How define schedule time for DNSBL ?

reza3sw · Mar 17, 2019, 9:41 AM

Hello friends

How can I define schedule time for DNSBL ?

I'd set time for block or pass in diffrent time , can I do that ?

I did my custom schedule for floating rules, but did not work also I did my custom time in cron for stop service "pfb_filter" but this was didn't work
anywhere , anyone do you know?
Thanks advance

CyberMinion · Mar 18, 2019, 1:56 AM

Hmm....There is "Schedule" option for firewall rules (outside of DNSBL). If you could determine the IP(s) of the sites you want to block, you might be able to create standard firewall rules, but that could get messy and difficult very quickly. In theory, maybe use nslookup to find the IP you are resolving to, and block that on a schedule? It wouldn't work well for massive services like Google.

It's a bit of a longshot, and not the answer you were looking for, I expect.

reza3sw · Mar 18, 2019, 6:29 AM

Thanks for your reply

I'm checking firewall rule but there is one problem, when I'm using pfblockerng (DNSBL) in "DNSBL Custom_List" I created one of list url for blocking ,anywhere
This file "DNSBL Custom_List" was saved in this path /var/unbound/pfb_dnsbl.conf
This file path used in DNS Resolver in Custom option "server:include: /var/unbound/pfb_dnsbl.*conf"

Now problem started from there, even if you stop services of pfblocker or disable firewall rule , DNS Resolver through this path "/var/unbound/pfb_dnsbl.conf " can block those urls and I can't define time schedule for DNSBL , this problem is solved with delete this file but that is not good idea for schedule.

for your idea , I'm creating aliases url list but for big sites like "google,amazon,cloudflur,etc..." I'm having problem and That is not an operational idea

RonpfS · Mar 18, 2019, 6:52 AM

FW rules can be scheduled but they are for IPs space.

DNSBL is in Domain Name space. There is no scheduling for DNSBL.

reza3sw · Mar 18, 2019, 11:30 AM

@RonpfS Thanks
There is no way to schedule Pfblockerng DNSBL rules?
I'd like block windows update in special time , now with pfblockerng I can do this, but for all time ,but I want to block windows update in specified time e.g "8:00 AM to 6:00 PM" and in another time I want to pass windows update for client

I try this with squidguard but squidguard has very problem with client and HTTPS and etc ..... and not good idea
But pfblocker worked perfect.. just doesn't have schedule time for block or pass

RonpfS · Mar 19, 2019, 7:48 AM

@reza3sw said in How define schedule time for DNSBL ?:

There is no way to schedule Pfblockerng DNSBL rules?

There no such thing as DNSBL rules. DNSBL use unbound with it's tailored pfb_dnsbl.conf file to "intercept" DNS requests and sinkhole the answer to the VIP.

Maybe you could use IP FW rules with a table containing Windows Update IPs.

reza3sw · Mar 19, 2019, 7:48 AM

@RonpfS yes correct
Thanks again for your help and guidance

reza3sw · Mar 19, 2019, 1:15 PM

I found one solution for schedule time "pfb_dnsbl"
In this solution you can define multi Cronjob for this action

You can define Cron job for change name e.g : "pfb_dnsbl.conf"

And create another cron job for stop service "pfb_dnsbl"
And create another cron job for restart "unbound" at your preferred time

It is very easy and practical

Also you can change those jobs to default at your preferred time

tinetserv · Nov 24, 2019, 12:27 AM

Hey have you tested this DNSBL with time solution ? can you share details how to write commands for each cron job ?.... been using dnsbl works great... would be very nice to work with schedules like you said....

mucip · Jun 30, 2021, 12:40 PM

Hi @reza3sw ,
This is very old post but I want to ask in anyway.
Please could you decribe little bit more about your process?

Regards,
Mucip:)