DNSBL service unable to enable

trewflight48

Novice user***
that's reallly lost..help me please.

I just cant get DNSBL to enable. When I run update - reload. I always get the same message. ---->

START OF MESSAGEthe reload update message*****************
[1607002644] unbound[6451:0] error: bind: address already in use
[1607002644] unbound[6451:0] fatal error: could not open ports

====================

Stopping Unbound Resolver..............................
Additional mounts:
Starting Unbound Resolver.. Not completed. [ 12/03/20 07:37:56 ]
[1607002676] unbound[13596:0] error: bind: address already in use
[1607002676] unbound[13596:0] fatal error: could not open ports
error: SSL handshake failed
1085559856:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:/usr/home/luiz/crossbuild/sources/FreeBSD-src/crypto/openssl/ssl/s3_clnt.c:1269:

*** DNSBL update [ 0 ] [ 445119 ] ... OUT OF SYNC ! *** [ 12/03/20 07:37:57 ]
END--------------------------------------------------------------------

trewflight48

@trewflight48
hit the submit button on accident.

I've also made sure the VIP address is something that nothing uses and I made sure the port doesnt conflict.

Also dpinger keeps on giving me these messages

thanks in advance.
Trewflight

trewflight48

Ok I solved the problem. This is what i did. I manually stopped the DNS resolver service and then re-enabled it; manually. Had to watch the update logs to be on point but I got it.

One thing is wierd though I dont understand why under Status/DNS Resolver it is a block status.

Under System/General Setup under the "DNS Server Settings" i have 2 dns server's ip's. i chose Cloudfares. I left the DNS Host name blank. Thats the only place anykind of DNS setting is placed.
Please help. Thanks.

Gertjan

@trewflight48 said in DNSBL service unable to enable:

under Status/DNS Resolver it is a block status.

Block status ?
All I see is an ongoing list like :

@trewflight48 said in DNSBL service unable to enable:

Also dpinger keeps on giving me these messages

It can reach the gateway - the IP it uses to ping, chose another one.

/etc/rc.packages

What pfBlockerNG version are you using ?
What pfSense version ?

unbound :

Your using a cert somewhere that is :

Expired as your credit card expires : you know what to do.

trewflight48

@gertjan
@Gertjan said Block Status ?

i'm using pfblockerNG-devel
and
2.4.5-RELEASE-p1 (arm64)
built on Tue Sep 15 10:30:40 EDT 2020
FreeBSD 11.3-STABLE

@Gertjan said "Your using a cert somewhere that is:

I didnt know i had one.

also wanted to point out i'm using a netgate 1100 bought from pfsense. It has vlans set up.
on General Setup should I even be setting DNS server?

Gertjan

@trewflight48 said in DNSBL service unable to enable:

on General Setup should I even be setting DNS server?

No.

Block status :
The Status / DNS Resolver page lists host names resolved by the resolver.
That list will never be empty, except maybe the first second or two after a reboot, with no devices connected on LAN.

The Status / DNS Resolver page has nothing to do with pfblockerNG-devel.

@trewflight48 said in DNSBL service unable to enable:

I didnt know i had one.

See System / Certificate Manager / Certificates and CA.

trewflight48

@gertjan

it's the pfSense webConfigurator Self-Signed Certificate

What should I do?

trewflight48

@trewflight48
gonna watch this video I guess I have alot to learn still.

How To Setup ACME, Let's Encrypt, and HAProxy HTTPS offloading on pfsense.