PfblockerNG 2.0.17 woes



  • Hello all,

    Since I upgraded to latest version of pfblockerNG and pfsense I noticed pfblockerNG no longer works as it should.

    First issue (to be confirmed it is):
    I am pretty sure I had several aliases under ipv4 and each alias had several lists.  Now I just noticed that all lists are grouped under a single alias and most of the lists have the same identifiers (or whatever the last column on the right is used for).  Since I am not 100% sure the lists were separated in multiple aliases I cannot confirm this as an issue but I wonder if this will work???

    Second issue:
    I am also using DNSBL, I managed to create several feeds each pointing to a text file stored on a remote server on LAN.  pfblockerNG does not report problems to retrieve these lists.  The issue is that in my lists I am using web adresses without the "www." part.  For example

    oracle.com
    instagram.com
    pinterest.com
    virtualbox.com
    dailymail.co.uk
    liveleak.com
    somalinet.com
    

    If I remember correctly, I had to truncate the "www." otherwise pfblockerNG wouldn't work with the adresses.  Anyways now, pfblockerNG blocks the sites, but if I add the "www." part in the browser's address bar, the website is no longer blocked by pfblockerNG.

    For example, in one feed I have "facebook.com".  If I enter "facebook.com" in a web browser, I get a blank page with a single white pixel at the center (I assume pfblockerNG works).  If I enter "www.facebook.com", it just loads no problem.  I confirm this is true for everything in my feeds.  I tried adding an entry such as "www.facebook.com" in my feed source, but I still can access the site.

    Third issue:
    There are a few sites in my DNSBL feeds that I can access although they are in my DNSBL feeds.  For example pinterest.com even if it is added in my feeds as "pinterest.com".

    I am not sure how to debug this or if this is due to misconfig or a corruption between upgrades??


  • Moderator

    Ensure that you are using a unique Header/Label for each List in the IPv4 tab.

    DNSBL will block only the listed Domain, and not any Sub-Domains… So if www.example.com is listed, then that is what gets blocked, and not example.com (and vice-versa)....

    The new pending 2.1.1 version will have TLD feature which will allow for the blocking of the entire Domain/Sub-Domains...

    See this thread:
    https://forum.pfsense.org/index.php?topic=115357.0



  • BBCan177 you're quick to reply!!!  THanks!

    Yes I have modified the headers/labels (thats the name I was searching for…) to be unique ones.

    Is it just normal for me to find all my lists under a single Alias named "CustomBlockedLists"??  I really do not remember to have merged everything like that, unless I was drunk?  :o

    Looking forward to the TLD feature in pfblockerNG!!  This will save us from entering multiple domains, and simplify things...

    Thanks again!


Log in to reply