Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfblocker blocks security.debian.org

    Scheduled Pinned Locked Moved pfBlockerNG
    15 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • RonpfSR
      RonpfS
      last edited by RonpfS

      Well did you look at pfblockerng.log to see what is done ? Do you see debian anywhere in the processing ? Do you have TLD enabled ?

      2.4.5-RELEASE-p1 (amd64)
      Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
      Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

      1 Reply Last reply Reply Quote 1
      • P
        pooperman
        last edited by

        TLD Whitelist debian.org|128.31.0.62

        yes, it is included
        yes, TLD enabled

        1 Reply Last reply Reply Quote 0
        • RonpfSR
          RonpfS
          last edited by

          Well from what you typed debian.org is still in the DNSBL Whitelist...

          2.4.5-RELEASE-p1 (amd64)
          Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
          Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

          1 Reply Last reply Reply Quote 1
          • RonpfSR
            RonpfS
            last edited by RonpfS

            To find out the feed for debian, do this in a Shell cmd

            grep "debian.org" /var/db/pfblockerng/dnsbl/*.txt /var/db/pfblockerng/dnsblorig/*.orig /usr/local/pkg/pfblockerng/dnsbl_tld

            2.4.5-RELEASE-p1 (amd64)
            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

            P 1 Reply Last reply Reply Quote 1
            • P
              pooperman @RonpfS
              last edited by

              @RonpfS
              sorry to ask, but how do I do it?
              via execute command (browser UI?)
              or do I need to open up an SSH session?

              1 Reply Last reply Reply Quote 0
              • RonpfSR
                RonpfS
                last edited by

                Diagnostics / Command prompt is one way.

                2.4.5-RELEASE-p1 (amd64)
                Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                1 Reply Last reply Reply Quote 2
                • P
                  pooperman
                  last edited by

                  @RonpfS said in pfblocker blocks security.debian.org:

                  grep "debian.org" /var/db/pfblockerng/dnsbl/.txt /var/db/pfblockerng/dnsblorig/.orig /usr/local/pkg/pfblockerng/dnsbl_tld

                  safgsg.JPG

                  1 Reply Last reply Reply Quote 0
                  • RonpfSR
                    RonpfS
                    last edited by RonpfS

                    @RonpfS said in pfblocker blocks security.debian.org:

                    grep "debian.org" /var/db/pfblockerng/dnsbl/.txt /var/db/pfblockerng/dnsblorig/.orig /usr/local/pkg/pfblockerng/dnsbl_tld

                    It doesn't seems you have debian.org in any DNSBL group....
                    Add the dnsblalias/* to the grep :

                    grep "debian.org" /var/db/pfblockerng/dnsbl/*.txt /var/db/pfblockerng/dnsblorig/*.orig /var/db/pfblockerng/dnsblalias/*  /usr/local/pkg/pfblockerng/dnsbl_tld

                    Do you have it in any DNSBL Custom_List ?

                    Why don't you post pfblockerng.log so we can put some light on you issue.

                    2.4.5-RELEASE-p1 (amd64)
                    Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                    Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                    P 1 Reply Last reply Reply Quote 1
                    • P
                      pooperman @RonpfS
                      last edited by

                      the log is just too big to post it in this forum, here is one run attached:
                      log.txt

                      1 Reply Last reply Reply Quote 0
                      • RonpfSR
                        RonpfS
                        last edited by RonpfS

                        You can also zip the log.

                        For all those URLs that gave you SSL certificate problem, change the State from ON to FLEX. Than run a Force Reload DNSBL.

                        You also have problem with your DNSBL Whitelist

                        TLD:

 TLD Whitelist - Missing data | heise.de/ | a.root-servers.net. nstld.verisign-grs.com. 2019041401 1800 900 604800 86400 |
 TLD Whitelist web.de|82.165.230.17

 TLD Whitelist - Missing data | malwaredb.malekal.com | ns1.gandi.net. hostmaster.gandi.net. 1552922405 10800 3600 604800 10800 |
 TLD Whitelist maxmind.com|104.16.38.47

 TLD Whitelist - Missing data | reputation.alienvault.com | reputation.alienvault.io. |
 TLD Whitelist rules.emergingthreats.net|204.12.217.19

 TLD Whitelist - Missing data | login.live.com | login.msa.akadns6.net. |
 TLD Whitelist debian.org|128.31.0.62
 Blocking full TLD/Sub-Domain(s)... |cdn2.spiegel.de|cp.abbp1.com| completed

                        Fix that first, click on the blue Infoblock to get it right. Again a Force Reload DNSBL for change to take effect.

                        2.4.5-RELEASE-p1 (amd64)
                        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                        1 Reply Last reply Reply Quote 1
                        • P
                          pooperman
                          last edited by

                          thanks for your support,
                          will try to fix that and come back tomorrow.
                          one loading round takes about 20 minutes

                          1 Reply Last reply Reply Quote 0
                          • RonpfSR
                            RonpfS
                            last edited by

                            Well you have probably too many URLs.
                            Do you really need all the EasyList language ?

                            Also you are using some tables that haven't changed since 2014 : May 20 2014 Malekal_Hosts

                            Review the logs file to detect issues.

                            2.4.5-RELEASE-p1 (amd64)
                            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.