DNSBL doesn't work
-
Hi team, I have installed pfBlockerNG in pfsense but the issue is on DNSBL it doesn't direct the blocked sites to Virtual IP. When I checked the errors logs am seeing this message [ DNSBL FAIL ] [ Skipping : Social ] what could be the issue?
-
You want to see :
?
You can !
Visit https://10.10.10.1:8443, acknowledge all the browser alerts, no risk as you are visiting a web server on your router/firewall that is administered by you - and you'll see it.
ok .... that was a joke.The virtual-pfBlockerNG webserver uses it's own certificate, which says that it is not facebook, Istagram or Twitter etc.
Your browser want to visit a social network site, but finds something else.Now, think. What happens ? You already know it ! ;)
At best : you see the browser error message that states that it block the 'site' because the it's answer wasn't the social network.
Worst : the certificate the virtual-pfBlockerNG webserver is is a self signed. So the browser (probably) doesn't even bother showing you something.
Both reactions are what you want to happen.
So : question solved.The idea of using an isolated Ip with a low-bud web browser to show people that the content the browser is looking for is blocked has no real meaning any more.
You do not want to see the banner (image above) because you are against MITM, right ?
Btw :
You said "pfBlockerNG " : that one is very old.
pfBlockerNGpfBlockerNG-devel is about to get retired.
Version 3+fraction came out today. -
The issue is I don't want to see the page you mentioned above, but I can still access Youtube, Twitter, etc. while I blocked them. When I check error logs it says the [ DNSBL FAIL ] [ Skipping : Social ].
-
Actually, some thinking on my side was needed ;)
@Abdulkarim said in DNSBL doesn't work:
[ DNSBL FAIL ] [ Skipping : Social ].
Do you see this message in an pfBlocker 'update log' ?
Doesn't this mean that the download of feed that implements social blocking failed ? Which would explain the non blocking.Can you give more info / context ?