DNSBL blocking Youtube???



  • Hi,
    Seeing a strange issue with DNSBL, keep getting the following when going to you tube

    The owner of www.youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

    This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

    It say the certificate is self signed.

    This has only just started happening in the last few days, turning off DNSBL resolves the issue.
    I've tried White Listing youtube and this makes no difference, I have the logging turned on and it shows youtube but also says its in the whitelist, it doesn't show as being on any blacklists so why is it trying to redirect to 10.0.0.1

    Any help would be very much appreciated.



  • Go to Firewall / pfBlockerNG / Alerts
    You will see what sites DNSBL blocked. Hover on the "+" whitelist icon for option on how to whitelist site.



  • @jwalhous:

    Hi,
    Seeing a strange issue with DNSBL, keep getting the following when going to you tube

    The owner of www.youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

    This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

    It say the certificate is self signed.

    This has only just started happening in the last few days, turning off DNSBL resolves the issue.
    I've tried White Listing youtube and this makes no difference, I have the logging turned on and it shows youtube but also says its in the whitelist, it doesn't show as being on any blacklists so why is it trying to redirect to 10.0.0.1

    Any help would be very much appreciated.

    I am seeing the same thing with youtube.com. It gets logged in the Alerts tap as blocked with "No Match" as the source. Happens randomly on all my devices, iPhones/iPads/AppleTV/PCs. Switching wifi off and back on the device having the issue resolves it. Adding to whitelist and forcing a reload of the DNSBL list under pfBlockerNG has no effect.

    Looks like an issue with the latest update of the pfBlocker. I am running pfBlockerNG version 2.1.1_2. pfSense version 2.3.2.



  • When it is Whitelisted, is shows as a no match.

    Did you flush the DNS cache on the client ?

    www.youtube.com also is a CNAME youtube-ui.l.google.com
    you may have to whitelist the CNAME as well.

    drill @8.8.8.8 www.youtube.com
    
    ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 29949
    ;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
    ;; QUESTION SECTION:
    ;; www.youtube.com.	IN	A
    
    ;; ANSWER SECTION:
    www.youtube.com.	21599	IN	CNAME	youtube-ui.l.google.com.
    youtube-ui.l.google.com.	299	IN	A	205.237.38.114
    youtube-ui.l.google.com.	299	IN	A	205.237.38.123
    youtube-ui.l.google.com.	299	IN	A	205.237.38.118
    youtube-ui.l.google.com.	299	IN	A	205.237.38.119
    youtube-ui.l.google.com.	299	IN	A	205.237.38.120
    youtube-ui.l.google.com.	299	IN	A	205.237.38.113
    youtube-ui.l.google.com.	299	IN	A	205.237.38.121
    youtube-ui.l.google.com.	299	IN	A	205.237.38.117
    youtube-ui.l.google.com.	299	IN	A	205.237.38.122
    youtube-ui.l.google.com.	299	IN	A	205.237.38.116
    youtube-ui.l.google.com.	299	IN	A	205.237.38.112
    youtube-ui.l.google.com.	299	IN	A	205.237.38.115
    
    ;; AUTHORITY SECTION:
    
    ;; ADDITIONAL SECTION:
    
    ;; Query time: 216 msec
    ;; SERVER: 8.8.8.8
    ;; WHEN: Sat Aug  6 22:11:23 2016
    ;; MSG SIZE  rcvd: 259
    
    

    If you clicked on the "+" icon, it should have put the CNAME to the Custom Domain Whitelist



  • Thanks for your replies, both those entries are in the whitelist but it makes no difference, I temporary disabled the feeds and only using the easy list which seems to work, however not many ads are getting blocked now :-(
    I did flush the dns cache and it doesn't help.



  • And you ran a Force Reload DNSBL when you whitelisted the site ?

    Goto into dev mode in the browser (F12). Then goto "console" and see what's being blocked when he loads that webpage.


  • Galactic Empire

    I think one of the built in blocklists had certain YouTube IP's blacklisted, it happened to me as well. I just updated feeds and problem is gone.



  • Updated the dnsbl feeds today and it apears to be all good again, thanks everyone for your suggestions and help :-)



  • @ivor:

    I think one of the built in blocklists had certain YouTube IP's blacklisted, it happened to me as well. I just updated feeds and problem is gone.

    I updated the feeds and that seems to have resolved the issue. Thanks everyone.


Log in to reply