widget.

When you browse to the VIP you should see 1x1px GIF.

I only see a blank screen on the edge and EI browser and a black screen on chrome when I enter in the browser 10.10.10.1.

I'm not quite sure what to make from the logs below.
.

DNSBL-Alert.jpg_thumb

DNSB-Logs.jpg_thumb

RonpfS

The Alerts Tab will only show one blocked access for repeated blocks.
DNSBL.log will log all accesses.

You have to make sure that you lan devices use pfSense resolver for DNS resolution. Check the DNS configuration on the LAN devices.

To test, go to Firewall / pfBlockerNG / Log Browser / DNSBL files and test with some domain names that are listed in there.

kiekar

I selected from the adaway.txt file: www.smartadserver.com and entered it in the browser where by the site loaded.

Could the issue stem from me using PIA (Private Internet Access). I'm using DHCP static mappings.

Static-Mappings.jpg_thumb

DNS-Resolver.jpg_thumb

RonpfS

So this Device does NOT use pfSense DNS Resolver for address resolution.
Leave the field empty as suggested

"Note: leave blank to use the system default DNS servers - this interface's IP if DNS Forwarder or Resolver is enabled, otherwise the servers configured on the General page. "

kiekar

Looks like it's working now I see more alerts now and the counter for the widget is increasing. The only anoyence is I have my antiviruis popping up. I do have one concern thow is may have a DNS leak now since I'm not using there DNS servers. I will need to do some tests

Can I have easylist and DNSBL working together?

DNSBL-Alert2.jpg_thumb

Antivirus.jpg_thumb

RonpfS

@kiekar:

Can I have easylist and DNSBL working together?

Yes you can.

kiekar

Ok will try easylist. Once again thanks for your support, much appreciated.

RonpfS

@kiekar:

I do have one concern thow is may have a DNS leak now since I'm not using there DNS servers. I will need to do some tests

If you tests show DNS leaks, try configuring DNS resolver in Forwarding mode.

kiekar

Well I'm Back,

Unfortunately I'm unable to get both DNSBL and PIA working togeather. As soon as I remove the DNS Server IP address from the DHCP Static mapping page, I get a DNS Leak when testing but the DNSBL is working perfectly. I tried enabling forwarding mode on DNS Resolver and adding the PIA DNS Server IP addresses to the DNS server settings at System / General Setup page but again still had the DNS leak when testing. Any other ideas would be much appreciated.

Regards

RonpfS

You should probably open a Topic in the DHCP and DNS forum now as DNS leaks don't come from DNSBL.

micropone

dont worry i'm in the same boat… after i updated to 2.3.3 all my list stopped working..i cant figure it out... none of my config changed... now i see porn and stupid ads...