Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No DNSBL Blocking after scheduled update

    Scheduled Pinned Locked Moved pfBlockerNG
    11 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GrimsonG
      Grimson Banned @m0urs
      last edited by Grimson

      @m0urs said in No DNSBL Blocking after scheduled update:

      2.4.4-RELEASE-p1 / pfBlockerNG-devel 2.2.5_2

      Both are outdated, update and then report back with more information than that.

      1 Reply Last reply Reply Quote 0
      • RonpfSR
        RonpfS
        last edited by

        @grimson said in No DNSBL Blocking after scheduled update:

        Both are outdated,

        It's probably a Typo and he has 2.2.5_21

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        1 Reply Last reply Reply Quote 0
        • RonpfSR
          RonpfS @m0urs
          last edited by

          @m0urs said in No DNSBL Blocking after scheduled update:

          Has anyone an idea what might be the root cause here?

          Well without pfblockerng logs , systems logs or Resolver logs it's very difficult to debug.

          2.4.5-RELEASE-p1 (amd64)
          Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
          Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

          m0ursM 1 Reply Last reply Reply Quote 0
          • m0ursM
            m0urs @RonpfS
            last edited by

            Ok, the version number was indeed a copy & paste error. Sorry. Enclosed some log files. Let me know if you need more. The DNS Resolver log does not show any interesting. Last entry was yesterday after I rebootet the box. After reboot everything worked as it does after a manual reloading.

            The cron job is running daily, the update of my DNSBL is set to "Daily" and the time for "Daily" is set to 04:00. Right after that 04:00 updating task the blocking stopped which you can see in the logs as well.

            I did a manual reload at about 09:43 which should be in the logs as well. Afterwards everything worked again. You can see blocking starting in the log.

            Let me know which information you still might need. Thanks.

            0_1549098147589_logs.zip

            1 Reply Last reply Reply Quote 0
            • RonpfSR
              RonpfS
              last edited by RonpfS

              II see nothing wrong in the logs.

              Try with Resolver Live Sync disabled. You DNSBL db is small so Unbound should reload in a few seconds.

              2.4.5-RELEASE-p1 (amd64)
              Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
              Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

              m0ursM 1 Reply Last reply Reply Quote 0
              • m0ursM
                m0urs @RonpfS
                last edited by

                @ronpfs Thanks. It seems that solved the issue. I set that option in the past as I did hourly updates and I wanted to avoid that I had DNS blocked for about 30 seconds and more. As I changed the update to daily and did it in the night this option is not really necessary now. However: Any idea why it suddenly stopped working? I had set this option for weeks without any problems.

                1 Reply Last reply Reply Quote 0
                • RonpfSR
                  RonpfS
                  last edited by

                  It could be an issue with Resolver Live Sync when TLD isn't enabled.

                  2.4.5-RELEASE-p1 (amd64)
                  Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                  Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                  m0ursM 1 Reply Last reply Reply Quote 1
                  • m0ursM
                    m0urs @RonpfS
                    last edited by m0urs

                    @ronpfs Ok. However I had not enabled this option before. Nevertheless, I can live with the current config and I am waiting for the new version with Python support, which should avoid Unbound restarting anyhow as far as I understood ...

                    1 Reply Last reply Reply Quote 0
                    • T
                      tagit446
                      last edited by

                      @ronpfs said in No DNSBL Blocking after scheduled update:

                      Try with Resolver Live Sync disabled

                      I want to report that I am seeing the exact same issue and I am using pfSense 2.4.4-RELEASE-p2 (amd64) and pfBlockerNG 2.2.5.21. Doing a manual reload fixes issue until next cron run.

                      I do have Live Sync enabled and have TLD disabled. I'll disable the Live Sync and monitor for a few days then report back.

                      1 Reply Last reply Reply Quote 1
                      • T
                        tagit446
                        last edited by

                        Just wanted to report back that its been a few days and I can confirm that disabling Live Sync does indeed solve this issue for myself.

                        Since disabling, DNSBL has been blocking as it should after the cron runs.

                        Thanks for the tip on disabling the "Resolver Live Sync" @RonpfS

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.