Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG-devel DNSBL whitelist not working

    Scheduled Pinned Locked Moved pfBlockerNG
    6 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      krbvroc1
      last edited by krbvroc1

      After everyones recommendation to update to -devel instead of using stable, I went ahead and did it last night. I started fresh (uninstalled/did not keep previous settings)

      Trying to log into a website whose login modal is tied into tags.tiqcdn.com. Even though this is in my whitelist, it is not being whitelisted!

      Firefox dev:
      7a7427ef-6d72-45dc-be80-a565a4a9d295-image.png

      Reports/Alerts:
      92e5def2-99bc-4d5a-b4d0-7bbb0ab1c53e-image.png

      Notice the unlocked/padlock? If I mouse over it...
      ee0a07d2-aae3-4b32-8523-58e90f496b6e-image.png

      If it is in the whitelist then why is it being blocked? If I visit the URL I get the invalid Firefox certificate warning for CN_DNSBL.

      And there are entries in dnsbl.log:

      DNSBL-HTTPS,Jan 25 12:51:21,tags.tiqcdn.com,192.168.2.101,Unknown,TLD,DNSBL_Ads,tiqcdn.com,Adaway,-

      So frustrating...

      1 Reply Last reply Reply Quote 0
      • provelsP
        provels
        last edited by

        Change your tags.tiqcdn.com Whitelist entry to .tiqcdn.com only.

        Peder

        MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

        1 Reply Last reply Reply Quote 0
        • K
          krbvroc1
          last edited by

          @provels said in pfBlockerNG-devel DNSBL whitelist not working:

          Change your tags.tiqcdn.com Whitelist entry to .tiqcdn.com only.

          Hi @provels .. can you explain why that is needed versus what I did? I only want to whitelist tags.tiqcdn.com, I don't want other subdomains of tiqcdn.com whitelisted.

          NollipfSenseN 1 Reply Last reply Reply Quote 0
          • NollipfSenseN
            NollipfSense @krbvroc1
            last edited by

            @krbvroc1 said in pfBlockerNG-devel DNSBL whitelist not working:

            @provels said in pfBlockerNG-devel DNSBL whitelist not working:

            Change your tags.tiqcdn.com Whitelist entry to .tiqcdn.com only.

            Hi @provels .. can you explain why that is needed versus what I did? I only want to whitelist tags.tiqcdn.com, I don't want other subdomains of tiqcdn.com whitelisted.

            Here, you can list tags.tiqcdn.com however, you'll need to uncheck the TLD box...see image below. It usually takes twenty-four hrs to implement also, like it's a part of a cache file.

            Screen Shot 2020-01-25 at 8.05.41 PM.png

            pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
            pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

            RonpfSR 1 Reply Last reply Reply Quote 0
            • RonpfSR
              RonpfS @NollipfSense
              last edited by RonpfS

              @NollipfSense said in pfBlockerNG-devel DNSBL whitelist not working:

              you'll need to uncheck the TLD box.

              There is another way to do it and keep using the TLD :

              • Add tiqcdn.com to the TLD Exclusion List
              • Remove tags.tiqcdn.com from the Whitelist
              • Remove .tiqcdn.com from the Whitelist
              • Run a Force Reload DNSBL

              Access tags.tiqcdn.com,if it is still blocked, whitelist it using the Alert Tab "+" icon.

              2.4.5-RELEASE-p1 (amd64)
              Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
              Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

              NollipfSenseN 1 Reply Last reply Reply Quote 0
              • NollipfSenseN
                NollipfSense @RonpfS
                last edited by

                @RonpfS said in pfBlockerNG-devel DNSBL whitelist not working:

                @NollipfSense There is another way to do it.

                • Add tiqcdn.com to the TLD Exclusion List
                • Remove tags.tiqcdn.com from the Whitelist
                • Remove .tiqcdn.com from the Whitelist
                • Run a Force Reload DNSBL

                Access tags.tiqcdn.com,if it is still blocked, whitelist it using the Alert Tab "+" icon.

                Thank you for sharing...I learned something new today, awesome!

                pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.