DNSBL works but no Alerts are logged (SOLVED)
-
I've pfSense (now) latest (2.3.2-RELEASE-p1 (amd64) built on Tue Sep 27 12:13:07 CDT 2016 FreeBSD 10.3-RELEASE-p9) and have installed pfBlockerNG (2.1.1_4), configured IPv4 block/filter as well as DNSBL, everything looks good, however there are no alerts logged for DNSBL.
Note that blocked domains are correctly resolved to 10.10.10.1 and 10.10.10.1:8081 responds correctly, ADs are blocked, but still nothing is shown in the alerts DNSBL section. "Deny Alerts" for IPv4 block is fine.
In pfSense the file /var/log/pfblockerng/dnsbl.log does not exists.
In the DNSBL config page/tab "Enable Logging" is set to "Enabled", I also tried to enable "Global Logging" in General pfBlockerNG config page.Any suggestion on how to get alerts?
Thank you in advance.
SenseRider
-
I just found the problem!
For LAN I have firewall rules that allow/pass some ports and, at the end, a deny all rule. Apparently with this setum (i.e. no default allow rule) for DNSBL to work properly two rules need to be added:
on LAN, pass source any, destination 127.0.0.1 port 8081
on LAN, pass source any, destination 127.0.0.1 port 8443In fact, before this rules DNSBL was working…kind of, the browser was timing out to each blocked blockec dns/ip.
Hopefully this will help others newbe to pfBlockNG.
I take this as an opportunity to thank BBcan177 for the outstanding work!
SenseRider