Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfblocker blocks security.debian.org

    Scheduled Pinned Locked Moved pfBlockerNG
    15 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • RonpfSR
      RonpfS
      last edited by

      Well from what you typed debian.org is still in the DNSBL Whitelist...

      2.4.5-RELEASE-p1 (amd64)
      Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
      Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

      1 Reply Last reply Reply Quote 1
      • RonpfSR
        RonpfS
        last edited by RonpfS

        To find out the feed for debian, do this in a Shell cmd

        grep "debian.org" /var/db/pfblockerng/dnsbl/*.txt /var/db/pfblockerng/dnsblorig/*.orig /usr/local/pkg/pfblockerng/dnsbl_tld
        

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        P 1 Reply Last reply Reply Quote 1
        • P
          pooperman @RonpfS
          last edited by

          @RonpfS
          sorry to ask, but how do I do it?
          via execute command (browser UI?)
          or do I need to open up an SSH session?

          1 Reply Last reply Reply Quote 0
          • RonpfSR
            RonpfS
            last edited by

            Diagnostics / Command prompt is one way.

            2.4.5-RELEASE-p1 (amd64)
            Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
            Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

            1 Reply Last reply Reply Quote 2
            • P
              pooperman
              last edited by

              @RonpfS said in pfblocker blocks security.debian.org:

              grep "debian.org" /var/db/pfblockerng/dnsbl/.txt /var/db/pfblockerng/dnsblorig/.orig /usr/local/pkg/pfblockerng/dnsbl_tld

              safgsg.JPG

              1 Reply Last reply Reply Quote 0
              • RonpfSR
                RonpfS
                last edited by RonpfS

                @RonpfS said in pfblocker blocks security.debian.org:

                grep "debian.org" /var/db/pfblockerng/dnsbl/.txt /var/db/pfblockerng/dnsblorig/.orig /usr/local/pkg/pfblockerng/dnsbl_tld

                It doesn't seems you have debian.org in any DNSBL group....
                Add the dnsblalias/* to the grep :

                grep "debian.org" /var/db/pfblockerng/dnsbl/*.txt /var/db/pfblockerng/dnsblorig/*.orig /var/db/pfblockerng/dnsblalias/*  /usr/local/pkg/pfblockerng/dnsbl_tld
                

                Do you have it in any DNSBL Custom_List ?

                Why don't you post pfblockerng.log so we can put some light on you issue.

                2.4.5-RELEASE-p1 (amd64)
                Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                P 1 Reply Last reply Reply Quote 1
                • P
                  pooperman @RonpfS
                  last edited by

                  the log is just too big to post it in this forum, here is one run attached:
                  log.txt

                  1 Reply Last reply Reply Quote 0
                  • RonpfSR
                    RonpfS
                    last edited by RonpfS

                    You can also zip the log.

                    For all those URLs that gave you SSL certificate problem, change the State from ON to FLEX. Than run a Force Reload DNSBL.

                    You also have problem with your DNSBL Whitelist

                    TLD:
                    
                     TLD Whitelist - Missing data | heise.de/ | a.root-servers.net. nstld.verisign-grs.com. 2019041401 1800 900 604800 86400 |
                     TLD Whitelist web.de|82.165.230.17
                    
                     TLD Whitelist - Missing data | malwaredb.malekal.com | ns1.gandi.net. hostmaster.gandi.net. 1552922405 10800 3600 604800 10800 |
                     TLD Whitelist maxmind.com|104.16.38.47
                    
                     TLD Whitelist - Missing data | reputation.alienvault.com | reputation.alienvault.io. |
                     TLD Whitelist rules.emergingthreats.net|204.12.217.19
                    
                     TLD Whitelist - Missing data | login.live.com | login.msa.akadns6.net. |
                     TLD Whitelist debian.org|128.31.0.62
                     Blocking full TLD/Sub-Domain(s)... |cdn2.spiegel.de|cp.abbp1.com| completed
                    

                    Fix that first, click on the blue Infoblock to get it right. Again a Force Reload DNSBL for change to take effect.

                    2.4.5-RELEASE-p1 (amd64)
                    Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                    Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                    1 Reply Last reply Reply Quote 1
                    • P
                      pooperman
                      last edited by

                      thanks for your support,
                      will try to fix that and come back tomorrow.
                      one loading round takes about 20 minutes

                      1 Reply Last reply Reply Quote 0
                      • RonpfSR
                        RonpfS
                        last edited by

                        Well you have probably too many URLs.
                        Do you really need all the EasyList language ?

                        Also you are using some tables that haven't changed since 2014 : May 20 2014 Malekal_Hosts

                        Review the logs file to detect issues.

                        2.4.5-RELEASE-p1 (amd64)
                        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
                        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.